5 files changed, 48 insertions, 30 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index e38e3fc13ea8..961a417d641e 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -26,6 +26,7 @@
 #include <linux/sched.h>
 #include <linux/ptrace.h>
 #include <uapi/linux/audit.h>
+#include <linux/tty.h>
 #define AUDIT_INO_UNSET ((unsigned long)-1)
 #define AUDIT_DEV_UNSET ((dev_t)-1)
@@ -347,6 +348,23 @@ static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
        return tsk->sessionid;
 }
+static inline struct tty_struct *audit_get_tty(struct task_struct *tsk)
+{
+        struct tty_struct *tty = NULL;
+        unsigned long flags;
+        spin_lock_irqsave(&tsk->sighand->siglock, flags);
+        if (tsk->signal)
+                tty = tty_kref_get(tsk->signal->tty);
+        spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
+        return tty;
+}
+static inline void audit_put_tty(struct tty_struct *tty)
+{
+        tty_kref_put(tty);
+}
 extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
 extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
 extern void __audit_bprm(struct linux_binprm *bprm);
@@ -504,6 +522,12 @@ static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
 {
        return -1;
 }
+static inline struct tty_struct *audit_get_tty(struct task_struct *tsk)
+{
+        return NULL;
+}
+static inline void audit_put_tty(struct tty_struct *tty)
+{ }
 static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
 { }
 static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
diff --git a/include/linux/tty.h b/include/linux/tty.h
index 3b09f235db66..17b247c94440 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -371,6 +371,7 @@ extern void proc_clear_tty(struct task_struct *p);
 extern struct tty_struct *get_current_tty(void);
 /* tty_io.c */
 extern int __init tty_init(void);
+extern const char *tty_name(const struct tty_struct *tty);
 #else
 static inline void console_init(void)
 { }
@@ -391,6 +392,8 @@ static inline struct tty_struct *get_current_tty(void)
 /* tty_io.c */
 static inline int __init tty_init(void)
 { return 0; }
+static inline const char *tty_name(const struct tty_struct *tty)
+{ return "(none)"; }
 #endif
 extern struct ktermios tty_std_termios;
@@ -415,7 +418,6 @@ static inline struct tty_struct *tty_kref_get(struct tty_struct *tty)
        return tty;
 }
-extern const char *tty_name(const struct tty_struct *tty);
 extern const char *tty_driver_name(const struct tty_struct *tty);
 extern void tty_wait_until_sent(struct tty_struct *tty, long timeout);
 extern int __tty_check_change(struct tty_struct *tty, int sig);
diff --git a/kernel/audit.c b/kernel/audit.c
index 678c3f000191..22bb4f24f071 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -64,7 +64,6 @@
 #include <linux/security.h>
 #endif
 #include <linux/freezer.h>
-#include <linux/tty.h>
 #include <linux/pid_namespace.h>
 #include <net/netns/generic.h>
@@ -430,7 +429,6 @@ restart:
                                        attempts, audit_pid);
                                set_current_state(TASK_INTERRUPTIBLE);
                                schedule();
-                                __set_current_state(TASK_RUNNING);
                                goto restart;
                        }
                }
@@ -1341,15 +1339,14 @@ static inline void audit_get_stamp(struct audit_context *ctx,
 static long wait_for_auditd(long sleep_time)
 {
        DECLARE_WAITQUEUE(wait, current);
-        set_current_state(TASK_UNINTERRUPTIBLE);
-        add_wait_queue_exclusive(&audit_backlog_wait, &wait);
        if (audit_backlog_limit &&
-            skb_queue_len(&audit_skb_queue) > audit_backlog_limit)
+            skb_queue_len(&audit_skb_queue) > audit_backlog_limit) {
+                add_wait_queue_exclusive(&audit_backlog_wait, &wait);
+                set_current_state(TASK_UNINTERRUPTIBLE);
                sleep_time = schedule_timeout(sleep_time);
+                remove_wait_queue(&audit_backlog_wait, &wait);
-        __set_current_state(TASK_RUNNING);
+        }
-        remove_wait_queue(&audit_backlog_wait, &wait);
        return sleep_time;
 }
@@ -1890,21 +1887,14 @@ void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
 {
        const struct cred *cred;
        char comm[sizeof(tsk->comm)];
-        char *tty;
+        struct tty_struct *tty;
        if (!ab)
                return;
        /* tsk == current */
        cred = current_cred();
+        tty = audit_get_tty(tsk);
-        spin_lock_irq(&tsk->sighand->siglock);
-        if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
-                tty = tsk->signal->tty->name;
-        else
-                tty = "(none)";
-        spin_unlock_irq(&tsk->sighand->siglock);
        audit_log_format(ab,
                         " ppid=%d pid=%d auid=%u uid=%u gid=%u"
                         " euid=%u suid=%u fsuid=%u"
@@ -1920,11 +1910,11 @@ void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
                         from_kgid(&init_user_ns, cred->egid),
                         from_kgid(&init_user_ns, cred->sgid),
                         from_kgid(&init_user_ns, cred->fsgid),
-                         tty, audit_get_sessionid(tsk));
+                         tty ? tty_name(tty) : "(none)",
+                         audit_get_sessionid(tsk));
+        audit_put_tty(tty);
        audit_log_format(ab, " comm=");
        audit_log_untrustedstring(ab, get_task_comm(comm, tsk));
        audit_log_d_path_exe(ab, tsk->mm);
        audit_log_task_context(ab);
 }
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c
index 5efe9b299a12..25772476fa4a 100644
--- a/kernel/audit_tree.c
+++ b/kernel/audit_tree.c
@@ -661,10 +661,10 @@ static int tag_mount(struct vfsmount *mnt, void *arg)
 static int prune_tree_thread(void *unused)
 {
        for (;;) {
-                set_current_state(TASK_INTERRUPTIBLE);
+                if (list_empty(&prune_list)) {
-                if (list_empty(&prune_list))
+                        set_current_state(TASK_INTERRUPTIBLE);
                        schedule();
-                __set_current_state(TASK_RUNNING);
+                }
                mutex_lock(&audit_cmd_mutex);
                mutex_lock(&audit_filter_mutex);
@@ -693,16 +693,14 @@ static int audit_launch_prune(void)
 {
        if (prune_thread)
                return 0;
-        prune_thread = kthread_create(prune_tree_thread, NULL,
+        prune_thread = kthread_run(prune_tree_thread, NULL,
                                "audit_prune_tree");
        if (IS_ERR(prune_thread)) {
                pr_err("cannot start thread audit_prune_tree");
                prune_thread = NULL;
                return -ENOMEM;
-        } else {
-                wake_up_process(prune_thread);
-                return 0;
        }
+        return 0;
 }
 /* called with audit_filter_mutex */
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 7d0e3cf8abe1..62ab53d7619c 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1980,6 +1980,7 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
 {
        struct audit_buffer *ab;
        uid_t uid, oldloginuid, loginuid;
+        struct tty_struct *tty;
        if (!audit_enabled)
                return;
@@ -1987,14 +1988,17 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
        uid = from_kuid(&init_user_ns, task_uid(current));
        oldloginuid = from_kuid(&init_user_ns, koldloginuid);
        loginuid = from_kuid(&init_user_ns, kloginuid),
+        tty = audit_get_tty(current);
        ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);
        if (!ab)
                return;
        audit_log_format(ab, "pid=%d uid=%u", task_pid_nr(current), uid);
        audit_log_task_context(ab);
-        audit_log_format(ab, " old-auid=%u auid=%u old-ses=%u ses=%u res=%d",
+        audit_log_format(ab, " old-auid=%u auid=%u tty=%s old-ses=%u ses=%u res=%d",
-                         oldloginuid, loginuid, oldsessionid, sessionid, !rc);
+                         oldloginuid, loginuid, tty ? tty_name(tty) : "(none)",
+                         oldsessionid, sessionid, !rc);
+        audit_put_tty(tty);
        audit_log_end(ab);
 }

diff --git a/include/linux/audit.h b/include/linux/audit.h index e38e3fc13ea8..961a417d641e 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -26,6 +26,7 @@
26	#include <linux/sched.h>	26	#include <linux/sched.h>
27	#include <linux/ptrace.h>	27	#include <linux/ptrace.h>
28	#include <uapi/linux/audit.h>	28	#include <uapi/linux/audit.h>
		29	#include <linux/tty.h>
29		30
30	#define AUDIT_INO_UNSET ((unsigned long)-1)	31	#define AUDIT_INO_UNSET ((unsigned long)-1)
31	#define AUDIT_DEV_UNSET ((dev_t)-1)	32	#define AUDIT_DEV_UNSET ((dev_t)-1)
@@ -347,6 +348,23 @@ static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
347	return tsk->sessionid;	348	return tsk->sessionid;
348	}	349	}
349		350
		351	static inline struct tty_struct audit_get_tty(struct task_struct tsk)
		352	{
		353	struct tty_struct *tty = NULL;
		354	unsigned long flags;
		355
		356	spin_lock_irqsave(&tsk->sighand->siglock, flags);
		357	if (tsk->signal)
		358	tty = tty_kref_get(tsk->signal->tty);
		359	spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
		360	return tty;
		361	}
		362
		363	static inline void audit_put_tty(struct tty_struct *tty)
		364	{
		365	tty_kref_put(tty);
		366	}
		367
350	extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);	368	extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
351	extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);	369	extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
352	extern void __audit_bprm(struct linux_binprm *bprm);	370	extern void __audit_bprm(struct linux_binprm *bprm);
@@ -504,6 +522,12 @@ static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
504	{	522	{
505	return -1;	523	return -1;
506	}	524	}
		525	static inline struct tty_struct audit_get_tty(struct task_struct tsk)
		526	{
		527	return NULL;
		528	}
		529	static inline void audit_put_tty(struct tty_struct *tty)
		530	{ }
507	static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)	531	static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
508	{ }	532	{ }
509	static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,	533	static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,


diff --git a/include/linux/tty.h b/include/linux/tty.h index 3b09f235db66..17b247c94440 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h
@@ -371,6 +371,7 @@ extern void proc_clear_tty(struct task_struct *p);
371	extern struct tty_struct *get_current_tty(void);	371	extern struct tty_struct *get_current_tty(void);
372	/* tty_io.c */	372	/* tty_io.c */
373	extern int __init tty_init(void);	373	extern int __init tty_init(void);
		374	extern const char tty_name(const struct tty_struct tty);
374	#else	375	#else
375	static inline void console_init(void)	376	static inline void console_init(void)
376	{ }	377	{ }
@@ -391,6 +392,8 @@ static inline struct tty_struct *get_current_tty(void)
391	/* tty_io.c */	392	/* tty_io.c */
392	static inline int __init tty_init(void)	393	static inline int __init tty_init(void)
393	{ return 0; }	394	{ return 0; }
		395	static inline const char tty_name(const struct tty_struct tty)
		396	{ return "(none)"; }
394	#endif	397	#endif
395		398
396	extern struct ktermios tty_std_termios;	399	extern struct ktermios tty_std_termios;
@@ -415,7 +418,6 @@ static inline struct tty_struct tty_kref_get(struct tty_struct tty)
415	return tty;	418	return tty;
416	}	419	}
417		420
418	extern const char tty_name(const struct tty_struct tty);
419	extern const char tty_driver_name(const struct tty_struct tty);	421	extern const char tty_driver_name(const struct tty_struct tty);
420	extern void tty_wait_until_sent(struct tty_struct *tty, long timeout);	422	extern void tty_wait_until_sent(struct tty_struct *tty, long timeout);
421	extern int __tty_check_change(struct tty_struct *tty, int sig);	423	extern int __tty_check_change(struct tty_struct *tty, int sig);


diff --git a/kernel/audit.c b/kernel/audit.c index 678c3f000191..22bb4f24f071 100644 --- a/kernel/audit.c +++ b/kernel/audit.c
@@ -64,7 +64,6 @@
64	#include <linux/security.h>	64	#include <linux/security.h>
65	#endif	65	#endif
66	#include <linux/freezer.h>	66	#include <linux/freezer.h>
67	#include <linux/tty.h>
68	#include <linux/pid_namespace.h>	67	#include <linux/pid_namespace.h>
69	#include <net/netns/generic.h>	68	#include <net/netns/generic.h>
70		69
@@ -430,7 +429,6 @@ restart:
430	attempts, audit_pid);	429	attempts, audit_pid);
431	set_current_state(TASK_INTERRUPTIBLE);	430	set_current_state(TASK_INTERRUPTIBLE);
432	schedule();	431	schedule();
433	__set_current_state(TASK_RUNNING);
434	goto restart;	432	goto restart;
435	}	433	}
436	}	434	}
@@ -1341,15 +1339,14 @@ static inline void audit_get_stamp(struct audit_context *ctx,
1341	static long wait_for_auditd(long sleep_time)	1339	static long wait_for_auditd(long sleep_time)
1342	{	1340	{
1343	DECLARE_WAITQUEUE(wait, current);	1341	DECLARE_WAITQUEUE(wait, current);
1344	set_current_state(TASK_UNINTERRUPTIBLE);
1345	add_wait_queue_exclusive(&audit_backlog_wait, &wait);
1346		1342
1347	if (audit_backlog_limit &&	1343	if (audit_backlog_limit &&
1348	skb_queue_len(&audit_skb_queue) > audit_backlog_limit)	1344	skb_queue_len(&audit_skb_queue) > audit_backlog_limit) {
		1345	add_wait_queue_exclusive(&audit_backlog_wait, &wait);
		1346	set_current_state(TASK_UNINTERRUPTIBLE);
1349	sleep_time = schedule_timeout(sleep_time);	1347	sleep_time = schedule_timeout(sleep_time);
1350		1348	remove_wait_queue(&audit_backlog_wait, &wait);
1351	__set_current_state(TASK_RUNNING);	1349	}
1352	remove_wait_queue(&audit_backlog_wait, &wait);
1353		1350
1354	return sleep_time;	1351	return sleep_time;
1355	}	1352	}
@@ -1890,21 +1887,14 @@ void audit_log_task_info(struct audit_buffer ab, struct task_struct tsk)
1890	{	1887	{
1891	const struct cred *cred;	1888	const struct cred *cred;
1892	char comm[sizeof(tsk->comm)];	1889	char comm[sizeof(tsk->comm)];
1893	char *tty;	1890	struct tty_struct *tty;
1894		1891
1895	if (!ab)	1892	if (!ab)
1896	return;	1893	return;
1897		1894
1898	/* tsk == current */	1895	/* tsk == current */
1899	cred = current_cred();	1896	cred = current_cred();
1900		1897	tty = audit_get_tty(tsk);
1901	spin_lock_irq(&tsk->sighand->siglock);
1902	if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
1903	tty = tsk->signal->tty->name;
1904	else
1905	tty = "(none)";
1906	spin_unlock_irq(&tsk->sighand->siglock);
1907
1908	audit_log_format(ab,	1898	audit_log_format(ab,
1909	" ppid=%d pid=%d auid=%u uid=%u gid=%u"	1899	" ppid=%d pid=%d auid=%u uid=%u gid=%u"
1910	" euid=%u suid=%u fsuid=%u"	1900	" euid=%u suid=%u fsuid=%u"
@@ -1920,11 +1910,11 @@ void audit_log_task_info(struct audit_buffer ab, struct task_struct tsk)
1920	from_kgid(&init_user_ns, cred->egid),	1910	from_kgid(&init_user_ns, cred->egid),
1921	from_kgid(&init_user_ns, cred->sgid),	1911	from_kgid(&init_user_ns, cred->sgid),
1922	from_kgid(&init_user_ns, cred->fsgid),	1912	from_kgid(&init_user_ns, cred->fsgid),
1923	tty, audit_get_sessionid(tsk));	1913	tty ? tty_name(tty) : "(none)",
1924		1914	audit_get_sessionid(tsk));
		1915	audit_put_tty(tty);
1925	audit_log_format(ab, " comm=");	1916	audit_log_format(ab, " comm=");
1926	audit_log_untrustedstring(ab, get_task_comm(comm, tsk));	1917	audit_log_untrustedstring(ab, get_task_comm(comm, tsk));
1927
1928	audit_log_d_path_exe(ab, tsk->mm);	1918	audit_log_d_path_exe(ab, tsk->mm);
1929	audit_log_task_context(ab);	1919	audit_log_task_context(ab);
1930	}	1920	}


diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c index 5efe9b299a12..25772476fa4a 100644 --- a/kernel/audit_tree.c +++ b/kernel/audit_tree.c
@@ -661,10 +661,10 @@ static int tag_mount(struct vfsmount mnt, void arg)
661	static int prune_tree_thread(void *unused)	661	static int prune_tree_thread(void *unused)
662	{	662	{
663	for (;;) {	663	for (;;) {
664	set_current_state(TASK_INTERRUPTIBLE);	664	if (list_empty(&prune_list)) {
665	if (list_empty(&prune_list))	665	set_current_state(TASK_INTERRUPTIBLE);
666	schedule();	666	schedule();
667	__set_current_state(TASK_RUNNING);	667	}
668		668
669	mutex_lock(&audit_cmd_mutex);	669	mutex_lock(&audit_cmd_mutex);
670	mutex_lock(&audit_filter_mutex);	670	mutex_lock(&audit_filter_mutex);
@@ -693,16 +693,14 @@ static int audit_launch_prune(void)
693	{	693	{
694	if (prune_thread)	694	if (prune_thread)
695	return 0;	695	return 0;
696	prune_thread = kthread_create(prune_tree_thread, NULL,	696	prune_thread = kthread_run(prune_tree_thread, NULL,
697	"audit_prune_tree");	697	"audit_prune_tree");
698	if (IS_ERR(prune_thread)) {	698	if (IS_ERR(prune_thread)) {
699	pr_err("cannot start thread audit_prune_tree");	699	pr_err("cannot start thread audit_prune_tree");
700	prune_thread = NULL;	700	prune_thread = NULL;
701	return -ENOMEM;	701	return -ENOMEM;
702	} else {
703	wake_up_process(prune_thread);
704	return 0;
705	}	702	}
		703	return 0;
706	}	704	}
707		705
708	/* called with audit_filter_mutex */	706	/* called with audit_filter_mutex */


diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 7d0e3cf8abe1..62ab53d7619c 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c
@@ -1980,6 +1980,7 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
1980	{	1980	{
1981	struct audit_buffer *ab;	1981	struct audit_buffer *ab;
1982	uid_t uid, oldloginuid, loginuid;	1982	uid_t uid, oldloginuid, loginuid;
		1983	struct tty_struct *tty;
1983		1984
1984	if (!audit_enabled)	1985	if (!audit_enabled)
1985	return;	1986	return;
@@ -1987,14 +1988,17 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
1987	uid = from_kuid(&init_user_ns, task_uid(current));	1988	uid = from_kuid(&init_user_ns, task_uid(current));
1988	oldloginuid = from_kuid(&init_user_ns, koldloginuid);	1989	oldloginuid = from_kuid(&init_user_ns, koldloginuid);
1989	loginuid = from_kuid(&init_user_ns, kloginuid),	1990	loginuid = from_kuid(&init_user_ns, kloginuid),
		1991	tty = audit_get_tty(current);
1990		1992
1991	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);	1993	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);
1992	if (!ab)	1994	if (!ab)
1993	return;	1995	return;
1994	audit_log_format(ab, "pid=%d uid=%u", task_pid_nr(current), uid);	1996	audit_log_format(ab, "pid=%d uid=%u", task_pid_nr(current), uid);
1995	audit_log_task_context(ab);	1997	audit_log_task_context(ab);
1996	audit_log_format(ab, " old-auid=%u auid=%u old-ses=%u ses=%u res=%d",	1998	audit_log_format(ab, " old-auid=%u auid=%u tty=%s old-ses=%u ses=%u res=%d",
1997	oldloginuid, loginuid, oldsessionid, sessionid, !rc);	1999	oldloginuid, loginuid, tty ? tty_name(tty) : "(none)",
		2000	oldsessionid, sessionid, !rc);
		2001	audit_put_tty(tty);
1998	audit_log_end(ab);	2002	audit_log_end(ab);
1999	}	2003	}
2000		2004