diff options
Diffstat (limited to 'security/lsm_audit.c')
| -rw-r--r-- | security/lsm_audit.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 69fdf3bc765b..1d34277dc402 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c | |||
| @@ -211,7 +211,7 @@ static inline void print_ipv4_addr(struct audit_buffer *ab, __be32 addr, | |||
| 211 | static void dump_common_audit_data(struct audit_buffer *ab, | 211 | static void dump_common_audit_data(struct audit_buffer *ab, |
| 212 | struct common_audit_data *a) | 212 | struct common_audit_data *a) |
| 213 | { | 213 | { |
| 214 | struct task_struct *tsk = current; | 214 | char comm[sizeof(current->comm)]; |
| 215 | 215 | ||
| 216 | /* | 216 | /* |
| 217 | * To keep stack sizes in check force programers to notice if they | 217 | * To keep stack sizes in check force programers to notice if they |
| @@ -220,8 +220,8 @@ static void dump_common_audit_data(struct audit_buffer *ab, | |||
| 220 | */ | 220 | */ |
| 221 | BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2); | 221 | BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2); |
| 222 | 222 | ||
| 223 | audit_log_format(ab, " pid=%d comm=", task_pid_nr(tsk)); | 223 | audit_log_format(ab, " pid=%d comm=", task_pid_nr(current)); |
| 224 | audit_log_untrustedstring(ab, tsk->comm); | 224 | audit_log_untrustedstring(ab, memcpy(comm, current->comm, sizeof(comm))); |
| 225 | 225 | ||
| 226 | switch (a->type) { | 226 | switch (a->type) { |
| 227 | case LSM_AUDIT_DATA_NONE: | 227 | case LSM_AUDIT_DATA_NONE: |
| @@ -237,7 +237,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, | |||
| 237 | 237 | ||
| 238 | audit_log_d_path(ab, " path=", &a->u.path); | 238 | audit_log_d_path(ab, " path=", &a->u.path); |
| 239 | 239 | ||
| 240 | inode = a->u.path.dentry->d_inode; | 240 | inode = d_backing_inode(a->u.path.dentry); |
| 241 | if (inode) { | 241 | if (inode) { |
| 242 | audit_log_format(ab, " dev="); | 242 | audit_log_format(ab, " dev="); |
| 243 | audit_log_untrustedstring(ab, inode->i_sb->s_id); | 243 | audit_log_untrustedstring(ab, inode->i_sb->s_id); |
| @@ -251,7 +251,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, | |||
| 251 | audit_log_format(ab, " name="); | 251 | audit_log_format(ab, " name="); |
| 252 | audit_log_untrustedstring(ab, a->u.dentry->d_name.name); | 252 | audit_log_untrustedstring(ab, a->u.dentry->d_name.name); |
| 253 | 253 | ||
| 254 | inode = a->u.dentry->d_inode; | 254 | inode = d_backing_inode(a->u.dentry); |
| 255 | if (inode) { | 255 | if (inode) { |
| 256 | audit_log_format(ab, " dev="); | 256 | audit_log_format(ab, " dev="); |
| 257 | audit_log_untrustedstring(ab, inode->i_sb->s_id); | 257 | audit_log_untrustedstring(ab, inode->i_sb->s_id); |
| @@ -276,16 +276,19 @@ static void dump_common_audit_data(struct audit_buffer *ab, | |||
| 276 | audit_log_format(ab, " ino=%lu", inode->i_ino); | 276 | audit_log_format(ab, " ino=%lu", inode->i_ino); |
| 277 | break; | 277 | break; |
| 278 | } | 278 | } |
| 279 | case LSM_AUDIT_DATA_TASK: | 279 | case LSM_AUDIT_DATA_TASK: { |
| 280 | tsk = a->u.tsk; | 280 | struct task_struct *tsk = a->u.tsk; |
| 281 | if (tsk) { | 281 | if (tsk) { |
| 282 | pid_t pid = task_pid_nr(tsk); | 282 | pid_t pid = task_pid_nr(tsk); |
| 283 | if (pid) { | 283 | if (pid) { |
| 284 | char comm[sizeof(tsk->comm)]; | ||
| 284 | audit_log_format(ab, " pid=%d comm=", pid); | 285 | audit_log_format(ab, " pid=%d comm=", pid); |
| 285 | audit_log_untrustedstring(ab, tsk->comm); | 286 | audit_log_untrustedstring(ab, |
| 287 | memcpy(comm, tsk->comm, sizeof(comm))); | ||
| 286 | } | 288 | } |
| 287 | } | 289 | } |
| 288 | break; | 290 | break; |
| 291 | } | ||
| 289 | case LSM_AUDIT_DATA_NET: | 292 | case LSM_AUDIT_DATA_NET: |
| 290 | if (a->u.net->sk) { | 293 | if (a->u.net->sk) { |
| 291 | struct sock *sk = a->u.net->sk; | 294 | struct sock *sk = a->u.net->sk; |