diff options
author | Eric Paris <eparis@redhat.com> | 2008-04-18 10:12:59 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2008-04-28 06:19:22 -0400 |
commit | b556f8ad58c6e9f8f485c8cef7546e3fc82c382a (patch) | |
tree | e7a1c5ce313b6dec9727d69b08b5005dc35709a3 /kernel/audit.c | |
parent | f09ac9db2aafe36fde9ebd63c8c5d776f6e7bd41 (diff) |
Audit: standardize string audit interfaces
This patch standardized the string auditing interfaces. No userspace
changes will be visible and this is all just cleanup and consistancy
work. We have the following string audit interfaces to use:
void audit_log_n_hex(struct audit_buffer *ab, const unsigned char *buf, size_t len);
void audit_log_n_string(struct audit_buffer *ab, const char *buf, size_t n);
void audit_log_string(struct audit_buffer *ab, const char *buf);
void audit_log_n_untrustedstring(struct audit_buffer *ab, const char *string, size_t n);
void audit_log_untrustedstring(struct audit_buffer *ab, const char *string);
This may be the first step to possibly fixing some of the issues that
people have with the string output from the kernel audit system. But we
still don't have an agreed upon solution to that problem.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel/audit.c')
-rw-r--r-- | kernel/audit.c | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 520583d8ca1..5b9ad3dda88 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
@@ -757,8 +757,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
757 | 757 | ||
758 | audit_log_format(ab, " msg="); | 758 | audit_log_format(ab, " msg="); |
759 | size = nlmsg_len(nlh); | 759 | size = nlmsg_len(nlh); |
760 | audit_log_n_untrustedstring(ab, size, | 760 | audit_log_n_untrustedstring(ab, data, size); |
761 | data); | ||
762 | } | 761 | } |
763 | audit_set_pid(ab, pid); | 762 | audit_set_pid(ab, pid); |
764 | audit_log_end(ab); | 763 | audit_log_end(ab); |
@@ -1293,7 +1292,7 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) | |||
1293 | * This function will take the passed buf and convert it into a string of | 1292 | * This function will take the passed buf and convert it into a string of |
1294 | * ascii hex digits. The new string is placed onto the skb. | 1293 | * ascii hex digits. The new string is placed onto the skb. |
1295 | */ | 1294 | */ |
1296 | void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, | 1295 | void audit_log_n_hex(struct audit_buffer *ab, const unsigned char *buf, |
1297 | size_t len) | 1296 | size_t len) |
1298 | { | 1297 | { |
1299 | int i, avail, new_len; | 1298 | int i, avail, new_len; |
@@ -1329,8 +1328,8 @@ void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, | |||
1329 | * Format a string of no more than slen characters into the audit buffer, | 1328 | * Format a string of no more than slen characters into the audit buffer, |
1330 | * enclosed in quote marks. | 1329 | * enclosed in quote marks. |
1331 | */ | 1330 | */ |
1332 | static void audit_log_n_string(struct audit_buffer *ab, size_t slen, | 1331 | void audit_log_n_string(struct audit_buffer *ab, const char *string, |
1333 | const char *string) | 1332 | size_t slen) |
1334 | { | 1333 | { |
1335 | int avail, new_len; | 1334 | int avail, new_len; |
1336 | unsigned char *ptr; | 1335 | unsigned char *ptr; |
@@ -1386,13 +1385,13 @@ int audit_string_contains_control(const char *string, size_t len) | |||
1386 | * The caller specifies the number of characters in the string to log, which may | 1385 | * The caller specifies the number of characters in the string to log, which may |
1387 | * or may not be the entire string. | 1386 | * or may not be the entire string. |
1388 | */ | 1387 | */ |
1389 | void audit_log_n_untrustedstring(struct audit_buffer *ab, size_t len, | 1388 | void audit_log_n_untrustedstring(struct audit_buffer *ab, const char *string, |
1390 | const char *string) | 1389 | size_t len) |
1391 | { | 1390 | { |
1392 | if (audit_string_contains_control(string, len)) | 1391 | if (audit_string_contains_control(string, len)) |
1393 | audit_log_hex(ab, string, len); | 1392 | audit_log_n_hex(ab, string, len); |
1394 | else | 1393 | else |
1395 | audit_log_n_string(ab, len, string); | 1394 | audit_log_n_string(ab, string, len); |
1396 | } | 1395 | } |
1397 | 1396 | ||
1398 | /** | 1397 | /** |
@@ -1405,7 +1404,7 @@ void audit_log_n_untrustedstring(struct audit_buffer *ab, size_t len, | |||
1405 | */ | 1404 | */ |
1406 | void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) | 1405 | void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) |
1407 | { | 1406 | { |
1408 | audit_log_n_untrustedstring(ab, strlen(string), string); | 1407 | audit_log_n_untrustedstring(ab, string, strlen(string)); |
1409 | } | 1408 | } |
1410 | 1409 | ||
1411 | /* This is a helper-function to print the escaped d_path */ | 1410 | /* This is a helper-function to print the escaped d_path */ |