diff options
-rw-r--r-- | arch/i386/kernel/ptrace.c | 7 | ||||
-rw-r--r-- | arch/i386/kernel/vm86.c | 2 | ||||
-rw-r--r-- | arch/ia64/kernel/ptrace.c | 4 | ||||
-rw-r--r-- | arch/mips/kernel/ptrace.c | 4 | ||||
-rw-r--r-- | arch/powerpc/kernel/ptrace.c | 5 | ||||
-rw-r--r-- | arch/s390/kernel/ptrace.c | 5 | ||||
-rw-r--r-- | arch/sparc64/kernel/ptrace.c | 5 | ||||
-rw-r--r-- | arch/um/kernel/ptrace.c | 6 | ||||
-rw-r--r-- | arch/x86_64/kernel/ptrace.c | 6 | ||||
-rw-r--r-- | include/linux/audit.h | 8 | ||||
-rw-r--r-- | kernel/auditsc.c | 8 |
11 files changed, 27 insertions, 33 deletions
diff --git a/arch/i386/kernel/ptrace.c b/arch/i386/kernel/ptrace.c index 506462ef36a..fd7eaf7866e 100644 --- a/arch/i386/kernel/ptrace.c +++ b/arch/i386/kernel/ptrace.c | |||
@@ -671,7 +671,7 @@ int do_syscall_trace(struct pt_regs *regs, int entryexit) | |||
671 | 671 | ||
672 | if (unlikely(current->audit_context)) { | 672 | if (unlikely(current->audit_context)) { |
673 | if (entryexit) | 673 | if (entryexit) |
674 | audit_syscall_exit(current, AUDITSC_RESULT(regs->eax), | 674 | audit_syscall_exit(AUDITSC_RESULT(regs->eax), |
675 | regs->eax); | 675 | regs->eax); |
676 | /* Debug traps, when using PTRACE_SINGLESTEP, must be sent only | 676 | /* Debug traps, when using PTRACE_SINGLESTEP, must be sent only |
677 | * on the syscall exit path. Normally, when TIF_SYSCALL_AUDIT is | 677 | * on the syscall exit path. Normally, when TIF_SYSCALL_AUDIT is |
@@ -720,14 +720,13 @@ int do_syscall_trace(struct pt_regs *regs, int entryexit) | |||
720 | ret = is_sysemu; | 720 | ret = is_sysemu; |
721 | out: | 721 | out: |
722 | if (unlikely(current->audit_context) && !entryexit) | 722 | if (unlikely(current->audit_context) && !entryexit) |
723 | audit_syscall_entry(current, AUDIT_ARCH_I386, regs->orig_eax, | 723 | audit_syscall_entry(AUDIT_ARCH_I386, regs->orig_eax, |
724 | regs->ebx, regs->ecx, regs->edx, regs->esi); | 724 | regs->ebx, regs->ecx, regs->edx, regs->esi); |
725 | if (ret == 0) | 725 | if (ret == 0) |
726 | return 0; | 726 | return 0; |
727 | 727 | ||
728 | regs->orig_eax = -1; /* force skip of syscall restarting */ | 728 | regs->orig_eax = -1; /* force skip of syscall restarting */ |
729 | if (unlikely(current->audit_context)) | 729 | if (unlikely(current->audit_context)) |
730 | audit_syscall_exit(current, AUDITSC_RESULT(regs->eax), | 730 | audit_syscall_exit(AUDITSC_RESULT(regs->eax), regs->eax); |
731 | regs->eax); | ||
732 | return 1; | 731 | return 1; |
733 | } | 732 | } |
diff --git a/arch/i386/kernel/vm86.c b/arch/i386/kernel/vm86.c index aee14fafd13..00e0118e717 100644 --- a/arch/i386/kernel/vm86.c +++ b/arch/i386/kernel/vm86.c | |||
@@ -312,7 +312,7 @@ static void do_sys_vm86(struct kernel_vm86_struct *info, struct task_struct *tsk | |||
312 | 312 | ||
313 | /*call audit_syscall_exit since we do not exit via the normal paths */ | 313 | /*call audit_syscall_exit since we do not exit via the normal paths */ |
314 | if (unlikely(current->audit_context)) | 314 | if (unlikely(current->audit_context)) |
315 | audit_syscall_exit(current, AUDITSC_RESULT(eax), eax); | 315 | audit_syscall_exit(AUDITSC_RESULT(eax), eax); |
316 | 316 | ||
317 | __asm__ __volatile__( | 317 | __asm__ __volatile__( |
318 | "movl %0,%%esp\n\t" | 318 | "movl %0,%%esp\n\t" |
diff --git a/arch/ia64/kernel/ptrace.c b/arch/ia64/kernel/ptrace.c index 9887c8787e7..e61e15e28d8 100644 --- a/arch/ia64/kernel/ptrace.c +++ b/arch/ia64/kernel/ptrace.c | |||
@@ -1644,7 +1644,7 @@ syscall_trace_enter (long arg0, long arg1, long arg2, long arg3, | |||
1644 | arch = AUDIT_ARCH_IA64; | 1644 | arch = AUDIT_ARCH_IA64; |
1645 | } | 1645 | } |
1646 | 1646 | ||
1647 | audit_syscall_entry(current, arch, syscall, arg0, arg1, arg2, arg3); | 1647 | audit_syscall_entry(arch, syscall, arg0, arg1, arg2, arg3); |
1648 | } | 1648 | } |
1649 | 1649 | ||
1650 | } | 1650 | } |
@@ -1662,7 +1662,7 @@ syscall_trace_leave (long arg0, long arg1, long arg2, long arg3, | |||
1662 | 1662 | ||
1663 | if (success != AUDITSC_SUCCESS) | 1663 | if (success != AUDITSC_SUCCESS) |
1664 | result = -result; | 1664 | result = -result; |
1665 | audit_syscall_exit(current, success, result); | 1665 | audit_syscall_exit(success, result); |
1666 | } | 1666 | } |
1667 | 1667 | ||
1668 | if (test_thread_flag(TIF_SYSCALL_TRACE) | 1668 | if (test_thread_flag(TIF_SYSCALL_TRACE) |
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c index f3106d0771b..9b4733c1239 100644 --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c | |||
@@ -483,7 +483,7 @@ static inline int audit_arch(void) | |||
483 | asmlinkage void do_syscall_trace(struct pt_regs *regs, int entryexit) | 483 | asmlinkage void do_syscall_trace(struct pt_regs *regs, int entryexit) |
484 | { | 484 | { |
485 | if (unlikely(current->audit_context) && entryexit) | 485 | if (unlikely(current->audit_context) && entryexit) |
486 | audit_syscall_exit(current, AUDITSC_RESULT(regs->regs[2]), | 486 | audit_syscall_exit(AUDITSC_RESULT(regs->regs[2]), |
487 | regs->regs[2]); | 487 | regs->regs[2]); |
488 | 488 | ||
489 | if (!(current->ptrace & PT_PTRACED)) | 489 | if (!(current->ptrace & PT_PTRACED)) |
@@ -507,7 +507,7 @@ asmlinkage void do_syscall_trace(struct pt_regs *regs, int entryexit) | |||
507 | } | 507 | } |
508 | out: | 508 | out: |
509 | if (unlikely(current->audit_context) && !entryexit) | 509 | if (unlikely(current->audit_context) && !entryexit) |
510 | audit_syscall_entry(current, audit_arch(), regs->regs[2], | 510 | audit_syscall_entry(audit_arch(), regs->regs[2], |
511 | regs->regs[4], regs->regs[5], | 511 | regs->regs[4], regs->regs[5], |
512 | regs->regs[6], regs->regs[7]); | 512 | regs->regs[6], regs->regs[7]); |
513 | } | 513 | } |
diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c index bcb83574335..4a677d1bd4e 100644 --- a/arch/powerpc/kernel/ptrace.c +++ b/arch/powerpc/kernel/ptrace.c | |||
@@ -538,7 +538,7 @@ void do_syscall_trace_enter(struct pt_regs *regs) | |||
538 | do_syscall_trace(); | 538 | do_syscall_trace(); |
539 | 539 | ||
540 | if (unlikely(current->audit_context)) | 540 | if (unlikely(current->audit_context)) |
541 | audit_syscall_entry(current, | 541 | audit_syscall_entry( |
542 | #ifdef CONFIG_PPC32 | 542 | #ifdef CONFIG_PPC32 |
543 | AUDIT_ARCH_PPC, | 543 | AUDIT_ARCH_PPC, |
544 | #else | 544 | #else |
@@ -556,8 +556,7 @@ void do_syscall_trace_leave(struct pt_regs *regs) | |||
556 | #endif | 556 | #endif |
557 | 557 | ||
558 | if (unlikely(current->audit_context)) | 558 | if (unlikely(current->audit_context)) |
559 | audit_syscall_exit(current, | 559 | audit_syscall_exit((regs->ccr&0x1000)?AUDITSC_FAILURE:AUDITSC_SUCCESS, |
560 | (regs->ccr&0x1000)?AUDITSC_FAILURE:AUDITSC_SUCCESS, | ||
561 | regs->result); | 560 | regs->result); |
562 | 561 | ||
563 | if ((test_thread_flag(TIF_SYSCALL_TRACE) | 562 | if ((test_thread_flag(TIF_SYSCALL_TRACE) |
diff --git a/arch/s390/kernel/ptrace.c b/arch/s390/kernel/ptrace.c index 37dfe33dab7..8f36504075e 100644 --- a/arch/s390/kernel/ptrace.c +++ b/arch/s390/kernel/ptrace.c | |||
@@ -734,7 +734,7 @@ asmlinkage void | |||
734 | syscall_trace(struct pt_regs *regs, int entryexit) | 734 | syscall_trace(struct pt_regs *regs, int entryexit) |
735 | { | 735 | { |
736 | if (unlikely(current->audit_context) && entryexit) | 736 | if (unlikely(current->audit_context) && entryexit) |
737 | audit_syscall_exit(current, AUDITSC_RESULT(regs->gprs[2]), regs->gprs[2]); | 737 | audit_syscall_exit(AUDITSC_RESULT(regs->gprs[2]), regs->gprs[2]); |
738 | 738 | ||
739 | if (!test_thread_flag(TIF_SYSCALL_TRACE)) | 739 | if (!test_thread_flag(TIF_SYSCALL_TRACE)) |
740 | goto out; | 740 | goto out; |
@@ -761,8 +761,7 @@ syscall_trace(struct pt_regs *regs, int entryexit) | |||
761 | } | 761 | } |
762 | out: | 762 | out: |
763 | if (unlikely(current->audit_context) && !entryexit) | 763 | if (unlikely(current->audit_context) && !entryexit) |
764 | audit_syscall_entry(current, | 764 | audit_syscall_entry(test_thread_flag(TIF_31BIT)?AUDIT_ARCH_S390:AUDIT_ARCH_S390X, |
765 | test_thread_flag(TIF_31BIT)?AUDIT_ARCH_S390:AUDIT_ARCH_S390X, | ||
766 | regs->gprs[2], regs->orig_gpr2, regs->gprs[3], | 765 | regs->gprs[2], regs->orig_gpr2, regs->gprs[3], |
767 | regs->gprs[4], regs->gprs[5]); | 766 | regs->gprs[4], regs->gprs[5]); |
768 | } | 767 | } |
diff --git a/arch/sparc64/kernel/ptrace.c b/arch/sparc64/kernel/ptrace.c index 49e6dedd027..d31975e6d6f 100644 --- a/arch/sparc64/kernel/ptrace.c +++ b/arch/sparc64/kernel/ptrace.c | |||
@@ -653,7 +653,7 @@ asmlinkage void syscall_trace(struct pt_regs *regs, int syscall_exit_p) | |||
653 | if (unlikely(tstate & (TSTATE_XCARRY | TSTATE_ICARRY))) | 653 | if (unlikely(tstate & (TSTATE_XCARRY | TSTATE_ICARRY))) |
654 | result = AUDITSC_FAILURE; | 654 | result = AUDITSC_FAILURE; |
655 | 655 | ||
656 | audit_syscall_exit(current, result, regs->u_regs[UREG_I0]); | 656 | audit_syscall_exit(result, regs->u_regs[UREG_I0]); |
657 | } | 657 | } |
658 | 658 | ||
659 | if (!(current->ptrace & PT_PTRACED)) | 659 | if (!(current->ptrace & PT_PTRACED)) |
@@ -677,8 +677,7 @@ asmlinkage void syscall_trace(struct pt_regs *regs, int syscall_exit_p) | |||
677 | 677 | ||
678 | out: | 678 | out: |
679 | if (unlikely(current->audit_context) && !syscall_exit_p) | 679 | if (unlikely(current->audit_context) && !syscall_exit_p) |
680 | audit_syscall_entry(current, | 680 | audit_syscall_entry((test_thread_flag(TIF_32BIT) ? |
681 | (test_thread_flag(TIF_32BIT) ? | ||
682 | AUDIT_ARCH_SPARC : | 681 | AUDIT_ARCH_SPARC : |
683 | AUDIT_ARCH_SPARC64), | 682 | AUDIT_ARCH_SPARC64), |
684 | regs->u_regs[UREG_G1], | 683 | regs->u_regs[UREG_G1], |
diff --git a/arch/um/kernel/ptrace.c b/arch/um/kernel/ptrace.c index 60d2eda995c..9a77fb3c269 100644 --- a/arch/um/kernel/ptrace.c +++ b/arch/um/kernel/ptrace.c | |||
@@ -275,15 +275,13 @@ void syscall_trace(union uml_pt_regs *regs, int entryexit) | |||
275 | 275 | ||
276 | if (unlikely(current->audit_context)) { | 276 | if (unlikely(current->audit_context)) { |
277 | if (!entryexit) | 277 | if (!entryexit) |
278 | audit_syscall_entry(current, | 278 | audit_syscall_entry(HOST_AUDIT_ARCH, |
279 | HOST_AUDIT_ARCH, | ||
280 | UPT_SYSCALL_NR(regs), | 279 | UPT_SYSCALL_NR(regs), |
281 | UPT_SYSCALL_ARG1(regs), | 280 | UPT_SYSCALL_ARG1(regs), |
282 | UPT_SYSCALL_ARG2(regs), | 281 | UPT_SYSCALL_ARG2(regs), |
283 | UPT_SYSCALL_ARG3(regs), | 282 | UPT_SYSCALL_ARG3(regs), |
284 | UPT_SYSCALL_ARG4(regs)); | 283 | UPT_SYSCALL_ARG4(regs)); |
285 | else audit_syscall_exit(current, | 284 | else audit_syscall_exit(AUDITSC_RESULT(UPT_SYSCALL_RET(regs)), |
286 | AUDITSC_RESULT(UPT_SYSCALL_RET(regs)), | ||
287 | UPT_SYSCALL_RET(regs)); | 285 | UPT_SYSCALL_RET(regs)); |
288 | } | 286 | } |
289 | 287 | ||
diff --git a/arch/x86_64/kernel/ptrace.c b/arch/x86_64/kernel/ptrace.c index da8e7903d81..2d50024c9f3 100644 --- a/arch/x86_64/kernel/ptrace.c +++ b/arch/x86_64/kernel/ptrace.c | |||
@@ -600,12 +600,12 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs) | |||
600 | 600 | ||
601 | if (unlikely(current->audit_context)) { | 601 | if (unlikely(current->audit_context)) { |
602 | if (test_thread_flag(TIF_IA32)) { | 602 | if (test_thread_flag(TIF_IA32)) { |
603 | audit_syscall_entry(current, AUDIT_ARCH_I386, | 603 | audit_syscall_entry(AUDIT_ARCH_I386, |
604 | regs->orig_rax, | 604 | regs->orig_rax, |
605 | regs->rbx, regs->rcx, | 605 | regs->rbx, regs->rcx, |
606 | regs->rdx, regs->rsi); | 606 | regs->rdx, regs->rsi); |
607 | } else { | 607 | } else { |
608 | audit_syscall_entry(current, AUDIT_ARCH_X86_64, | 608 | audit_syscall_entry(AUDIT_ARCH_X86_64, |
609 | regs->orig_rax, | 609 | regs->orig_rax, |
610 | regs->rdi, regs->rsi, | 610 | regs->rdi, regs->rsi, |
611 | regs->rdx, regs->r10); | 611 | regs->rdx, regs->r10); |
@@ -616,7 +616,7 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs) | |||
616 | asmlinkage void syscall_trace_leave(struct pt_regs *regs) | 616 | asmlinkage void syscall_trace_leave(struct pt_regs *regs) |
617 | { | 617 | { |
618 | if (unlikely(current->audit_context)) | 618 | if (unlikely(current->audit_context)) |
619 | audit_syscall_exit(current, AUDITSC_RESULT(regs->rax), regs->rax); | 619 | audit_syscall_exit(AUDITSC_RESULT(regs->rax), regs->rax); |
620 | 620 | ||
621 | if ((test_thread_flag(TIF_SYSCALL_TRACE) | 621 | if ((test_thread_flag(TIF_SYSCALL_TRACE) |
622 | || test_thread_flag(TIF_SINGLESTEP)) | 622 | || test_thread_flag(TIF_SINGLESTEP)) |
diff --git a/include/linux/audit.h b/include/linux/audit.h index 1c47c59058c..39fef6ebb85 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -287,10 +287,10 @@ struct netlink_skb_parms; | |||
287 | /* Public API */ | 287 | /* Public API */ |
288 | extern int audit_alloc(struct task_struct *task); | 288 | extern int audit_alloc(struct task_struct *task); |
289 | extern void audit_free(struct task_struct *task); | 289 | extern void audit_free(struct task_struct *task); |
290 | extern void audit_syscall_entry(struct task_struct *task, int arch, | 290 | extern void audit_syscall_entry(int arch, |
291 | int major, unsigned long a0, unsigned long a1, | 291 | int major, unsigned long a0, unsigned long a1, |
292 | unsigned long a2, unsigned long a3); | 292 | unsigned long a2, unsigned long a3); |
293 | extern void audit_syscall_exit(struct task_struct *task, int failed, long return_code); | 293 | extern void audit_syscall_exit(int failed, long return_code); |
294 | extern void audit_getname(const char *name); | 294 | extern void audit_getname(const char *name); |
295 | extern void audit_putname(const char *name); | 295 | extern void audit_putname(const char *name); |
296 | extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); | 296 | extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); |
@@ -323,8 +323,8 @@ extern int audit_set_macxattr(const char *name); | |||
323 | #else | 323 | #else |
324 | #define audit_alloc(t) ({ 0; }) | 324 | #define audit_alloc(t) ({ 0; }) |
325 | #define audit_free(t) do { ; } while (0) | 325 | #define audit_free(t) do { ; } while (0) |
326 | #define audit_syscall_entry(t,ta,a,b,c,d,e) do { ; } while (0) | 326 | #define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0) |
327 | #define audit_syscall_exit(t,f,r) do { ; } while (0) | 327 | #define audit_syscall_exit(f,r) do { ; } while (0) |
328 | #define audit_getname(n) do { ; } while (0) | 328 | #define audit_getname(n) do { ; } while (0) |
329 | #define audit_putname(n) do { ; } while (0) | 329 | #define audit_putname(n) do { ; } while (0) |
330 | #define __audit_inode(n,i,f) do { ; } while (0) | 330 | #define __audit_inode(n,i,f) do { ; } while (0) |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index ba0ec1ba669..7ed82b088e4 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -736,10 +736,11 @@ void audit_free(struct task_struct *tsk) | |||
736 | * will only be written if another part of the kernel requests that it | 736 | * will only be written if another part of the kernel requests that it |
737 | * be written). | 737 | * be written). |
738 | */ | 738 | */ |
739 | void audit_syscall_entry(struct task_struct *tsk, int arch, int major, | 739 | void audit_syscall_entry(int arch, int major, |
740 | unsigned long a1, unsigned long a2, | 740 | unsigned long a1, unsigned long a2, |
741 | unsigned long a3, unsigned long a4) | 741 | unsigned long a3, unsigned long a4) |
742 | { | 742 | { |
743 | struct task_struct *tsk = current; | ||
743 | struct audit_context *context = tsk->audit_context; | 744 | struct audit_context *context = tsk->audit_context; |
744 | enum audit_state state; | 745 | enum audit_state state; |
745 | 746 | ||
@@ -817,12 +818,11 @@ void audit_syscall_entry(struct task_struct *tsk, int arch, int major, | |||
817 | * message), then write out the syscall information. In call cases, | 818 | * message), then write out the syscall information. In call cases, |
818 | * free the names stored from getname(). | 819 | * free the names stored from getname(). |
819 | */ | 820 | */ |
820 | void audit_syscall_exit(struct task_struct *tsk, int valid, long return_code) | 821 | void audit_syscall_exit(int valid, long return_code) |
821 | { | 822 | { |
823 | struct task_struct *tsk = current; | ||
822 | struct audit_context *context; | 824 | struct audit_context *context; |
823 | 825 | ||
824 | /* tsk == current */ | ||
825 | |||
826 | get_task_struct(tsk); | 826 | get_task_struct(tsk); |
827 | task_lock(tsk); | 827 | task_lock(tsk); |
828 | context = audit_get_context(tsk, valid, return_code); | 828 | context = audit_get_context(tsk, valid, return_code); |