diff options
Diffstat (limited to 'kernel/auditfilter.c')
| -rw-r--r-- | kernel/auditfilter.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 28fef6bf853..af3ae91c47b 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -1500,8 +1500,9 @@ static void audit_list_rules(int pid, int seq, struct sk_buff_head *q) | |||
| 1500 | } | 1500 | } |
| 1501 | 1501 | ||
| 1502 | /* Log rule additions and removals */ | 1502 | /* Log rule additions and removals */ |
| 1503 | static void audit_log_rule_change(uid_t loginuid, u32 sid, char *action, | 1503 | static void audit_log_rule_change(uid_t loginuid, u32 sessionid, u32 sid, |
| 1504 | struct audit_krule *rule, int res) | 1504 | char *action, struct audit_krule *rule, |
| 1505 | int res) | ||
| 1505 | { | 1506 | { |
| 1506 | struct audit_buffer *ab; | 1507 | struct audit_buffer *ab; |
| 1507 | 1508 | ||
| @@ -1511,7 +1512,7 @@ static void audit_log_rule_change(uid_t loginuid, u32 sid, char *action, | |||
| 1511 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); | 1512 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); |
| 1512 | if (!ab) | 1513 | if (!ab) |
| 1513 | return; | 1514 | return; |
| 1514 | audit_log_format(ab, "auid=%u", loginuid); | 1515 | audit_log_format(ab, "auid=%u ses=%u", loginuid, sessionid); |
| 1515 | if (sid) { | 1516 | if (sid) { |
| 1516 | char *ctx = NULL; | 1517 | char *ctx = NULL; |
| 1517 | u32 len; | 1518 | u32 len; |
| @@ -1543,7 +1544,7 @@ static void audit_log_rule_change(uid_t loginuid, u32 sid, char *action, | |||
| 1543 | * @sid: SE Linux Security ID of sender | 1544 | * @sid: SE Linux Security ID of sender |
| 1544 | */ | 1545 | */ |
| 1545 | int audit_receive_filter(int type, int pid, int uid, int seq, void *data, | 1546 | int audit_receive_filter(int type, int pid, int uid, int seq, void *data, |
| 1546 | size_t datasz, uid_t loginuid, u32 sid) | 1547 | size_t datasz, uid_t loginuid, u32 sessionid, u32 sid) |
| 1547 | { | 1548 | { |
| 1548 | struct task_struct *tsk; | 1549 | struct task_struct *tsk; |
| 1549 | struct audit_netlink_list *dest; | 1550 | struct audit_netlink_list *dest; |
| @@ -1590,7 +1591,8 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data, | |||
| 1590 | 1591 | ||
| 1591 | err = audit_add_rule(entry, | 1592 | err = audit_add_rule(entry, |
| 1592 | &audit_filter_list[entry->rule.listnr]); | 1593 | &audit_filter_list[entry->rule.listnr]); |
| 1593 | audit_log_rule_change(loginuid, sid, "add", &entry->rule, !err); | 1594 | audit_log_rule_change(loginuid, sessionid, sid, "add", |
| 1595 | &entry->rule, !err); | ||
| 1594 | 1596 | ||
| 1595 | if (err) | 1597 | if (err) |
| 1596 | audit_free_rule(entry); | 1598 | audit_free_rule(entry); |
| @@ -1606,8 +1608,8 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data, | |||
| 1606 | 1608 | ||
| 1607 | err = audit_del_rule(entry, | 1609 | err = audit_del_rule(entry, |
| 1608 | &audit_filter_list[entry->rule.listnr]); | 1610 | &audit_filter_list[entry->rule.listnr]); |
| 1609 | audit_log_rule_change(loginuid, sid, "remove", &entry->rule, | 1611 | audit_log_rule_change(loginuid, sessionid, sid, "remove", |
| 1610 | !err); | 1612 | &entry->rule, !err); |
| 1611 | 1613 | ||
| 1612 | audit_free_rule(entry); | 1614 | audit_free_rule(entry); |
| 1613 | break; | 1615 | break; |