AUDIT: Spawn kernel thread to list filter rules.

If we have enough rules to fill the netlink buffer space, it'll deadlock because auditctl isn't ever actually going to read from the socket until we return, and we aren't going to return until it reads... so we spawn a kernel thread to spew out the list and then exit. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
author: David Woodhouse <dwmw2@shinybook.infradead.org> 2005-06-21 11:22:01 -0400
committer: David Woodhouse <dwmw2@shinybook.infradead.org> 2005-06-21 11:22:01 -0400
commit: f6a789d19858a951e7ff9e297a44b377c21b6c33 (patch)
tree: 5e54f1460bc048706ad6df8c5cb5bf748f067f13
parent: ae7b961b1c943367dfe179411f120d7bf8eaba89 (diff)
3 files changed, 47 insertions, 9 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 5f812e4d01e4..5d1a9dda5acb 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -281,6 +281,7 @@ extern void		    audit_send_reply(int pid, int seq, int type,
                                             int done, int multi,
                                             void *payload, int size);
 extern void                 audit_log_lost(const char *message);
+extern struct semaphore audit_netlink_sem;
 #else
 #define audit_log(c,t,f,...) do { ; } while (0)
 #define audit_log_start(c,t) ({ NULL; })
diff --git a/kernel/audit.c b/kernel/audit.c
index ab6ac560cfe5..c1ab8dbbb67b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -110,7 +110,7 @@ static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
 /* The netlink socket is only to be read by 1 CPU, which lets us assume
 * that list additions and deletions never happen simultaneously in
 * auditsc.c */
-static DECLARE_MUTEX(audit_netlink_sem);
+DECLARE_MUTEX(audit_netlink_sem);
 /* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
 * audit records.  Since printk uses a 1024 byte buffer, this buffer
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 031f979019d1..cb8a44945157 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -39,6 +39,7 @@
 #include <linux/audit.h>
 #include <linux/personality.h>
 #include <linux/time.h>
+#include <linux/kthread.h>
 #include <asm/unistd.h>
 /* 0 = no checking
@@ -281,24 +282,60 @@ static int audit_copy_rule(struct audit_rule *d, struct audit_rule *s)
        return 0;
 }
+static int audit_list_rules(void *_dest)
+{
+        int pid, seq;
+        int *dest = _dest;
+        struct audit_entry *entry;
+        int i;
+        pid = dest[0];
+        seq = dest[1];
+        kfree(dest);
+        down(&audit_netlink_sem);
+        /* The *_rcu iterators not needed here because we are
+           always called with audit_netlink_sem held. */
+        for (i=0; i<AUDIT_NR_FILTERS; i++) {
+                list_for_each_entry(entry, &audit_filter_list[i], list)
+                        audit_send_reply(pid, seq, AUDIT_LIST, 0, 1,
+                                         &entry->rule, sizeof(entry->rule));
+        }
+        audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
+        
+        up(&audit_netlink_sem);
+        return 0;
+}
 int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
                                                        uid_t loginuid)
 {
        struct audit_entry *entry;
+        struct task_struct *tsk;
+        int *dest;
        int                err = 0;
-        int i;
        unsigned listnr;
        switch (type) {
        case AUDIT_LIST:
-                /* The *_rcu iterators not needed here because we are
+                /* We can't just spew out the rules here because we might fill
-                   always called with audit_netlink_sem held. */
+                 * the available socket buffer space and deadlock waiting for
-                for (i=0; i<AUDIT_NR_FILTERS; i++) {
+                 * auditctl to read from it... which isn't ever going to
-                        list_for_each_entry(entry, &audit_filter_list[i], list)
+                 * happen if we're actually running in the context of auditctl
-                                audit_send_reply(pid, seq, AUDIT_LIST, 0, 1,
+                 * trying to _send_ the stuff */
-                                                 &entry->rule, sizeof(entry->rule));
+                 
+                dest = kmalloc(2 * sizeof(int), GFP_KERNEL);
+                if (!dest)
+                        return -ENOMEM;
+                dest[0] = pid;
+                dest[1] = seq;
+                tsk = kthread_run(audit_list_rules, dest, "audit_list_rules");
+                if (IS_ERR(tsk)) {
+                        kfree(dest);
+                        err = PTR_ERR(tsk);
                }
-                audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
                break;
        case AUDIT_ADD:
                if (!(entry = kmalloc(sizeof(*entry), GFP_KERNEL)))
author	David Woodhouse <dwmw2@shinybook.infradead.org>	2005-06-21 11:22:01 -0400
committer	David Woodhouse <dwmw2@shinybook.infradead.org>	2005-06-21 11:22:01 -0400
commit	f6a789d19858a951e7ff9e297a44b377c21b6c33 (patch)
tree	5e54f1460bc048706ad6df8c5cb5bf748f067f13
parent	ae7b961b1c943367dfe179411f120d7bf8eaba89 (diff)

diff --git a/include/linux/audit.h b/include/linux/audit.h index 5f812e4d01e4..5d1a9dda5acb 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -281,6 +281,7 @@ extern void audit_send_reply(int pid, int seq, int type,
281	int done, int multi,	281	int done, int multi,
282	void *payload, int size);	282	void *payload, int size);
283	extern void audit_log_lost(const char *message);	283	extern void audit_log_lost(const char *message);
		284	extern struct semaphore audit_netlink_sem;
284	#else	285	#else
285	#define audit_log(c,t,f,...) do { ; } while (0)	286	#define audit_log(c,t,f,...) do { ; } while (0)
286	#define audit_log_start(c,t) ({ NULL; })	287	#define audit_log_start(c,t) ({ NULL; })


diff --git a/kernel/audit.c b/kernel/audit.c index ab6ac560cfe5..c1ab8dbbb67b 100644 --- a/kernel/audit.c +++ b/kernel/audit.c
@@ -110,7 +110,7 @@ static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
110	/* The netlink socket is only to be read by 1 CPU, which lets us assume	110	/* The netlink socket is only to be read by 1 CPU, which lets us assume
111	* that list additions and deletions never happen simultaneously in	111	* that list additions and deletions never happen simultaneously in
112	* auditsc.c */	112	* auditsc.c */
113	static DECLARE_MUTEX(audit_netlink_sem);	113	DECLARE_MUTEX(audit_netlink_sem);
114		114
115	/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting	115	/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
116	* audit records. Since printk uses a 1024 byte buffer, this buffer	116	* audit records. Since printk uses a 1024 byte buffer, this buffer


diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 031f979019d1..cb8a44945157 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c
@@ -39,6 +39,7 @@
39	#include <linux/audit.h>	39	#include <linux/audit.h>
40	#include <linux/personality.h>	40	#include <linux/personality.h>
41	#include <linux/time.h>	41	#include <linux/time.h>
		42	#include <linux/kthread.h>
42	#include <asm/unistd.h>	43	#include <asm/unistd.h>
43		44
44	/* 0 = no checking	45	/* 0 = no checking
@@ -281,24 +282,60 @@ static int audit_copy_rule(struct audit_rule d, struct audit_rule s)
281	return 0;	282	return 0;
282	}	283	}
283		284
		285	static int audit_list_rules(void *_dest)
		286	{
		287	int pid, seq;
		288	int *dest = _dest;
		289	struct audit_entry *entry;
		290	int i;
		291
		292	pid = dest[0];
		293	seq = dest[1];
		294	kfree(dest);
		295
		296	down(&audit_netlink_sem);
		297
		298	/* The *_rcu iterators not needed here because we are
		299	always called with audit_netlink_sem held. */
		300	for (i=0; i<AUDIT_NR_FILTERS; i++) {
		301	list_for_each_entry(entry, &audit_filter_list[i], list)
		302	audit_send_reply(pid, seq, AUDIT_LIST, 0, 1,
		303	&entry->rule, sizeof(entry->rule));
		304	}
		305	audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
		306
		307	up(&audit_netlink_sem);
		308	return 0;
		309	}
		310
284	int audit_receive_filter(int type, int pid, int uid, int seq, void *data,	311	int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
285	uid_t loginuid)	312	uid_t loginuid)
286	{	313	{
287	struct audit_entry *entry;	314	struct audit_entry *entry;
		315	struct task_struct *tsk;
		316	int *dest;
288	int err = 0;	317	int err = 0;
289	int i;
290	unsigned listnr;	318	unsigned listnr;
291		319
292	switch (type) {	320	switch (type) {
293	case AUDIT_LIST:	321	case AUDIT_LIST:
294	/* The *_rcu iterators not needed here because we are	322	/* We can't just spew out the rules here because we might fill
295	always called with audit_netlink_sem held. */	323	* the available socket buffer space and deadlock waiting for
296	for (i=0; i<AUDIT_NR_FILTERS; i++) {	324	* auditctl to read from it... which isn't ever going to
297	list_for_each_entry(entry, &audit_filter_list[i], list)	325	* happen if we're actually running in the context of auditctl
298	audit_send_reply(pid, seq, AUDIT_LIST, 0, 1,	326	* trying to _send_ the stuff */
299	&entry->rule, sizeof(entry->rule));	327
		328	dest = kmalloc(2 * sizeof(int), GFP_KERNEL);
		329	if (!dest)
		330	return -ENOMEM;
		331	dest[0] = pid;
		332	dest[1] = seq;
		333
		334	tsk = kthread_run(audit_list_rules, dest, "audit_list_rules");
		335	if (IS_ERR(tsk)) {
		336	kfree(dest);
		337	err = PTR_ERR(tsk);
300	}	338	}
301	audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
302	break;	339	break;
303	case AUDIT_ADD:	340	case AUDIT_ADD:
304	if (!(entry = kmalloc(sizeof(*entry), GFP_KERNEL)))	341	if (!(entry = kmalloc(sizeof(*entry), GFP_KERNEL)))