aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-06-11 14:31:37 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2009-06-24 00:00:52 -0400
commit9d9609851003ebed15957f0f2ce18492739ee124 (patch)
tree2c116865d2f239b5596b22a3a79eecc82f5e1299
parent35fe4d0b1b12286a81938e9c5fdfaf639ac0ce5b (diff)
Audit: clean up all op= output to include string quoting
A number of places in the audit system we send an op= followed by a string that includes spaces. Somehow this works but it's just wrong. This patch moves all of those that I could find to be quoted. Example: Change From: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1 subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op=remove rule key="number2" list=4 res=0 Change To: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1 subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op="remove rule" key="number2" list=4 res=0 Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r--include/linux/audit.h3
-rw-r--r--kernel/audit.c9
-rw-r--r--kernel/audit_tree.c10
-rw-r--r--kernel/audit_watch.c6
-rw-r--r--kernel/auditfilter.c12
-rw-r--r--kernel/auditsc.c8
6 files changed, 24 insertions, 24 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 4fa2810b675e..3c7a358241a7 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -599,6 +599,8 @@ extern void audit_log_untrustedstring(struct audit_buffer *ab,
599extern void audit_log_d_path(struct audit_buffer *ab, 599extern void audit_log_d_path(struct audit_buffer *ab,
600 const char *prefix, 600 const char *prefix,
601 struct path *path); 601 struct path *path);
602extern void audit_log_key(struct audit_buffer *ab,
603 char *key);
602extern void audit_log_lost(const char *message); 604extern void audit_log_lost(const char *message);
603extern int audit_update_lsm_rules(void); 605extern int audit_update_lsm_rules(void);
604 606
@@ -621,6 +623,7 @@ extern int audit_enabled;
621#define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) 623#define audit_log_n_untrustedstring(a,n,s) do { ; } while (0)
622#define audit_log_untrustedstring(a,s) do { ; } while (0) 624#define audit_log_untrustedstring(a,s) do { ; } while (0)
623#define audit_log_d_path(b, p, d) do { ; } while (0) 625#define audit_log_d_path(b, p, d) do { ; } while (0)
626#define audit_log_key(b, k) do { ; } while (0)
624#define audit_enabled 0 627#define audit_enabled 0
625#endif 628#endif
626#endif 629#endif
diff --git a/kernel/audit.c b/kernel/audit.c
index e07ad2340dbe..6194c50e2039 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1450,6 +1450,15 @@ void audit_log_d_path(struct audit_buffer *ab, const char *prefix,
1450 kfree(pathname); 1450 kfree(pathname);
1451} 1451}
1452 1452
1453void audit_log_key(struct audit_buffer *ab, char *key)
1454{
1455 audit_log_format(ab, " key=");
1456 if (key)
1457 audit_log_untrustedstring(ab, key);
1458 else
1459 audit_log_format(ab, "(null)");
1460}
1461
1453/** 1462/**
1454 * audit_log_end - end one audit record 1463 * audit_log_end - end one audit record
1455 * @ab: the audit_buffer 1464 * @ab: the audit_buffer
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c
index 1f6396d76687..3ff0731284a1 100644
--- a/kernel/audit_tree.c
+++ b/kernel/audit_tree.c
@@ -441,13 +441,11 @@ static void kill_rules(struct audit_tree *tree)
441 if (rule->tree) { 441 if (rule->tree) {
442 /* not a half-baked one */ 442 /* not a half-baked one */
443 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); 443 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
444 audit_log_format(ab, "op=remove rule dir="); 444 audit_log_format(ab, "op=");
445 audit_log_string(ab, "remove rule");
446 audit_log_format(ab, " dir=");
445 audit_log_untrustedstring(ab, rule->tree->pathname); 447 audit_log_untrustedstring(ab, rule->tree->pathname);
446 if (rule->filterkey) { 448 audit_log_key(ab, rule->filterkey);
447 audit_log_format(ab, " key=");
448 audit_log_untrustedstring(ab, rule->filterkey);
449 } else
450 audit_log_format(ab, " key=(null)");
451 audit_log_format(ab, " list=%d res=1", rule->listnr); 449 audit_log_format(ab, " list=%d res=1", rule->listnr);
452 audit_log_end(ab); 450 audit_log_end(ab);
453 rule->tree = NULL; 451 rule->tree = NULL;
diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
index b49ab019fdff..0e96dbc60ea9 100644
--- a/kernel/audit_watch.c
+++ b/kernel/audit_watch.c
@@ -234,11 +234,7 @@ static void audit_watch_log_rule_change(struct audit_krule *r, struct audit_watc
234 audit_log_string(ab, op); 234 audit_log_string(ab, op);
235 audit_log_format(ab, " path="); 235 audit_log_format(ab, " path=");
236 audit_log_untrustedstring(ab, w->path); 236 audit_log_untrustedstring(ab, w->path);
237 if (r->filterkey) { 237 audit_log_key(ab, r->filterkey);
238 audit_log_format(ab, " key=");
239 audit_log_untrustedstring(ab, r->filterkey);
240 } else
241 audit_log_format(ab, " key=(null)");
242 audit_log_format(ab, " list=%d res=1", r->listnr); 238 audit_log_format(ab, " list=%d res=1", r->listnr);
243 audit_log_end(ab); 239 audit_log_end(ab);
244 } 240 }
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 21b623595aad..a70604047f3c 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -1079,11 +1079,9 @@ static void audit_log_rule_change(uid_t loginuid, u32 sessionid, u32 sid,
1079 security_release_secctx(ctx, len); 1079 security_release_secctx(ctx, len);
1080 } 1080 }
1081 } 1081 }
1082 audit_log_format(ab, " op=%s rule key=", action); 1082 audit_log_format(ab, " op=");
1083 if (rule->filterkey) 1083 audit_log_string(ab, action);
1084 audit_log_untrustedstring(ab, rule->filterkey); 1084 audit_log_key(ab, rule->filterkey);
1085 else
1086 audit_log_format(ab, "(null)");
1087 audit_log_format(ab, " list=%d res=%d", rule->listnr, res); 1085 audit_log_format(ab, " list=%d res=%d", rule->listnr, res);
1088 audit_log_end(ab); 1086 audit_log_end(ab);
1089} 1087}
@@ -1147,7 +1145,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
1147 return PTR_ERR(entry); 1145 return PTR_ERR(entry);
1148 1146
1149 err = audit_add_rule(entry); 1147 err = audit_add_rule(entry);
1150 audit_log_rule_change(loginuid, sessionid, sid, "add", 1148 audit_log_rule_change(loginuid, sessionid, sid, "add rule",
1151 &entry->rule, !err); 1149 &entry->rule, !err);
1152 1150
1153 if (err) 1151 if (err)
@@ -1163,7 +1161,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
1163 return PTR_ERR(entry); 1161 return PTR_ERR(entry);
1164 1162
1165 err = audit_del_rule(entry); 1163 err = audit_del_rule(entry);
1166 audit_log_rule_change(loginuid, sessionid, sid, "remove", 1164 audit_log_rule_change(loginuid, sessionid, sid, "remove rule",
1167 &entry->rule, !err); 1165 &entry->rule, !err);
1168 1166
1169 audit_free_rule(entry); 1167 audit_free_rule(entry);
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 0b862cac6ca2..2de95d1582bc 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1137,7 +1137,7 @@ static int audit_log_single_execve_arg(struct audit_context *context,
1137 if (has_cntl) 1137 if (has_cntl)
1138 audit_log_n_hex(*ab, buf, to_send); 1138 audit_log_n_hex(*ab, buf, to_send);
1139 else 1139 else
1140 audit_log_format(*ab, "\"%s\"", buf); 1140 audit_log_string(*ab, buf);
1141 1141
1142 p += to_send; 1142 p += to_send;
1143 len_left -= to_send; 1143 len_left -= to_send;
@@ -1372,11 +1372,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
1372 1372
1373 1373
1374 audit_log_task_info(ab, tsk); 1374 audit_log_task_info(ab, tsk);
1375 if (context->filterkey) { 1375 audit_log_key(ab, context->filterkey);
1376 audit_log_format(ab, " key=");
1377 audit_log_untrustedstring(ab, context->filterkey);
1378 } else
1379 audit_log_format(ab, " key=(null)");
1380 audit_log_end(ab); 1376 audit_log_end(ab);
1381 1377
1382 for (aux = context->aux; aux; aux = aux->next) { 1378 for (aux = context->aux; aux; aux = aux->next) {