diff options
author | Eric Paris <eparis@redhat.com> | 2009-06-11 14:31:37 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2009-06-24 00:00:52 -0400 |
commit | 9d9609851003ebed15957f0f2ce18492739ee124 (patch) | |
tree | 2c116865d2f239b5596b22a3a79eecc82f5e1299 | |
parent | 35fe4d0b1b12286a81938e9c5fdfaf639ac0ce5b (diff) |
Audit: clean up all op= output to include string quoting
A number of places in the audit system we send an op= followed by a string
that includes spaces. Somehow this works but it's just wrong. This patch
moves all of those that I could find to be quoted.
Example:
Change From: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op=remove rule
key="number2" list=4 res=0
Change To: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op="remove rule"
key="number2" list=4 res=0
Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r-- | include/linux/audit.h | 3 | ||||
-rw-r--r-- | kernel/audit.c | 9 | ||||
-rw-r--r-- | kernel/audit_tree.c | 10 | ||||
-rw-r--r-- | kernel/audit_watch.c | 6 | ||||
-rw-r--r-- | kernel/auditfilter.c | 12 | ||||
-rw-r--r-- | kernel/auditsc.c | 8 |
6 files changed, 24 insertions, 24 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 4fa2810b675e..3c7a358241a7 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -599,6 +599,8 @@ extern void audit_log_untrustedstring(struct audit_buffer *ab, | |||
599 | extern void audit_log_d_path(struct audit_buffer *ab, | 599 | extern void audit_log_d_path(struct audit_buffer *ab, |
600 | const char *prefix, | 600 | const char *prefix, |
601 | struct path *path); | 601 | struct path *path); |
602 | extern void audit_log_key(struct audit_buffer *ab, | ||
603 | char *key); | ||
602 | extern void audit_log_lost(const char *message); | 604 | extern void audit_log_lost(const char *message); |
603 | extern int audit_update_lsm_rules(void); | 605 | extern int audit_update_lsm_rules(void); |
604 | 606 | ||
@@ -621,6 +623,7 @@ extern int audit_enabled; | |||
621 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) | 623 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) |
622 | #define audit_log_untrustedstring(a,s) do { ; } while (0) | 624 | #define audit_log_untrustedstring(a,s) do { ; } while (0) |
623 | #define audit_log_d_path(b, p, d) do { ; } while (0) | 625 | #define audit_log_d_path(b, p, d) do { ; } while (0) |
626 | #define audit_log_key(b, k) do { ; } while (0) | ||
624 | #define audit_enabled 0 | 627 | #define audit_enabled 0 |
625 | #endif | 628 | #endif |
626 | #endif | 629 | #endif |
diff --git a/kernel/audit.c b/kernel/audit.c index e07ad2340dbe..6194c50e2039 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
@@ -1450,6 +1450,15 @@ void audit_log_d_path(struct audit_buffer *ab, const char *prefix, | |||
1450 | kfree(pathname); | 1450 | kfree(pathname); |
1451 | } | 1451 | } |
1452 | 1452 | ||
1453 | void audit_log_key(struct audit_buffer *ab, char *key) | ||
1454 | { | ||
1455 | audit_log_format(ab, " key="); | ||
1456 | if (key) | ||
1457 | audit_log_untrustedstring(ab, key); | ||
1458 | else | ||
1459 | audit_log_format(ab, "(null)"); | ||
1460 | } | ||
1461 | |||
1453 | /** | 1462 | /** |
1454 | * audit_log_end - end one audit record | 1463 | * audit_log_end - end one audit record |
1455 | * @ab: the audit_buffer | 1464 | * @ab: the audit_buffer |
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c index 1f6396d76687..3ff0731284a1 100644 --- a/kernel/audit_tree.c +++ b/kernel/audit_tree.c | |||
@@ -441,13 +441,11 @@ static void kill_rules(struct audit_tree *tree) | |||
441 | if (rule->tree) { | 441 | if (rule->tree) { |
442 | /* not a half-baked one */ | 442 | /* not a half-baked one */ |
443 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); | 443 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); |
444 | audit_log_format(ab, "op=remove rule dir="); | 444 | audit_log_format(ab, "op="); |
445 | audit_log_string(ab, "remove rule"); | ||
446 | audit_log_format(ab, " dir="); | ||
445 | audit_log_untrustedstring(ab, rule->tree->pathname); | 447 | audit_log_untrustedstring(ab, rule->tree->pathname); |
446 | if (rule->filterkey) { | 448 | audit_log_key(ab, rule->filterkey); |
447 | audit_log_format(ab, " key="); | ||
448 | audit_log_untrustedstring(ab, rule->filterkey); | ||
449 | } else | ||
450 | audit_log_format(ab, " key=(null)"); | ||
451 | audit_log_format(ab, " list=%d res=1", rule->listnr); | 449 | audit_log_format(ab, " list=%d res=1", rule->listnr); |
452 | audit_log_end(ab); | 450 | audit_log_end(ab); |
453 | rule->tree = NULL; | 451 | rule->tree = NULL; |
diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c index b49ab019fdff..0e96dbc60ea9 100644 --- a/kernel/audit_watch.c +++ b/kernel/audit_watch.c | |||
@@ -234,11 +234,7 @@ static void audit_watch_log_rule_change(struct audit_krule *r, struct audit_watc | |||
234 | audit_log_string(ab, op); | 234 | audit_log_string(ab, op); |
235 | audit_log_format(ab, " path="); | 235 | audit_log_format(ab, " path="); |
236 | audit_log_untrustedstring(ab, w->path); | 236 | audit_log_untrustedstring(ab, w->path); |
237 | if (r->filterkey) { | 237 | audit_log_key(ab, r->filterkey); |
238 | audit_log_format(ab, " key="); | ||
239 | audit_log_untrustedstring(ab, r->filterkey); | ||
240 | } else | ||
241 | audit_log_format(ab, " key=(null)"); | ||
242 | audit_log_format(ab, " list=%d res=1", r->listnr); | 238 | audit_log_format(ab, " list=%d res=1", r->listnr); |
243 | audit_log_end(ab); | 239 | audit_log_end(ab); |
244 | } | 240 | } |
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 21b623595aad..a70604047f3c 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
@@ -1079,11 +1079,9 @@ static void audit_log_rule_change(uid_t loginuid, u32 sessionid, u32 sid, | |||
1079 | security_release_secctx(ctx, len); | 1079 | security_release_secctx(ctx, len); |
1080 | } | 1080 | } |
1081 | } | 1081 | } |
1082 | audit_log_format(ab, " op=%s rule key=", action); | 1082 | audit_log_format(ab, " op="); |
1083 | if (rule->filterkey) | 1083 | audit_log_string(ab, action); |
1084 | audit_log_untrustedstring(ab, rule->filterkey); | 1084 | audit_log_key(ab, rule->filterkey); |
1085 | else | ||
1086 | audit_log_format(ab, "(null)"); | ||
1087 | audit_log_format(ab, " list=%d res=%d", rule->listnr, res); | 1085 | audit_log_format(ab, " list=%d res=%d", rule->listnr, res); |
1088 | audit_log_end(ab); | 1086 | audit_log_end(ab); |
1089 | } | 1087 | } |
@@ -1147,7 +1145,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data, | |||
1147 | return PTR_ERR(entry); | 1145 | return PTR_ERR(entry); |
1148 | 1146 | ||
1149 | err = audit_add_rule(entry); | 1147 | err = audit_add_rule(entry); |
1150 | audit_log_rule_change(loginuid, sessionid, sid, "add", | 1148 | audit_log_rule_change(loginuid, sessionid, sid, "add rule", |
1151 | &entry->rule, !err); | 1149 | &entry->rule, !err); |
1152 | 1150 | ||
1153 | if (err) | 1151 | if (err) |
@@ -1163,7 +1161,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data, | |||
1163 | return PTR_ERR(entry); | 1161 | return PTR_ERR(entry); |
1164 | 1162 | ||
1165 | err = audit_del_rule(entry); | 1163 | err = audit_del_rule(entry); |
1166 | audit_log_rule_change(loginuid, sessionid, sid, "remove", | 1164 | audit_log_rule_change(loginuid, sessionid, sid, "remove rule", |
1167 | &entry->rule, !err); | 1165 | &entry->rule, !err); |
1168 | 1166 | ||
1169 | audit_free_rule(entry); | 1167 | audit_free_rule(entry); |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 0b862cac6ca2..2de95d1582bc 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -1137,7 +1137,7 @@ static int audit_log_single_execve_arg(struct audit_context *context, | |||
1137 | if (has_cntl) | 1137 | if (has_cntl) |
1138 | audit_log_n_hex(*ab, buf, to_send); | 1138 | audit_log_n_hex(*ab, buf, to_send); |
1139 | else | 1139 | else |
1140 | audit_log_format(*ab, "\"%s\"", buf); | 1140 | audit_log_string(*ab, buf); |
1141 | 1141 | ||
1142 | p += to_send; | 1142 | p += to_send; |
1143 | len_left -= to_send; | 1143 | len_left -= to_send; |
@@ -1372,11 +1372,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
1372 | 1372 | ||
1373 | 1373 | ||
1374 | audit_log_task_info(ab, tsk); | 1374 | audit_log_task_info(ab, tsk); |
1375 | if (context->filterkey) { | 1375 | audit_log_key(ab, context->filterkey); |
1376 | audit_log_format(ab, " key="); | ||
1377 | audit_log_untrustedstring(ab, context->filterkey); | ||
1378 | } else | ||
1379 | audit_log_format(ab, " key=(null)"); | ||
1380 | audit_log_end(ab); | 1376 | audit_log_end(ab); |
1381 | 1377 | ||
1382 | for (aux = context->aux; aux; aux = aux->next) { | 1378 | for (aux = context->aux; aux; aux = aux->next) { |