aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-20 11:11:05 -0400
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-20 11:11:05 -0400
commitae7b961b1c943367dfe179411f120d7bf8eaba89 (patch)
treed40171c26b22295e45ad7b67923442bfb513752a
parentf7056d64ae101d910f965a2e39831f635ef7891b (diff)
AUDIT: Report lookup flags with path/inode records.
When LOOKUP_PARENT is used, the inode which results is not the inode found at the pathname. Report the flags so that this doesn't generate misleading audit records. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat
-rw-r--r--fs/namei.c2
-rw-r--r--include/linux/audit.h4
-rw-r--r--kernel/auditsc.c18
3 files changed, 14 insertions, 10 deletions
diff --git a/fs/namei.c b/fs/namei.c
index a7f7f44119b3..6e888dd10461 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1043,7 +1043,7 @@ int fastcall path_lookup(const char *name, unsigned int flags, struct nameidata
1043out: 1043out:
1044 if (unlikely(current->audit_context 1044 if (unlikely(current->audit_context
1045 && nd && nd->dentry && nd->dentry->d_inode)) 1045 && nd && nd->dentry && nd->dentry->d_inode))
1046 audit_inode(name, nd->dentry->d_inode); 1046 audit_inode(name, nd->dentry->d_inode, flags);
1047 return retval; 1047 return retval;
1048} 1048}
1049 1049
diff --git a/include/linux/audit.h b/include/linux/audit.h
index b5bda24f7365..5f812e4d01e4 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -220,7 +220,7 @@ extern void audit_syscall_entry(struct task_struct *task, int arch,
220extern void audit_syscall_exit(struct task_struct *task, int failed, long return_code); 220extern void audit_syscall_exit(struct task_struct *task, int failed, long return_code);
221extern void audit_getname(const char *name); 221extern void audit_getname(const char *name);
222extern void audit_putname(const char *name); 222extern void audit_putname(const char *name);
223extern void audit_inode(const char *name, const struct inode *inode); 223extern void audit_inode(const char *name, const struct inode *inode, unsigned flags);
224 224
225 /* Private API (for audit.c only) */ 225 /* Private API (for audit.c only) */
226extern int audit_receive_filter(int type, int pid, int uid, int seq, 226extern int audit_receive_filter(int type, int pid, int uid, int seq,
@@ -243,7 +243,7 @@ extern int audit_filter_user(struct task_struct *tsk, int type);
243#define audit_syscall_exit(t,f,r) do { ; } while (0) 243#define audit_syscall_exit(t,f,r) do { ; } while (0)
244#define audit_getname(n) do { ; } while (0) 244#define audit_getname(n) do { ; } while (0)
245#define audit_putname(n) do { ; } while (0) 245#define audit_putname(n) do { ; } while (0)
246#define audit_inode(n,i) do { ; } while (0) 246#define audit_inode(n,i,f) do { ; } while (0)
247#define audit_receive_filter(t,p,u,s,d,l) ({ -EOPNOTSUPP; }) 247#define audit_receive_filter(t,p,u,s,d,l) ({ -EOPNOTSUPP; })
248#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) 248#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
249#define audit_get_loginuid(c) ({ -1; }) 249#define audit_get_loginuid(c) ({ -1; })
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 48a39579c45c..031f979019d1 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -95,6 +95,7 @@ struct audit_names {
95 uid_t uid; 95 uid_t uid;
96 gid_t gid; 96 gid_t gid;
97 dev_t rdev; 97 dev_t rdev;
98 unsigned flags;
98}; 99};
99 100
100struct audit_aux_data { 101struct audit_aux_data {
@@ -792,6 +793,8 @@ static void audit_log_exit(struct audit_context *context)
792 audit_log_format(ab, " name="); 793 audit_log_format(ab, " name=");
793 audit_log_untrustedstring(ab, context->names[i].name); 794 audit_log_untrustedstring(ab, context->names[i].name);
794 } 795 }
796 audit_log_format(ab, " flags=%x\n", context->names[i].flags);
797
795 if (context->names[i].ino != (unsigned long)-1) 798 if (context->names[i].ino != (unsigned long)-1)
796 audit_log_format(ab, " inode=%lu dev=%02x:%02x mode=%#o" 799 audit_log_format(ab, " inode=%lu dev=%02x:%02x mode=%#o"
797 " ouid=%u ogid=%u rdev=%02x:%02x", 800 " ouid=%u ogid=%u rdev=%02x:%02x",
@@ -1018,7 +1021,7 @@ void audit_putname(const char *name)
1018 1021
1019/* Store the inode and device from a lookup. Called from 1022/* Store the inode and device from a lookup. Called from
1020 * fs/namei.c:path_lookup(). */ 1023 * fs/namei.c:path_lookup(). */
1021void audit_inode(const char *name, const struct inode *inode) 1024void audit_inode(const char *name, const struct inode *inode, unsigned flags)
1022{ 1025{
1023 int idx; 1026 int idx;
1024 struct audit_context *context = current->audit_context; 1027 struct audit_context *context = current->audit_context;
@@ -1044,12 +1047,13 @@ void audit_inode(const char *name, const struct inode *inode)
1044 ++context->ino_count; 1047 ++context->ino_count;
1045#endif 1048#endif
1046 } 1049 }
1047 context->names[idx].ino = inode->i_ino; 1050 context->names[idx].flags = flags;
1048 context->names[idx].dev = inode->i_sb->s_dev; 1051 context->names[idx].ino = inode->i_ino;
1049 context->names[idx].mode = inode->i_mode; 1052 context->names[idx].dev = inode->i_sb->s_dev;
1050 context->names[idx].uid = inode->i_uid; 1053 context->names[idx].mode = inode->i_mode;
1051 context->names[idx].gid = inode->i_gid; 1054 context->names[idx].uid = inode->i_uid;
1052 context->names[idx].rdev = inode->i_rdev; 1055 context->names[idx].gid = inode->i_gid;
1056 context->names[idx].rdev = inode->i_rdev;
1053} 1057}
1054 1058
1055void auditsc_get_stamp(struct audit_context *ctx, 1059void auditsc_get_stamp(struct audit_context *ctx,
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-11 01:01:53 -0500