diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-08-01 14:23:09 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-08-01 14:23:09 -0400 |
| commit | a8086ad803fc4d251edb9a49838bf99c7fdfb44f (patch) | |
| tree | f87bb86fa10a244c9cee7b83be93b9e8e115305a | |
| parent | b2bbf43e60073f70a3c8663513710fa8d03a33f8 (diff) | |
| parent | 20c6aaa39ab735c7ed78e4e5a214d250efae0a6e (diff) | |
Merge branch 'audit.b54' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b54' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[PATCH] Fix the bug of using AUDIT_STATUS_RATE_LIMIT when set fail, no error output.
[PATCH] Fix the kernel panic of audit_filter_task when key field is set
Re: [PATCH] the loginuid field should be output in all AUDIT_CONFIG_CHANGE audit messages
kernel/audit.c control character detection is off-by-one
[PATCH] Audit: Collect signal info when SIGUSR2 is sent to auditd
| -rw-r--r-- | kernel/audit.c | 13 | ||||
| -rw-r--r-- | kernel/auditfilter.c | 10 | ||||
| -rw-r--r-- | kernel/auditsc.c | 4 |
3 files changed, 19 insertions, 8 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index e092f1c0ce30..4414e93d8750 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -707,12 +707,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 707 | if (status_get->mask & AUDIT_STATUS_ENABLED) { | 707 | if (status_get->mask & AUDIT_STATUS_ENABLED) { |
| 708 | err = audit_set_enabled(status_get->enabled, | 708 | err = audit_set_enabled(status_get->enabled, |
| 709 | loginuid, sessionid, sid); | 709 | loginuid, sessionid, sid); |
| 710 | if (err < 0) return err; | 710 | if (err < 0) |
| 711 | return err; | ||
| 711 | } | 712 | } |
| 712 | if (status_get->mask & AUDIT_STATUS_FAILURE) { | 713 | if (status_get->mask & AUDIT_STATUS_FAILURE) { |
| 713 | err = audit_set_failure(status_get->failure, | 714 | err = audit_set_failure(status_get->failure, |
| 714 | loginuid, sessionid, sid); | 715 | loginuid, sessionid, sid); |
| 715 | if (err < 0) return err; | 716 | if (err < 0) |
| 717 | return err; | ||
| 716 | } | 718 | } |
| 717 | if (status_get->mask & AUDIT_STATUS_PID) { | 719 | if (status_get->mask & AUDIT_STATUS_PID) { |
| 718 | int new_pid = status_get->pid; | 720 | int new_pid = status_get->pid; |
| @@ -725,9 +727,12 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 725 | audit_pid = new_pid; | 727 | audit_pid = new_pid; |
| 726 | audit_nlk_pid = NETLINK_CB(skb).pid; | 728 | audit_nlk_pid = NETLINK_CB(skb).pid; |
| 727 | } | 729 | } |
| 728 | if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) | 730 | if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) { |
| 729 | err = audit_set_rate_limit(status_get->rate_limit, | 731 | err = audit_set_rate_limit(status_get->rate_limit, |
| 730 | loginuid, sessionid, sid); | 732 | loginuid, sessionid, sid); |
| 733 | if (err < 0) | ||
| 734 | return err; | ||
| 735 | } | ||
| 731 | if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) | 736 | if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) |
| 732 | err = audit_set_backlog_limit(status_get->backlog_limit, | 737 | err = audit_set_backlog_limit(status_get->backlog_limit, |
| 733 | loginuid, sessionid, sid); | 738 | loginuid, sessionid, sid); |
| @@ -1366,7 +1371,7 @@ int audit_string_contains_control(const char *string, size_t len) | |||
| 1366 | { | 1371 | { |
| 1367 | const unsigned char *p; | 1372 | const unsigned char *p; |
| 1368 | for (p = string; p < (const unsigned char *)string + len && *p; p++) { | 1373 | for (p = string; p < (const unsigned char *)string + len && *p; p++) { |
| 1369 | if (*p == '"' || *p < 0x21 || *p > 0x7f) | 1374 | if (*p == '"' || *p < 0x21 || *p > 0x7e) |
| 1370 | return 1; | 1375 | return 1; |
| 1371 | } | 1376 | } |
| 1372 | return 0; | 1377 | return 0; |
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 98c50cc671bb..b7d354e2b0ef 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -1022,8 +1022,11 @@ static void audit_update_watch(struct audit_parent *parent, | |||
| 1022 | struct audit_buffer *ab; | 1022 | struct audit_buffer *ab; |
| 1023 | ab = audit_log_start(NULL, GFP_KERNEL, | 1023 | ab = audit_log_start(NULL, GFP_KERNEL, |
| 1024 | AUDIT_CONFIG_CHANGE); | 1024 | AUDIT_CONFIG_CHANGE); |
| 1025 | audit_log_format(ab, "auid=%u ses=%u", | ||
| 1026 | audit_get_loginuid(current), | ||
| 1027 | audit_get_sessionid(current)); | ||
| 1025 | audit_log_format(ab, | 1028 | audit_log_format(ab, |
| 1026 | "op=updated rules specifying path="); | 1029 | " op=updated rules specifying path="); |
| 1027 | audit_log_untrustedstring(ab, owatch->path); | 1030 | audit_log_untrustedstring(ab, owatch->path); |
| 1028 | audit_log_format(ab, " with dev=%u ino=%lu\n", | 1031 | audit_log_format(ab, " with dev=%u ino=%lu\n", |
| 1029 | dev, ino); | 1032 | dev, ino); |
| @@ -1058,7 +1061,10 @@ static void audit_remove_parent_watches(struct audit_parent *parent) | |||
| 1058 | struct audit_buffer *ab; | 1061 | struct audit_buffer *ab; |
| 1059 | ab = audit_log_start(NULL, GFP_KERNEL, | 1062 | ab = audit_log_start(NULL, GFP_KERNEL, |
| 1060 | AUDIT_CONFIG_CHANGE); | 1063 | AUDIT_CONFIG_CHANGE); |
| 1061 | audit_log_format(ab, "op=remove rule path="); | 1064 | audit_log_format(ab, "auid=%u ses=%u", |
| 1065 | audit_get_loginuid(current), | ||
| 1066 | audit_get_sessionid(current)); | ||
| 1067 | audit_log_format(ab, " op=remove rule path="); | ||
| 1062 | audit_log_untrustedstring(ab, w->path); | 1068 | audit_log_untrustedstring(ab, w->path); |
| 1063 | if (r->filterkey) { | 1069 | if (r->filterkey) { |
| 1064 | audit_log_format(ab, " key="); | 1070 | audit_log_format(ab, " key="); |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 4699950e65bd..496c3dd37276 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -610,7 +610,7 @@ static int audit_filter_rules(struct task_struct *tsk, | |||
| 610 | if (!result) | 610 | if (!result) |
| 611 | return 0; | 611 | return 0; |
| 612 | } | 612 | } |
| 613 | if (rule->filterkey) | 613 | if (rule->filterkey && ctx) |
| 614 | ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC); | 614 | ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC); |
| 615 | switch (rule->action) { | 615 | switch (rule->action) { |
| 616 | case AUDIT_NEVER: *state = AUDIT_DISABLED; break; | 616 | case AUDIT_NEVER: *state = AUDIT_DISABLED; break; |
| @@ -2375,7 +2375,7 @@ int __audit_signal_info(int sig, struct task_struct *t) | |||
| 2375 | struct audit_context *ctx = tsk->audit_context; | 2375 | struct audit_context *ctx = tsk->audit_context; |
| 2376 | 2376 | ||
| 2377 | if (audit_pid && t->tgid == audit_pid) { | 2377 | if (audit_pid && t->tgid == audit_pid) { |
| 2378 | if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1) { | 2378 | if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) { |
| 2379 | audit_sig_pid = tsk->pid; | 2379 | audit_sig_pid = tsk->pid; |
| 2380 | if (tsk->loginuid != -1) | 2380 | if (tsk->loginuid != -1) |
| 2381 | audit_sig_uid = tsk->loginuid; | 2381 | audit_sig_uid = tsk->loginuid; |