diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2008-12-14 04:57:47 -0500 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2009-01-04 15:14:41 -0500 |
| commit | 157cf649a735a2f7e8dba0ed08e6e38b6c30d886 (patch) | |
| tree | 85895367c24023d363d5ee7b5ed2fb16eaf08721 | |
| parent | 564f6993ffef656aebaf46cf2f1f6cb4f5c97207 (diff) | |
sanitize audit_fd_pair()
* no allocations
* return void
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
| -rw-r--r-- | fs/pipe.c | 7 | ||||
| -rw-r--r-- | include/linux/audit.h | 9 | ||||
| -rw-r--r-- | kernel/auditsc.c | 44 | ||||
| -rw-r--r-- | net/socket.c | 9 |
4 files changed, 20 insertions, 49 deletions
| @@ -1016,10 +1016,7 @@ int do_pipe_flags(int *fd, int flags) | |||
| 1016 | goto err_fdr; | 1016 | goto err_fdr; |
| 1017 | fdw = error; | 1017 | fdw = error; |
| 1018 | 1018 | ||
| 1019 | error = audit_fd_pair(fdr, fdw); | 1019 | audit_fd_pair(fdr, fdw); |
| 1020 | if (error < 0) | ||
| 1021 | goto err_fdw; | ||
| 1022 | |||
| 1023 | fd_install(fdr, fr); | 1020 | fd_install(fdr, fr); |
| 1024 | fd_install(fdw, fw); | 1021 | fd_install(fdw, fw); |
| 1025 | fd[0] = fdr; | 1022 | fd[0] = fdr; |
| @@ -1027,8 +1024,6 @@ int do_pipe_flags(int *fd, int flags) | |||
| 1027 | 1024 | ||
| 1028 | return 0; | 1025 | return 0; |
| 1029 | 1026 | ||
| 1030 | err_fdw: | ||
| 1031 | put_unused_fd(fdw); | ||
| 1032 | err_fdr: | 1027 | err_fdr: |
| 1033 | put_unused_fd(fdr); | 1028 | put_unused_fd(fdr); |
| 1034 | err_read_pipe: | 1029 | err_read_pipe: |
diff --git a/include/linux/audit.h b/include/linux/audit.h index 54978bdd2bd4..bd59cd1e3219 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -448,7 +448,7 @@ extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mod | |||
| 448 | extern int audit_bprm(struct linux_binprm *bprm); | 448 | extern int audit_bprm(struct linux_binprm *bprm); |
| 449 | extern void audit_socketcall(int nargs, unsigned long *args); | 449 | extern void audit_socketcall(int nargs, unsigned long *args); |
| 450 | extern int audit_sockaddr(int len, void *addr); | 450 | extern int audit_sockaddr(int len, void *addr); |
| 451 | extern int __audit_fd_pair(int fd1, int fd2); | 451 | extern void __audit_fd_pair(int fd1, int fd2); |
| 452 | extern int audit_set_macxattr(const char *name); | 452 | extern int audit_set_macxattr(const char *name); |
| 453 | extern void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr); | 453 | extern void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr); |
| 454 | extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec *abs_timeout); | 454 | extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec *abs_timeout); |
| @@ -464,11 +464,10 @@ static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) | |||
| 464 | if (unlikely(!audit_dummy_context())) | 464 | if (unlikely(!audit_dummy_context())) |
| 465 | __audit_ipc_obj(ipcp); | 465 | __audit_ipc_obj(ipcp); |
| 466 | } | 466 | } |
| 467 | static inline int audit_fd_pair(int fd1, int fd2) | 467 | static inline void audit_fd_pair(int fd1, int fd2) |
| 468 | { | 468 | { |
| 469 | if (unlikely(!audit_dummy_context())) | 469 | if (unlikely(!audit_dummy_context())) |
| 470 | return __audit_fd_pair(fd1, fd2); | 470 | __audit_fd_pair(fd1, fd2); |
| 471 | return 0; | ||
| 472 | } | 471 | } |
| 473 | static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) | 472 | static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) |
| 474 | { | 473 | { |
| @@ -537,7 +536,7 @@ extern int audit_signals; | |||
| 537 | #define audit_ipc_set_perm(q,u,g,m) ((void)0) | 536 | #define audit_ipc_set_perm(q,u,g,m) ((void)0) |
| 538 | #define audit_bprm(p) ({ 0; }) | 537 | #define audit_bprm(p) ({ 0; }) |
| 539 | #define audit_socketcall(n,a) ((void)0) | 538 | #define audit_socketcall(n,a) ((void)0) |
| 540 | #define audit_fd_pair(n,a) ({ 0; }) | 539 | #define audit_fd_pair(n,a) ((void)0) |
| 541 | #define audit_sockaddr(len, addr) ({ 0; }) | 540 | #define audit_sockaddr(len, addr) ({ 0; }) |
| 542 | #define audit_set_macxattr(n) do { ; } while (0) | 541 | #define audit_set_macxattr(n) do { ; } while (0) |
| 543 | #define audit_mq_open(o,m,a) ((void)0) | 542 | #define audit_mq_open(o,m,a) ((void)0) |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 83e946f1cdde..327e65d50674 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -131,11 +131,6 @@ struct audit_aux_data_execve { | |||
| 131 | struct mm_struct *mm; | 131 | struct mm_struct *mm; |
| 132 | }; | 132 | }; |
| 133 | 133 | ||
| 134 | struct audit_aux_data_fd_pair { | ||
| 135 | struct audit_aux_data d; | ||
| 136 | int fd[2]; | ||
| 137 | }; | ||
| 138 | |||
| 139 | struct audit_aux_data_pids { | 134 | struct audit_aux_data_pids { |
| 140 | struct audit_aux_data d; | 135 | struct audit_aux_data d; |
| 141 | pid_t target_pid[AUDIT_AUX_PIDS]; | 136 | pid_t target_pid[AUDIT_AUX_PIDS]; |
| @@ -241,6 +236,7 @@ struct audit_context { | |||
| 241 | struct mq_attr attr; | 236 | struct mq_attr attr; |
| 242 | } mq_open; | 237 | } mq_open; |
| 243 | }; | 238 | }; |
| 239 | int fds[2]; | ||
| 244 | 240 | ||
| 245 | #if AUDIT_DEBUG | 241 | #if AUDIT_DEBUG |
| 246 | int put_count; | 242 | int put_count; |
| @@ -1382,11 +1378,6 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
| 1382 | audit_log_execve_info(context, &ab, axi); | 1378 | audit_log_execve_info(context, &ab, axi); |
| 1383 | break; } | 1379 | break; } |
| 1384 | 1380 | ||
| 1385 | case AUDIT_FD_PAIR: { | ||
| 1386 | struct audit_aux_data_fd_pair *axs = (void *)aux; | ||
| 1387 | audit_log_format(ab, "fd0=%d fd1=%d", axs->fd[0], axs->fd[1]); | ||
| 1388 | break; } | ||
| 1389 | |||
| 1390 | case AUDIT_BPRM_FCAPS: { | 1381 | case AUDIT_BPRM_FCAPS: { |
| 1391 | struct audit_aux_data_bprm_fcaps *axs = (void *)aux; | 1382 | struct audit_aux_data_bprm_fcaps *axs = (void *)aux; |
| 1392 | audit_log_format(ab, "fver=%x", axs->fcap_ver); | 1383 | audit_log_format(ab, "fver=%x", axs->fcap_ver); |
| @@ -1416,6 +1407,15 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
| 1416 | if (context->type) | 1407 | if (context->type) |
| 1417 | show_special(context, &call_panic); | 1408 | show_special(context, &call_panic); |
| 1418 | 1409 | ||
| 1410 | if (context->fds[0] >= 0) { | ||
| 1411 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_FD_PAIR); | ||
| 1412 | if (ab) { | ||
| 1413 | audit_log_format(ab, "fd0=%d fd1=%d", | ||
| 1414 | context->fds[0], context->fds[1]); | ||
| 1415 | audit_log_end(ab); | ||
| 1416 | } | ||
| 1417 | } | ||
| 1418 | |||
| 1419 | if (context->sockaddr_len) { | 1419 | if (context->sockaddr_len) { |
| 1420 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_SOCKADDR); | 1420 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_SOCKADDR); |
| 1421 | if (ab) { | 1421 | if (ab) { |
| @@ -1696,6 +1696,7 @@ void audit_syscall_exit(int valid, long return_code) | |||
| 1696 | context->target_sid = 0; | 1696 | context->target_sid = 0; |
| 1697 | context->sockaddr_len = 0; | 1697 | context->sockaddr_len = 0; |
| 1698 | context->type = 0; | 1698 | context->type = 0; |
| 1699 | context->fds[0] = -1; | ||
| 1699 | kfree(context->filterkey); | 1700 | kfree(context->filterkey); |
| 1700 | context->filterkey = NULL; | 1701 | context->filterkey = NULL; |
| 1701 | tsk->audit_context = context; | 1702 | tsk->audit_context = context; |
| @@ -2291,29 +2292,12 @@ void audit_socketcall(int nargs, unsigned long *args) | |||
| 2291 | * @fd1: the first file descriptor | 2292 | * @fd1: the first file descriptor |
| 2292 | * @fd2: the second file descriptor | 2293 | * @fd2: the second file descriptor |
| 2293 | * | 2294 | * |
| 2294 | * Returns 0 for success or NULL context or < 0 on error. | ||
| 2295 | */ | 2295 | */ |
| 2296 | int __audit_fd_pair(int fd1, int fd2) | 2296 | void __audit_fd_pair(int fd1, int fd2) |
| 2297 | { | 2297 | { |
| 2298 | struct audit_context *context = current->audit_context; | 2298 | struct audit_context *context = current->audit_context; |
| 2299 | struct audit_aux_data_fd_pair *ax; | 2299 | context->fds[0] = fd1; |
| 2300 | 2300 | context->fds[1] = fd2; | |
| 2301 | if (likely(!context)) { | ||
| 2302 | return 0; | ||
| 2303 | } | ||
| 2304 | |||
| 2305 | ax = kmalloc(sizeof(*ax), GFP_KERNEL); | ||
| 2306 | if (!ax) { | ||
| 2307 | return -ENOMEM; | ||
| 2308 | } | ||
| 2309 | |||
| 2310 | ax->fd[0] = fd1; | ||
| 2311 | ax->fd[1] = fd2; | ||
| 2312 | |||
| 2313 | ax->d.type = AUDIT_FD_PAIR; | ||
| 2314 | ax->d.next = context->aux; | ||
| 2315 | context->aux = (void *)ax; | ||
| 2316 | return 0; | ||
| 2317 | } | 2301 | } |
| 2318 | 2302 | ||
| 2319 | /** | 2303 | /** |
diff --git a/net/socket.c b/net/socket.c index b41a92093e40..06603d73c411 100644 --- a/net/socket.c +++ b/net/socket.c | |||
| @@ -1313,13 +1313,7 @@ asmlinkage long sys_socketpair(int family, int type, int protocol, | |||
| 1313 | goto out_fd1; | 1313 | goto out_fd1; |
| 1314 | } | 1314 | } |
| 1315 | 1315 | ||
| 1316 | err = audit_fd_pair(fd1, fd2); | 1316 | audit_fd_pair(fd1, fd2); |
| 1317 | if (err < 0) { | ||
| 1318 | fput(newfile1); | ||
| 1319 | fput(newfile2); | ||
| 1320 | goto out_fd; | ||
| 1321 | } | ||
| 1322 | |||
| 1323 | fd_install(fd1, newfile1); | 1317 | fd_install(fd1, newfile1); |
| 1324 | fd_install(fd2, newfile2); | 1318 | fd_install(fd2, newfile2); |
| 1325 | /* fd1 and fd2 may be already another descriptors. | 1319 | /* fd1 and fd2 may be already another descriptors. |
| @@ -1349,7 +1343,6 @@ out_fd2: | |||
| 1349 | out_fd1: | 1343 | out_fd1: |
| 1350 | put_filp(newfile2); | 1344 | put_filp(newfile2); |
| 1351 | sock_release(sock2); | 1345 | sock_release(sock2); |
| 1352 | out_fd: | ||
| 1353 | put_unused_fd(fd1); | 1346 | put_unused_fd(fd1); |
| 1354 | put_unused_fd(fd2); | 1347 | put_unused_fd(fd2); |
| 1355 | goto out; | 1348 | goto out; |