diff options
author | Richard Guy Briggs <rgb@redhat.com> | 2014-08-21 13:40:41 -0400 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2014-09-23 16:37:54 -0400 |
commit | 54e05eddbe507d54f1df18c2680d4f614af9e133 (patch) | |
tree | 05a954d24f606dba272ca0a2e9da43e4117feaba | |
parent | 219ca39427bf6c46c4e1473493e33bc00635e99b (diff) |
audit: set nlmsg_len for multicast messages.
Report:
Looking at your example code in
http://people.redhat.com/rbriggs/audit-multicast-listen/audit-multicast-listen.c,
it seems that nlmsg_len field in the received messages is supposed to
contain the length of the header + payload, but it is always set to the
size of the header only, i.e. 16. The example program works, because
the printf format specifies the minimum width, not "precision", so it
simply prints out the payload until the first zero byte. This isn't too
much of a problem, but precludes the use of recvmmsg, iiuc?
(gdb) p *(struct nlmsghdr*)nlh
$14 = {nlmsg_len = 16, nlmsg_type = 1100, nlmsg_flags = 0, nlmsg_seq = 0, nlmsg_pid = 9910}
The only time nlmsg_len would have been updated was at audit_buffer_alloc()
inside audit_log_start() and never updated after. It should arguably be done
in audit_log_vformat(), but would be more efficient in audit_log_end().
Reported-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
-rw-r--r-- | kernel/audit.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 7aef7cbd7bcf..d20f00ff7bb5 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
@@ -1949,6 +1949,7 @@ void audit_log_end(struct audit_buffer *ab) | |||
1949 | } else { | 1949 | } else { |
1950 | struct nlmsghdr *nlh = nlmsg_hdr(ab->skb); | 1950 | struct nlmsghdr *nlh = nlmsg_hdr(ab->skb); |
1951 | 1951 | ||
1952 | nlh->nlmsg_len = ab->skb->len; | ||
1952 | kauditd_send_multicast_skb(ab->skb); | 1953 | kauditd_send_multicast_skb(ab->skb); |
1953 | 1954 | ||
1954 | /* | 1955 | /* |
@@ -1960,7 +1961,7 @@ void audit_log_end(struct audit_buffer *ab) | |||
1960 | * protocol between the kaudit kernel subsystem and the auditd | 1961 | * protocol between the kaudit kernel subsystem and the auditd |
1961 | * userspace code. | 1962 | * userspace code. |
1962 | */ | 1963 | */ |
1963 | nlh->nlmsg_len = ab->skb->len - NLMSG_HDRLEN; | 1964 | nlh->nlmsg_len -= NLMSG_HDRLEN; |
1964 | 1965 | ||
1965 | if (audit_pid) { | 1966 | if (audit_pid) { |
1966 | skb_queue_tail(&audit_skb_queue, ab->skb); | 1967 | skb_queue_tail(&audit_skb_queue, ab->skb); |