Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current

* 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [PATCH] new predicate - AUDIT_FILETYPE [patch 2/2] Use find_task_by_vpid in audit code [patch 1/2] audit: let userspace fully control TTY input auditing [PATCH 2/2] audit: fix sparse shadowed variable warnings [PATCH 1/2] audit: move extern declarations to audit.h Audit: MAINTAINERS update Audit: increase the maximum length of the key field Audit: standardize string audit interfaces Audit: stop deadlock from signals under load Audit: save audit_backlog_limit audit messages in case auditd comes back Audit: collect sessionid in netlink messages Audit: end printk with newline
author: Linus Torvalds <torvalds@linux-foundation.org> 2008-04-29 14:41:22 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2008-04-29 14:41:22 -0400
commit: 9781db7b345b5dfe93787aaaf310c861db7c1ede (patch)
tree: d9796e29fd914ca04835636be95bbd5082a034fd /drivers/char
parent: 97094dcf5cefc8ccfdf93839f54dac2c4d316165 (diff)
parent: 8b67dca9420474623709e00d72a066068a502b20 (diff)
2 files changed, 7 insertions, 61 deletions
diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c
index 7722466e052f..6342b0534f4d 100644
--- a/drivers/char/tty_audit.c
+++ b/drivers/char/tty_audit.c
@@ -92,7 +92,7 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
                get_task_comm(name, tsk);
                audit_log_untrustedstring(ab, name);
                audit_log_format(ab, " data=");
-                audit_log_n_untrustedstring(ab, buf->valid, buf->data);
+                audit_log_n_untrustedstring(ab, buf->data, buf->valid);
                audit_log_end(ab);
        }
        buf->valid = 0;
@@ -151,14 +151,9 @@ void tty_audit_fork(struct signal_struct *sig)
 /**
 *      tty_audit_push_task     -       Flush task's pending audit data
 */
-void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)
+void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
 {
        struct tty_audit_buf *buf;
-        /* FIXME I think this is correct.  Check against netlink once that is
-         * I really need to read this code more closely.  But that's for
-         * another patch.
-         */
-        unsigned int sessionid = audit_get_sessionid(tsk);
        spin_lock_irq(&tsk->sighand->siglock);
        buf = tsk->signal->tty_audit_buf;
@@ -238,6 +233,10 @@ void tty_audit_add_data(struct tty_struct *tty, unsigned char *data,
        if (unlikely(size == 0))
                return;
+        if (tty->driver->type == TTY_DRIVER_TYPE_PTY
+            && tty->driver->subtype == PTY_TYPE_MASTER)
+                return;
        buf = tty_audit_buf_get(tty);
        if (!buf)
                return;
@@ -300,53 +299,3 @@ void tty_audit_push(struct tty_struct *tty)
                tty_audit_buf_put(buf);
        }
 }
-/**
- *      tty_audit_opening       -       A TTY is being opened.
- *
- *      As a special hack, tasks that close all their TTYs and open new ones
- *      are assumed to be system daemons (e.g. getty) and auditing is
- *      automatically disabled for them.
- */
-void tty_audit_opening(void)
-{
-        int disable;
-        disable = 1;
-        spin_lock_irq(&current->sighand->siglock);
-        if (current->signal->audit_tty == 0)
-                disable = 0;
-        spin_unlock_irq(&current->sighand->siglock);
-        if (!disable)
-                return;
-        task_lock(current);
-        if (current->files) {
-                struct fdtable *fdt;
-                unsigned i;
-                /*
-                 * We don't take a ref to the file, so we must hold ->file_lock
-                 * instead.
-                 */
-                spin_lock(&current->files->file_lock);
-                fdt = files_fdtable(current->files);
-                for (i = 0; i < fdt->max_fds; i++) {
-                        struct file *filp;
-                        filp = fcheck_files(current->files, i);
-                        if (filp && is_tty(filp)) {
-                                disable = 0;
-                                break;
-                        }
-                }
-                spin_unlock(&current->files->file_lock);
-        }
-        task_unlock(current);
-        if (!disable)
-                return;
-        spin_lock_irq(&current->sighand->siglock);
-        current->signal->audit_tty = 0;
-        spin_unlock_irq(&current->sighand->siglock);
-}
diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c
index 98b65a230994..2fa6856706ab 100644
--- a/drivers/char/tty_io.c
+++ b/drivers/char/tty_io.c
@@ -2755,7 +2755,6 @@ got_driver:
                __proc_set_tty(current, tty);
        spin_unlock_irq(&current->sighand->siglock);
        mutex_unlock(&tty_mutex);
-        tty_audit_opening();
        return 0;
 }
@@ -2818,10 +2817,8 @@ static int ptmx_open(struct inode *inode, struct file *filp)
        check_tty_count(tty, "tty_open");
        retval = ptm_driver->open(tty, filp);
-        if (!retval) {
+        if (!retval)
-                tty_audit_opening();
                return 0;
-        }
 out1:
        release_dev(filp);
        return retval;
author	Linus Torvalds <torvalds@linux-foundation.org>	2008-04-29 14:41:22 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2008-04-29 14:41:22 -0400
commit	9781db7b345b5dfe93787aaaf310c861db7c1ede (patch)
tree	d9796e29fd914ca04835636be95bbd5082a034fd /drivers/char
parent	97094dcf5cefc8ccfdf93839f54dac2c4d316165 (diff)
parent	8b67dca9420474623709e00d72a066068a502b20 (diff)

diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c index 7722466e052f..6342b0534f4d 100644 --- a/drivers/char/tty_audit.c +++ b/drivers/char/tty_audit.c
@@ -92,7 +92,7 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
92	get_task_comm(name, tsk);	92	get_task_comm(name, tsk);
93	audit_log_untrustedstring(ab, name);	93	audit_log_untrustedstring(ab, name);
94	audit_log_format(ab, " data=");	94	audit_log_format(ab, " data=");
95	audit_log_n_untrustedstring(ab, buf->valid, buf->data);	95	audit_log_n_untrustedstring(ab, buf->data, buf->valid);
96	audit_log_end(ab);	96	audit_log_end(ab);
97	}	97	}
98	buf->valid = 0;	98	buf->valid = 0;
@@ -151,14 +151,9 @@ void tty_audit_fork(struct signal_struct *sig)
151	/**	151	/**
152	* tty_audit_push_task - Flush task's pending audit data	152	* tty_audit_push_task - Flush task's pending audit data
153	*/	153	*/
154	void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)	154	void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
155	{	155	{
156	struct tty_audit_buf *buf;	156	struct tty_audit_buf *buf;
157	/* FIXME I think this is correct. Check against netlink once that is
158	* I really need to read this code more closely. But that's for
159	* another patch.
160	*/
161	unsigned int sessionid = audit_get_sessionid(tsk);
162		157
163	spin_lock_irq(&tsk->sighand->siglock);	158	spin_lock_irq(&tsk->sighand->siglock);
164	buf = tsk->signal->tty_audit_buf;	159	buf = tsk->signal->tty_audit_buf;
@@ -238,6 +233,10 @@ void tty_audit_add_data(struct tty_struct tty, unsigned char data,
238	if (unlikely(size == 0))	233	if (unlikely(size == 0))
239	return;	234	return;
240		235
		236	if (tty->driver->type == TTY_DRIVER_TYPE_PTY
		237	&& tty->driver->subtype == PTY_TYPE_MASTER)
		238	return;
		239
241	buf = tty_audit_buf_get(tty);	240	buf = tty_audit_buf_get(tty);
242	if (!buf)	241	if (!buf)
243	return;	242	return;
@@ -300,53 +299,3 @@ void tty_audit_push(struct tty_struct *tty)
300	tty_audit_buf_put(buf);	299	tty_audit_buf_put(buf);
301	}	300	}
302	}	301	}
303
304	/**
305	* tty_audit_opening - A TTY is being opened.
306	*
307	* As a special hack, tasks that close all their TTYs and open new ones
308	* are assumed to be system daemons (e.g. getty) and auditing is
309	* automatically disabled for them.
310	*/
311	void tty_audit_opening(void)
312	{
313	int disable;
314
315	disable = 1;
316	spin_lock_irq(&current->sighand->siglock);
317	if (current->signal->audit_tty == 0)
318	disable = 0;
319	spin_unlock_irq(&current->sighand->siglock);
320	if (!disable)
321	return;
322
323	task_lock(current);
324	if (current->files) {
325	struct fdtable *fdt;
326	unsigned i;
327
328	/*
329	* We don't take a ref to the file, so we must hold ->file_lock
330	* instead.
331	*/
332	spin_lock(&current->files->file_lock);
333	fdt = files_fdtable(current->files);
334	for (i = 0; i < fdt->max_fds; i++) {
335	struct file *filp;
336
337	filp = fcheck_files(current->files, i);
338	if (filp && is_tty(filp)) {
339	disable = 0;
340	break;
341	}
342	}
343	spin_unlock(&current->files->file_lock);
344	}
345	task_unlock(current);
346	if (!disable)
347	return;
348
349	spin_lock_irq(&current->sighand->siglock);
350	current->signal->audit_tty = 0;
351	spin_unlock_irq(&current->sighand->siglock);
352	}


diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c index 98b65a230994..2fa6856706ab 100644 --- a/drivers/char/tty_io.c +++ b/drivers/char/tty_io.c
@@ -2755,7 +2755,6 @@ got_driver:
2755	__proc_set_tty(current, tty);	2755	__proc_set_tty(current, tty);
2756	spin_unlock_irq(&current->sighand->siglock);	2756	spin_unlock_irq(&current->sighand->siglock);
2757	mutex_unlock(&tty_mutex);	2757	mutex_unlock(&tty_mutex);
2758	tty_audit_opening();
2759	return 0;	2758	return 0;
2760	}	2759	}
2761		2760
@@ -2818,10 +2817,8 @@ static int ptmx_open(struct inode inode, struct file filp)
2818		2817
2819	check_tty_count(tty, "tty_open");	2818	check_tty_count(tty, "tty_open");
2820	retval = ptm_driver->open(tty, filp);	2819	retval = ptm_driver->open(tty, filp);
2821	if (!retval) {	2820	if (!retval)
2822	tty_audit_opening();
2823	return 0;	2821	return 0;
2824	}
2825	out1:	2822	out1:
2826	release_dev(filp);	2823	release_dev(filp);
2827	return retval;	2824	return retval;