diff options
| author | Jeff Layton <jlayton@redhat.com> | 2012-10-10 15:25:23 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-10-12 00:32:01 -0400 |
| commit | bfcec7087458812f575d9022b2d151641f34ee84 (patch) | |
| tree | 6c0f7dd3b016992da8d113ceeaae404c6abc03a1 /include/linux/audit.h | |
| parent | 78e2e802a8519031e5858595070b39713e26340d (diff) | |
audit: set the name_len in audit_inode for parent lookups
Currently, this gets set mostly by happenstance when we call into
audit_inode_child. While that might be a little more efficient, it seems
wrong. If the syscall ends up failing before audit_inode_child ever gets
called, then you'll have an audit_names record that shows the full path
but has the parent inode info attached.
Fix this by passing in a parent flag when we call audit_inode that gets
set to the value of LOOKUP_PARENT. We can then fix up the pathname for
the audit entry correctly from the get-go.
While we're at it, clean up the no-op macro for audit_inode in the
!CONFIG_AUDITSYSCALL case.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux/audit.h')
| -rw-r--r-- | include/linux/audit.h | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 26408934ef2d..b11f517dce04 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -456,6 +456,7 @@ extern int audit_classify_arch(int arch); | |||
| 456 | /* audit_names->type values */ | 456 | /* audit_names->type values */ |
| 457 | #define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */ | 457 | #define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */ |
| 458 | #define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */ | 458 | #define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */ |
| 459 | #define AUDIT_TYPE_PARENT 2 /* a parent audit record */ | ||
| 459 | 460 | ||
| 460 | #ifdef CONFIG_AUDITSYSCALL | 461 | #ifdef CONFIG_AUDITSYSCALL |
| 461 | /* These are defined in auditsc.c */ | 462 | /* These are defined in auditsc.c */ |
| @@ -468,7 +469,8 @@ extern void __audit_syscall_entry(int arch, | |||
| 468 | extern void __audit_syscall_exit(int ret_success, long ret_value); | 469 | extern void __audit_syscall_exit(int ret_success, long ret_value); |
| 469 | extern void __audit_getname(const char *name); | 470 | extern void __audit_getname(const char *name); |
| 470 | extern void audit_putname(const char *name); | 471 | extern void audit_putname(const char *name); |
| 471 | extern void __audit_inode(const char *name, const struct dentry *dentry); | 472 | extern void __audit_inode(const char *name, const struct dentry *dentry, |
| 473 | unsigned int parent); | ||
| 472 | extern void __audit_inode_child(const struct inode *parent, | 474 | extern void __audit_inode_child(const struct inode *parent, |
| 473 | const struct dentry *dentry); | 475 | const struct dentry *dentry); |
| 474 | extern void __audit_seccomp(unsigned long syscall, long signr, int code); | 476 | extern void __audit_seccomp(unsigned long syscall, long signr, int code); |
| @@ -505,9 +507,10 @@ static inline void audit_getname(const char *name) | |||
| 505 | if (unlikely(!audit_dummy_context())) | 507 | if (unlikely(!audit_dummy_context())) |
| 506 | __audit_getname(name); | 508 | __audit_getname(name); |
| 507 | } | 509 | } |
| 508 | static inline void audit_inode(const char *name, const struct dentry *dentry) { | 510 | static inline void audit_inode(const char *name, const struct dentry *dentry, |
| 511 | unsigned int parent) { | ||
| 509 | if (unlikely(!audit_dummy_context())) | 512 | if (unlikely(!audit_dummy_context())) |
| 510 | __audit_inode(name, dentry); | 513 | __audit_inode(name, dentry, parent); |
| 511 | } | 514 | } |
| 512 | static inline void audit_inode_child(const struct inode *parent, | 515 | static inline void audit_inode_child(const struct inode *parent, |
| 513 | const struct dentry *dentry) { | 516 | const struct dentry *dentry) { |
| @@ -660,12 +663,14 @@ static inline void audit_getname(const char *name) | |||
| 660 | { } | 663 | { } |
| 661 | static inline void audit_putname(const char *name) | 664 | static inline void audit_putname(const char *name) |
| 662 | { } | 665 | { } |
| 663 | static inline void __audit_inode(const char *name, const struct dentry *dentry) | 666 | static inline void __audit_inode(const char *name, const struct dentry *dentry, |
| 667 | unsigned int parent) | ||
| 664 | { } | 668 | { } |
| 665 | static inline void __audit_inode_child(const struct inode *parent, | 669 | static inline void __audit_inode_child(const struct inode *parent, |
| 666 | const struct dentry *dentry) | 670 | const struct dentry *dentry) |
| 667 | { } | 671 | { } |
| 668 | static inline void audit_inode(const char *name, const struct dentry *dentry) | 672 | static inline void audit_inode(const char *name, const struct dentry *dentry, |
| 673 | unsigned int parent) | ||
| 669 | { } | 674 | { } |
| 670 | static inline void audit_inode_child(const struct inode *parent, | 675 | static inline void audit_inode_child(const struct inode *parent, |
| 671 | const struct dentry *dentry) | 676 | const struct dentry *dentry) |