diff options
| author | Linda Knippers <linda.knippers@hp.com> | 2006-05-16 22:03:48 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-06-20 05:25:24 -0400 |
| commit | ac03221a4fdda9bfdabf99bcd129847f20fc1d80 (patch) | |
| tree | 9b65ede238b03007bfe5e25f46efca68ec0994e0 /ipc/msg.c | |
| parent | 5d136a010de3bc16fe595987feb9ef8868f064c2 (diff) | |
[PATCH] update of IPC audit record cleanup
The following patch addresses most of the issues with the IPC_SET_PERM
records as described in:
https://www.redhat.com/archives/linux-audit/2006-May/msg00010.html
and addresses the comments I received on the record field names.
To summarize, I made the following changes:
1. Changed sys_msgctl() and semctl_down() so that an IPC_SET_PERM
record is emitted in the failure case as well as the success case.
This matches the behavior in sys_shmctl(). I could simplify the
code in sys_msgctl() and semctl_down() slightly but it would mean
that in some error cases we could get an IPC_SET_PERM record
without an IPC record and that seemed odd.
2. No change to the IPC record type, given no feedback on the backward
compatibility question.
3. Removed the qbytes field from the IPC record. It wasn't being
set and when audit_ipc_obj() is called from ipcperms(), the
information isn't available. If we want the information in the IPC
record, more extensive changes will be necessary. Since it only
applies to message queues and it isn't really permission related, it
doesn't seem worth it.
4. Removed the obj field from the IPC_SET_PERM record. This means that
the kern_ipc_perm argument is no longer needed.
5. Removed the spaces and renamed the IPC_SET_PERM field names. Replaced iuid and
igid fields with ouid and ogid in the IPC record.
I tested this with the lspp.22 kernel on an x86_64 box. I believe it
applies cleanly on the latest kernel.
-- ljk
Signed-off-by: Linda Knippers <linda.knippers@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'ipc/msg.c')
| -rw-r--r-- | ipc/msg.c | 9 |
1 files changed, 5 insertions, 4 deletions
| @@ -454,6 +454,11 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 454 | err = audit_ipc_obj(ipcp); | 454 | err = audit_ipc_obj(ipcp); |
| 455 | if (err) | 455 | if (err) |
| 456 | goto out_unlock_up; | 456 | goto out_unlock_up; |
| 457 | if (cmd==IPC_SET) { | ||
| 458 | err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode); | ||
| 459 | if (err) | ||
| 460 | goto out_unlock_up; | ||
| 461 | } | ||
| 457 | 462 | ||
| 458 | err = -EPERM; | 463 | err = -EPERM; |
| 459 | if (current->euid != ipcp->cuid && | 464 | if (current->euid != ipcp->cuid && |
| @@ -468,10 +473,6 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 468 | switch (cmd) { | 473 | switch (cmd) { |
| 469 | case IPC_SET: | 474 | case IPC_SET: |
| 470 | { | 475 | { |
| 471 | err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode, ipcp); | ||
| 472 | if (err) | ||
| 473 | goto out_unlock_up; | ||
| 474 | |||
| 475 | err = -EPERM; | 476 | err = -EPERM; |
| 476 | if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE)) | 477 | if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE)) |
| 477 | goto out_unlock_up; | 478 | goto out_unlock_up; |