aboutsummaryrefslogtreecommitdiffstats
path: root/ipc
diff options
context:
space:
mode:
authorGeorge C. Wilson <ltcgcw@us.ibm.com>2006-05-24 17:09:55 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2006-06-20 05:25:26 -0400
commit20ca73bc792be9625af184cbec36e1372611d1c3 (patch)
tree98a1232ad3c9baa14676b2b48fab79a3df4a20b0 /ipc
parent8ba8e0fbe6321961f6ba04e2fd7215b37d935c83 (diff)
[PATCH] Audit of POSIX Message Queue Syscalls v.2
This patch adds audit support to POSIX message queues. It applies cleanly to the lspp.b15 branch of Al Viro's git tree. There are new auxiliary data structures, and collection and emission routines in kernel/auditsc.c. New hooks in ipc/mqueue.c collect arguments from the syscalls. I tested the patch by building the examples from the POSIX MQ library tarball. Build them -lrt, not against the old MQ library in the tarball. Here's the URL: http://www.geocities.com/wronski12/posix_ipc/libmqueue-4.41.tar.gz Do auditctl -a exit,always -S for mq_open, mq_timedsend, mq_timedreceive, mq_notify, mq_getsetattr. mq_unlink has no new hooks. Please see the corresponding userspace patch to get correct output from auditd for the new record types. [fixes folded] Signed-off-by: George Wilson <ltcgcw@us.ibm.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'ipc')
-rw-r--r--ipc/mqueue.c22
1 files changed, 22 insertions, 0 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 41ecbd440fed..1511714a9585 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -8,6 +8,8 @@
8 * Lockless receive & send, fd based notify: 8 * Lockless receive & send, fd based notify:
9 * Manfred Spraul (manfred@colorfullife.com) 9 * Manfred Spraul (manfred@colorfullife.com)
10 * 10 *
11 * Audit: George Wilson (ltcgcw@us.ibm.com)
12 *
11 * This file is released under the GPL. 13 * This file is released under the GPL.
12 */ 14 */
13 15
@@ -24,6 +26,7 @@
24#include <linux/skbuff.h> 26#include <linux/skbuff.h>
25#include <linux/netlink.h> 27#include <linux/netlink.h>
26#include <linux/syscalls.h> 28#include <linux/syscalls.h>
29#include <linux/audit.h>
27#include <linux/signal.h> 30#include <linux/signal.h>
28#include <linux/mutex.h> 31#include <linux/mutex.h>
29 32
@@ -657,6 +660,10 @@ asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
657 char *name; 660 char *name;
658 int fd, error; 661 int fd, error;
659 662
663 error = audit_mq_open(oflag, mode, u_attr);
664 if (error != 0)
665 return error;
666
660 if (IS_ERR(name = getname(u_name))) 667 if (IS_ERR(name = getname(u_name)))
661 return PTR_ERR(name); 668 return PTR_ERR(name);
662 669
@@ -814,6 +821,10 @@ asmlinkage long sys_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr,
814 long timeout; 821 long timeout;
815 int ret; 822 int ret;
816 823
824 ret = audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout);
825 if (ret != 0)
826 return ret;
827
817 if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX)) 828 if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX))
818 return -EINVAL; 829 return -EINVAL;
819 830
@@ -896,6 +907,10 @@ asmlinkage ssize_t sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr,
896 struct mqueue_inode_info *info; 907 struct mqueue_inode_info *info;
897 struct ext_wait_queue wait; 908 struct ext_wait_queue wait;
898 909
910 ret = audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout);
911 if (ret != 0)
912 return ret;
913
899 timeout = prepare_timeout(u_abs_timeout); 914 timeout = prepare_timeout(u_abs_timeout);
900 915
901 ret = -EBADF; 916 ret = -EBADF;
@@ -975,6 +990,10 @@ asmlinkage long sys_mq_notify(mqd_t mqdes,
975 struct mqueue_inode_info *info; 990 struct mqueue_inode_info *info;
976 struct sk_buff *nc; 991 struct sk_buff *nc;
977 992
993 ret = audit_mq_notify(mqdes, u_notification);
994 if (ret != 0)
995 return ret;
996
978 nc = NULL; 997 nc = NULL;
979 sock = NULL; 998 sock = NULL;
980 if (u_notification != NULL) { 999 if (u_notification != NULL) {
@@ -1115,6 +1134,9 @@ asmlinkage long sys_mq_getsetattr(mqd_t mqdes,
1115 omqstat = info->attr; 1134 omqstat = info->attr;
1116 omqstat.mq_flags = filp->f_flags & O_NONBLOCK; 1135 omqstat.mq_flags = filp->f_flags & O_NONBLOCK;
1117 if (u_mqstat) { 1136 if (u_mqstat) {
1137 ret = audit_mq_getsetattr(mqdes, &mqstat);
1138 if (ret != 0)
1139 goto out;
1118 if (mqstat.mq_flags & O_NONBLOCK) 1140 if (mqstat.mq_flags & O_NONBLOCK)
1119 filp->f_flags |= O_NONBLOCK; 1141 filp->f_flags |= O_NONBLOCK;
1120 else 1142 else