diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2006-05-25 10:19:47 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-06-20 05:25:21 -0400 |
| commit | e1396065e0489f98b35021b97907ab4edbfb24e1 (patch) | |
| tree | a276ea0a2ece9132d435adf1a1f82d0ada1ae938 /kernel/audit.c | |
| parent | 473ae30bc7b1dda5c5791c773f95e9424ddfead9 (diff) | |
[PATCH] collect sid of those who send signals to auditd
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel/audit.c')
| -rw-r--r-- | kernel/audit.c | 31 |
1 files changed, 20 insertions, 11 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index d09f131b111a..bb20922d08cc 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -89,6 +89,7 @@ static int audit_backlog_wait_overflow = 0; | |||
| 89 | /* The identity of the user shutting down the audit system. */ | 89 | /* The identity of the user shutting down the audit system. */ |
| 90 | uid_t audit_sig_uid = -1; | 90 | uid_t audit_sig_uid = -1; |
| 91 | pid_t audit_sig_pid = -1; | 91 | pid_t audit_sig_pid = -1; |
| 92 | u32 audit_sig_sid = 0; | ||
| 92 | 93 | ||
| 93 | /* Records can be lost in several ways: | 94 | /* Records can be lost in several ways: |
| 94 | 0) [suppressed in audit_alloc] | 95 | 0) [suppressed in audit_alloc] |
| @@ -479,7 +480,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 479 | struct audit_buffer *ab; | 480 | struct audit_buffer *ab; |
| 480 | u16 msg_type = nlh->nlmsg_type; | 481 | u16 msg_type = nlh->nlmsg_type; |
| 481 | uid_t loginuid; /* loginuid of sender */ | 482 | uid_t loginuid; /* loginuid of sender */ |
| 482 | struct audit_sig_info sig_data; | 483 | struct audit_sig_info *sig_data; |
| 484 | char *ctx; | ||
| 485 | u32 len; | ||
| 483 | 486 | ||
| 484 | err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type); | 487 | err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type); |
| 485 | if (err) | 488 | if (err) |
| @@ -531,12 +534,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 531 | if (status_get->mask & AUDIT_STATUS_PID) { | 534 | if (status_get->mask & AUDIT_STATUS_PID) { |
| 532 | int old = audit_pid; | 535 | int old = audit_pid; |
| 533 | if (sid) { | 536 | if (sid) { |
| 534 | char *ctx = NULL; | 537 | if ((err = selinux_ctxid_to_string( |
| 535 | u32 len; | ||
| 536 | int rc; | ||
| 537 | if ((rc = selinux_ctxid_to_string( | ||
| 538 | sid, &ctx, &len))) | 538 | sid, &ctx, &len))) |
| 539 | return rc; | 539 | return err; |
| 540 | else | 540 | else |
| 541 | audit_log(NULL, GFP_KERNEL, | 541 | audit_log(NULL, GFP_KERNEL, |
| 542 | AUDIT_CONFIG_CHANGE, | 542 | AUDIT_CONFIG_CHANGE, |
| @@ -572,8 +572,6 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 572 | "user pid=%d uid=%u auid=%u", | 572 | "user pid=%d uid=%u auid=%u", |
| 573 | pid, uid, loginuid); | 573 | pid, uid, loginuid); |
| 574 | if (sid) { | 574 | if (sid) { |
| 575 | char *ctx = NULL; | ||
| 576 | u32 len; | ||
| 577 | if (selinux_ctxid_to_string( | 575 | if (selinux_ctxid_to_string( |
| 578 | sid, &ctx, &len)) { | 576 | sid, &ctx, &len)) { |
| 579 | audit_log_format(ab, | 577 | audit_log_format(ab, |
| @@ -612,10 +610,21 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 612 | loginuid, sid); | 610 | loginuid, sid); |
| 613 | break; | 611 | break; |
| 614 | case AUDIT_SIGNAL_INFO: | 612 | case AUDIT_SIGNAL_INFO: |
| 615 | sig_data.uid = audit_sig_uid; | 613 | err = selinux_ctxid_to_string(audit_sig_sid, &ctx, &len); |
| 616 | sig_data.pid = audit_sig_pid; | 614 | if (err) |
| 615 | return err; | ||
| 616 | sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL); | ||
| 617 | if (!sig_data) { | ||
| 618 | kfree(ctx); | ||
| 619 | return -ENOMEM; | ||
| 620 | } | ||
| 621 | sig_data->uid = audit_sig_uid; | ||
| 622 | sig_data->pid = audit_sig_pid; | ||
| 623 | memcpy(sig_data->ctx, ctx, len); | ||
| 624 | kfree(ctx); | ||
| 617 | audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO, | 625 | audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO, |
| 618 | 0, 0, &sig_data, sizeof(sig_data)); | 626 | 0, 0, sig_data, sizeof(*sig_data) + len); |
| 627 | kfree(sig_data); | ||
| 619 | break; | 628 | break; |
| 620 | default: | 629 | default: |
| 621 | err = -EINVAL; | 630 | err = -EINVAL; |