diff options
| author | Richard Guy Briggs <rgb@redhat.com> | 2013-12-11 13:52:26 -0500 |
|---|---|---|
| committer | Eric Paris <eparis@redhat.com> | 2014-03-20 10:11:55 -0400 |
| commit | f1dc4867ff41b7bcca57fa19449d1fe7ad517ac1 (patch) | |
| tree | 873f8e7625dc54ae20a0cc2513fb6a33027f36d7 /kernel/audit.c | |
| parent | c92cdeb45eea38515e82187f48c2e4f435fb4e25 (diff) | |
audit: anchor all pid references in the initial pid namespace
Store and log all PIDs with reference to the initial PID namespace and
use the access functions task_pid_nr() and task_tgid_nr() for task->pid
and task->tgid.
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
(informed by ebiederman's c776b5d2)
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Diffstat (limited to 'kernel/audit.c')
| -rw-r--r-- | kernel/audit.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index e1e1b2137048..5a096f8e28cb 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -649,6 +649,7 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type) | |||
| 649 | { | 649 | { |
| 650 | int rc = 0; | 650 | int rc = 0; |
| 651 | uid_t uid = from_kuid(&init_user_ns, current_uid()); | 651 | uid_t uid = from_kuid(&init_user_ns, current_uid()); |
| 652 | pid_t pid = task_tgid_nr(current); | ||
| 652 | 653 | ||
| 653 | if (!audit_enabled && msg_type != AUDIT_USER_AVC) { | 654 | if (!audit_enabled && msg_type != AUDIT_USER_AVC) { |
| 654 | *ab = NULL; | 655 | *ab = NULL; |
| @@ -658,7 +659,7 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type) | |||
| 658 | *ab = audit_log_start(NULL, GFP_KERNEL, msg_type); | 659 | *ab = audit_log_start(NULL, GFP_KERNEL, msg_type); |
| 659 | if (unlikely(!*ab)) | 660 | if (unlikely(!*ab)) |
| 660 | return rc; | 661 | return rc; |
| 661 | audit_log_format(*ab, "pid=%d uid=%u", task_tgid_vnr(current), uid); | 662 | audit_log_format(*ab, "pid=%d uid=%u", pid, uid); |
| 662 | audit_log_session_info(*ab); | 663 | audit_log_session_info(*ab); |
| 663 | audit_log_task_context(*ab); | 664 | audit_log_task_context(*ab); |
| 664 | 665 | ||
| @@ -1823,7 +1824,7 @@ void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk) | |||
| 1823 | " euid=%u suid=%u fsuid=%u" | 1824 | " euid=%u suid=%u fsuid=%u" |
| 1824 | " egid=%u sgid=%u fsgid=%u tty=%s ses=%u", | 1825 | " egid=%u sgid=%u fsgid=%u tty=%s ses=%u", |
| 1825 | task_ppid_nr(tsk), | 1826 | task_ppid_nr(tsk), |
| 1826 | tsk->pid, | 1827 | task_pid_nr(tsk), |
| 1827 | from_kuid(&init_user_ns, audit_get_loginuid(tsk)), | 1828 | from_kuid(&init_user_ns, audit_get_loginuid(tsk)), |
| 1828 | from_kuid(&init_user_ns, cred->uid), | 1829 | from_kuid(&init_user_ns, cred->uid), |
| 1829 | from_kgid(&init_user_ns, cred->gid), | 1830 | from_kgid(&init_user_ns, cred->gid), |