diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-12-23 21:13:16 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-12-23 21:13:16 -0500 |
| commit | 66b3f4f0a0fcc197a1e432c3d2134f5c6a5275b9 (patch) | |
| tree | 00a5b55daae62443f4242c2036dcdaadb346ba83 /kernel/audit.c | |
| parent | 53262d12d1658669029ab39a63e3d314108abe66 (diff) | |
| parent | 041d7b98ffe59c59fdd639931dea7d74f9aa9a59 (diff) | |
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit
Pull audit fixes from Paul Moore:
"Four patches to fix various problems with the audit subsystem, all are
fairly small and straightforward.
One patch fixes a problem where we weren't using the correct gfp
allocation flags (GFP_KERNEL regardless of context, oops), one patch
fixes a problem with old userspace tools (this was broken for a
while), one patch fixes a problem where we weren't recording pathnames
correctly, and one fixes a problem with PID based filters.
In general I don't think there is anything controversial with this
patchset, and it fixes some rather unfortunate bugs; the allocation
flag one can be particularly scary looking for users"
* 'upstream' of git://git.infradead.org/users/pcmoore/audit:
audit: restore AUDIT_LOGINUID unset ABI
audit: correctly record file names with different path name types
audit: use supplied gfp_mask from audit_buffer in kauditd_send_multicast_skb
audit: don't attempt to lookup PIDs when changing PID filtering audit rules
Diffstat (limited to 'kernel/audit.c')
| -rw-r--r-- | kernel/audit.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index f8f203e8018c..231b7dcb154b 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -429,7 +429,7 @@ static void kauditd_send_skb(struct sk_buff *skb) | |||
| 429 | * This function doesn't consume an skb as might be expected since it has to | 429 | * This function doesn't consume an skb as might be expected since it has to |
| 430 | * copy it anyways. | 430 | * copy it anyways. |
| 431 | */ | 431 | */ |
| 432 | static void kauditd_send_multicast_skb(struct sk_buff *skb) | 432 | static void kauditd_send_multicast_skb(struct sk_buff *skb, gfp_t gfp_mask) |
| 433 | { | 433 | { |
| 434 | struct sk_buff *copy; | 434 | struct sk_buff *copy; |
| 435 | struct audit_net *aunet = net_generic(&init_net, audit_net_id); | 435 | struct audit_net *aunet = net_generic(&init_net, audit_net_id); |
| @@ -448,11 +448,11 @@ static void kauditd_send_multicast_skb(struct sk_buff *skb) | |||
| 448 | * no reason for new multicast clients to continue with this | 448 | * no reason for new multicast clients to continue with this |
| 449 | * non-compliance. | 449 | * non-compliance. |
| 450 | */ | 450 | */ |
| 451 | copy = skb_copy(skb, GFP_KERNEL); | 451 | copy = skb_copy(skb, gfp_mask); |
| 452 | if (!copy) | 452 | if (!copy) |
| 453 | return; | 453 | return; |
| 454 | 454 | ||
| 455 | nlmsg_multicast(sock, copy, 0, AUDIT_NLGRP_READLOG, GFP_KERNEL); | 455 | nlmsg_multicast(sock, copy, 0, AUDIT_NLGRP_READLOG, gfp_mask); |
| 456 | } | 456 | } |
| 457 | 457 | ||
| 458 | /* | 458 | /* |
| @@ -1940,7 +1940,7 @@ void audit_log_end(struct audit_buffer *ab) | |||
| 1940 | struct nlmsghdr *nlh = nlmsg_hdr(ab->skb); | 1940 | struct nlmsghdr *nlh = nlmsg_hdr(ab->skb); |
| 1941 | 1941 | ||
| 1942 | nlh->nlmsg_len = ab->skb->len; | 1942 | nlh->nlmsg_len = ab->skb->len; |
| 1943 | kauditd_send_multicast_skb(ab->skb); | 1943 | kauditd_send_multicast_skb(ab->skb, ab->gfp_mask); |
| 1944 | 1944 | ||
| 1945 | /* | 1945 | /* |
| 1946 | * The original kaudit unicast socket sends up messages with | 1946 | * The original kaudit unicast socket sends up messages with |