audit: anchor all pid references in the initial pid namespace

Store and log all PIDs with reference to the initial PID namespace and
use the access functions task_pid_nr() and task_tgid_nr() for task->pid
and task->tgid.

Cc: "Eric W. Biederman" <ebiederm@xmission.com>
(informed by ebiederman's c776b5d2)
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>

1 files changed, 9 insertions, 7 deletions

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index a6cf7ab56e61..6381f25ac3d4 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -457,10 +457,12 @@ static int audit_filter_rules(struct task_struct *tsk,
                 struct audit_field *f = &rule->fields[i];
                 struct audit_names *n;
                 int result = 0;
+                pid_t pid;
 
                 switch (f->type) {
                 case AUDIT_PID:
-                        result = audit_comparator(tsk->pid, f->op, f->val);
+                        pid = task_pid_nr(tsk);
+                        result = audit_comparator(pid, f->op, f->val);
                         break;
                 case AUDIT_PPID:
                         if (ctx) {
@@ -2051,7 +2053,7 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
         audit_log_format(ab, "pid=%d uid=%u"
                          " old-auid=%u new-auid=%u old-ses=%u new-ses=%u"
                          " res=%d",
-                         current->pid, uid,
+                         task_pid_nr(current), uid,
                          oldloginuid, loginuid, oldsessionid, sessionid,
                          !rc);
         audit_log_end(ab);
@@ -2275,7 +2277,7 @@ void __audit_ptrace(struct task_struct *t)
 {
         struct audit_context *context = current->audit_context;
 
-        context->target_pid = t->pid;
+        context->target_pid = task_pid_nr(t);
         context->target_auid = audit_get_loginuid(t);
         context->target_uid = task_uid(t);
         context->target_sessionid = audit_get_sessionid(t);
@@ -2300,7 +2302,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
 
         if (audit_pid && t->tgid == audit_pid) {
                 if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) {
-                        audit_sig_pid = tsk->pid;
+                        audit_sig_pid = task_pid_nr(tsk);
                         if (uid_valid(tsk->loginuid))
                                 audit_sig_uid = tsk->loginuid;
                         else
@@ -2314,7 +2316,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
         /* optimize the common case by putting first signal recipient directly
          * in audit_context */
         if (!ctx->target_pid) {
-                ctx->target_pid = t->tgid;
+                ctx->target_pid = task_tgid_nr(t);
                 ctx->target_auid = audit_get_loginuid(t);
                 ctx->target_uid = t_uid;
                 ctx->target_sessionid = audit_get_sessionid(t);
@@ -2335,7 +2337,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
         }
         BUG_ON(axp->pid_count >= AUDIT_AUX_PIDS);
 
-        axp->target_pid[axp->pid_count] = t->tgid;
+        axp->target_pid[axp->pid_count] = task_tgid_nr(t);
         axp->target_auid[axp->pid_count] = audit_get_loginuid(t);
         axp->target_uid[axp->pid_count] = t_uid;
         axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t);
@@ -2435,7 +2437,7 @@ static void audit_log_task(struct audit_buffer *ab)
                          from_kgid(&init_user_ns, gid),
                          sessionid);
         audit_log_task_context(ab);
-        audit_log_format(ab, " pid=%d comm=", current->pid);
+        audit_log_format(ab, " pid=%d comm=", task_pid_nr(current));
         audit_log_untrustedstring(ab, current->comm);
         if (mm) {
                 down_read(&mm->mmap_sem);