diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-02-07 19:53:48 -0500 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-18 04:00:26 -0400 |
| commit | cca080d9b622094831672a136e5ee4f702d116b1 (patch) | |
| tree | 7a8238c1c0a0d4de682e0ebb97dc06ab3a18fdb5 /kernel/auditsc.c | |
| parent | e1760bd5ffae8cb98cffb030ee8e631eba28f3d8 (diff) | |
userns: Convert audit to work with user namespaces enabled
- Explicitly format uids gids in audit messges in the initial user
namespace. This is safe because auditd is restrected to be in
the initial user namespace.
- Convert audit_sig_uid into a kuid_t.
- Enable building the audit code and user namespaces at the same time.
The net result is that the audit subsystem now uses kuid_t and kgid_t whenever
possible making it almost impossible to confuse a raw uid_t with a kuid_t
preventing bugs.
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'kernel/auditsc.c')
| -rw-r--r-- | kernel/auditsc.c | 51 |
1 files changed, 31 insertions, 20 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 26fdfc092e35..ff4798fcb488 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -150,7 +150,7 @@ struct audit_aux_data_pids { | |||
| 150 | struct audit_aux_data d; | 150 | struct audit_aux_data d; |
| 151 | pid_t target_pid[AUDIT_AUX_PIDS]; | 151 | pid_t target_pid[AUDIT_AUX_PIDS]; |
| 152 | kuid_t target_auid[AUDIT_AUX_PIDS]; | 152 | kuid_t target_auid[AUDIT_AUX_PIDS]; |
| 153 | uid_t target_uid[AUDIT_AUX_PIDS]; | 153 | kuid_t target_uid[AUDIT_AUX_PIDS]; |
| 154 | unsigned int target_sessionid[AUDIT_AUX_PIDS]; | 154 | unsigned int target_sessionid[AUDIT_AUX_PIDS]; |
| 155 | u32 target_sid[AUDIT_AUX_PIDS]; | 155 | u32 target_sid[AUDIT_AUX_PIDS]; |
| 156 | char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; | 156 | char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; |
| @@ -208,14 +208,14 @@ struct audit_context { | |||
| 208 | size_t sockaddr_len; | 208 | size_t sockaddr_len; |
| 209 | /* Save things to print about task_struct */ | 209 | /* Save things to print about task_struct */ |
| 210 | pid_t pid, ppid; | 210 | pid_t pid, ppid; |
| 211 | uid_t uid, euid, suid, fsuid; | 211 | kuid_t uid, euid, suid, fsuid; |
| 212 | gid_t gid, egid, sgid, fsgid; | 212 | kgid_t gid, egid, sgid, fsgid; |
| 213 | unsigned long personality; | 213 | unsigned long personality; |
| 214 | int arch; | 214 | int arch; |
| 215 | 215 | ||
| 216 | pid_t target_pid; | 216 | pid_t target_pid; |
| 217 | kuid_t target_auid; | 217 | kuid_t target_auid; |
| 218 | uid_t target_uid; | 218 | kuid_t target_uid; |
| 219 | unsigned int target_sessionid; | 219 | unsigned int target_sessionid; |
| 220 | u32 target_sid; | 220 | u32 target_sid; |
| 221 | char target_comm[TASK_COMM_LEN]; | 221 | char target_comm[TASK_COMM_LEN]; |
| @@ -231,8 +231,8 @@ struct audit_context { | |||
| 231 | long args[6]; | 231 | long args[6]; |
| 232 | } socketcall; | 232 | } socketcall; |
| 233 | struct { | 233 | struct { |
| 234 | uid_t uid; | 234 | kuid_t uid; |
| 235 | gid_t gid; | 235 | kgid_t gid; |
| 236 | umode_t mode; | 236 | umode_t mode; |
| 237 | u32 osid; | 237 | u32 osid; |
| 238 | int has_perm; | 238 | int has_perm; |
| @@ -1176,7 +1176,7 @@ static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk | |||
| 1176 | } | 1176 | } |
| 1177 | 1177 | ||
| 1178 | static int audit_log_pid_context(struct audit_context *context, pid_t pid, | 1178 | static int audit_log_pid_context(struct audit_context *context, pid_t pid, |
| 1179 | kuid_t auid, uid_t uid, unsigned int sessionid, | 1179 | kuid_t auid, kuid_t uid, unsigned int sessionid, |
| 1180 | u32 sid, char *comm) | 1180 | u32 sid, char *comm) |
| 1181 | { | 1181 | { |
| 1182 | struct audit_buffer *ab; | 1182 | struct audit_buffer *ab; |
| @@ -1190,7 +1190,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, | |||
| 1190 | 1190 | ||
| 1191 | audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, | 1191 | audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, |
| 1192 | from_kuid(&init_user_ns, auid), | 1192 | from_kuid(&init_user_ns, auid), |
| 1193 | uid, sessionid); | 1193 | from_kuid(&init_user_ns, uid), sessionid); |
| 1194 | if (security_secid_to_secctx(sid, &ctx, &len)) { | 1194 | if (security_secid_to_secctx(sid, &ctx, &len)) { |
| 1195 | audit_log_format(ab, " obj=(none)"); | 1195 | audit_log_format(ab, " obj=(none)"); |
| 1196 | rc = 1; | 1196 | rc = 1; |
| @@ -1440,7 +1440,9 @@ static void show_special(struct audit_context *context, int *call_panic) | |||
| 1440 | u32 osid = context->ipc.osid; | 1440 | u32 osid = context->ipc.osid; |
| 1441 | 1441 | ||
| 1442 | audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", | 1442 | audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", |
| 1443 | context->ipc.uid, context->ipc.gid, context->ipc.mode); | 1443 | from_kuid(&init_user_ns, context->ipc.uid), |
| 1444 | from_kgid(&init_user_ns, context->ipc.gid), | ||
| 1445 | context->ipc.mode); | ||
| 1444 | if (osid) { | 1446 | if (osid) { |
| 1445 | char *ctx = NULL; | 1447 | char *ctx = NULL; |
| 1446 | u32 len; | 1448 | u32 len; |
| @@ -1553,8 +1555,8 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, | |||
| 1553 | MAJOR(n->dev), | 1555 | MAJOR(n->dev), |
| 1554 | MINOR(n->dev), | 1556 | MINOR(n->dev), |
| 1555 | n->mode, | 1557 | n->mode, |
| 1556 | n->uid, | 1558 | from_kuid(&init_user_ns, n->uid), |
| 1557 | n->gid, | 1559 | from_kgid(&init_user_ns, n->gid), |
| 1558 | MAJOR(n->rdev), | 1560 | MAJOR(n->rdev), |
| 1559 | MINOR(n->rdev)); | 1561 | MINOR(n->rdev)); |
| 1560 | } | 1562 | } |
| @@ -1632,10 +1634,15 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
| 1632 | context->ppid, | 1634 | context->ppid, |
| 1633 | context->pid, | 1635 | context->pid, |
| 1634 | from_kuid(&init_user_ns, tsk->loginuid), | 1636 | from_kuid(&init_user_ns, tsk->loginuid), |
| 1635 | context->uid, | 1637 | from_kuid(&init_user_ns, context->uid), |
| 1636 | context->gid, | 1638 | from_kgid(&init_user_ns, context->gid), |
| 1637 | context->euid, context->suid, context->fsuid, | 1639 | from_kuid(&init_user_ns, context->euid), |
| 1638 | context->egid, context->sgid, context->fsgid, tty, | 1640 | from_kuid(&init_user_ns, context->suid), |
| 1641 | from_kuid(&init_user_ns, context->fsuid), | ||
| 1642 | from_kgid(&init_user_ns, context->egid), | ||
| 1643 | from_kgid(&init_user_ns, context->sgid), | ||
| 1644 | from_kgid(&init_user_ns, context->fsgid), | ||
| 1645 | tty, | ||
| 1639 | tsk->sessionid); | 1646 | tsk->sessionid); |
| 1640 | 1647 | ||
| 1641 | 1648 | ||
| @@ -2315,7 +2322,8 @@ int audit_set_loginuid(kuid_t loginuid) | |||
| 2315 | audit_log_format(ab, "login pid=%d uid=%u " | 2322 | audit_log_format(ab, "login pid=%d uid=%u " |
| 2316 | "old auid=%u new auid=%u" | 2323 | "old auid=%u new auid=%u" |
| 2317 | " old ses=%u new ses=%u", | 2324 | " old ses=%u new ses=%u", |
| 2318 | task->pid, task_uid(task), | 2325 | task->pid, |
| 2326 | from_kuid(&init_user_ns, task_uid(task)), | ||
| 2319 | from_kuid(&init_user_ns, task->loginuid), | 2327 | from_kuid(&init_user_ns, task->loginuid), |
| 2320 | from_kuid(&init_user_ns, loginuid), | 2328 | from_kuid(&init_user_ns, loginuid), |
| 2321 | task->sessionid, sessionid); | 2329 | task->sessionid, sessionid); |
| @@ -2540,7 +2548,7 @@ int __audit_signal_info(int sig, struct task_struct *t) | |||
| 2540 | struct audit_aux_data_pids *axp; | 2548 | struct audit_aux_data_pids *axp; |
| 2541 | struct task_struct *tsk = current; | 2549 | struct task_struct *tsk = current; |
| 2542 | struct audit_context *ctx = tsk->audit_context; | 2550 | struct audit_context *ctx = tsk->audit_context; |
| 2543 | uid_t uid = current_uid(), t_uid = task_uid(t); | 2551 | kuid_t uid = current_uid(), t_uid = task_uid(t); |
| 2544 | 2552 | ||
| 2545 | if (audit_pid && t->tgid == audit_pid) { | 2553 | if (audit_pid && t->tgid == audit_pid) { |
| 2546 | if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) { | 2554 | if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) { |
| @@ -2666,8 +2674,8 @@ void __audit_mmap_fd(int fd, int flags) | |||
| 2666 | 2674 | ||
| 2667 | static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr) | 2675 | static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr) |
| 2668 | { | 2676 | { |
| 2669 | uid_t auid, uid; | 2677 | kuid_t auid, uid; |
| 2670 | gid_t gid; | 2678 | kgid_t gid; |
| 2671 | unsigned int sessionid; | 2679 | unsigned int sessionid; |
| 2672 | 2680 | ||
| 2673 | auid = audit_get_loginuid(current); | 2681 | auid = audit_get_loginuid(current); |
| @@ -2675,7 +2683,10 @@ static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr) | |||
| 2675 | current_uid_gid(&uid, &gid); | 2683 | current_uid_gid(&uid, &gid); |
| 2676 | 2684 | ||
| 2677 | audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u", | 2685 | audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u", |
| 2678 | auid, uid, gid, sessionid); | 2686 | from_kuid(&init_user_ns, auid), |
| 2687 | from_kuid(&init_user_ns, uid), | ||
| 2688 | from_kgid(&init_user_ns, gid), | ||
| 2689 | sessionid); | ||
| 2679 | audit_log_task_context(ab); | 2690 | audit_log_task_context(ab); |
| 2680 | audit_log_format(ab, " pid=%d comm=", current->pid); | 2691 | audit_log_format(ab, " pid=%d comm=", current->pid); |
| 2681 | audit_log_untrustedstring(ab, current->comm); | 2692 | audit_log_untrustedstring(ab, current->comm); |