aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-05-11 17:29:11 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2013-05-11 17:29:11 -0400
commitc4cc75c3321cad6f20d1e5325293890255c8a663 (patch)
treef515d034c9d6947bed0467840678aff823747596 /kernel
parent2dbd3cac87250a0d44e07acc86c4224a08522709 (diff)
parent2a0b4be6dd655e24990da1d0811e28b9277f8b12 (diff)
Merge git://git.infradead.org/users/eparis/audit
Pull audit changes from Eric Paris: "Al used to send pull requests every couple of years but he told me to just start pushing them to you directly. Our touching outside of core audit code is pretty straight forward. A couple of interface changes which hit net/. A simple argument bug calling audit functions in namei.c and the removal of some assembly branch prediction code on ppc" * git://git.infradead.org/users/eparis/audit: (31 commits) audit: fix message spacing printing auid Revert "audit: move kaudit thread start from auditd registration to kaudit init" audit: vfs: fix audit_inode call in O_CREAT case of do_last audit: Make testing for a valid loginuid explicit. audit: fix event coverage of AUDIT_ANOM_LINK audit: use spin_lock in audit_receive_msg to process tty logging audit: do not needlessly take a lock in tty_audit_exit audit: do not needlessly take a spinlock in copy_signal audit: add an option to control logging of passwords with pam_tty_audit audit: use spin_lock_irqsave/restore in audit tty code helper for some session id stuff audit: use a consistent audit helper to log lsm information audit: push loginuid and sessionid processing down audit: stop pushing loginid, uid, sessionid as arguments audit: remove the old depricated kernel interface audit: make validity checking generic audit: allow checking the type of audit message in the user filter audit: fix build break when AUDIT_DEBUG == 2 audit: remove duplicate export of audit_enabled Audit: do not print error when LSMs disabled ...
Diffstat (limited to 'kernel')
-rw-r--r--kernel/audit.c516
-rw-r--r--kernel/audit.h156
-rw-r--r--kernel/auditfilter.c360
-rw-r--r--kernel/auditsc.c407
4 files changed, 656 insertions, 783 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 0b084fa44b1f..21c7fa615bd3 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -49,6 +49,8 @@
49#include <linux/slab.h> 49#include <linux/slab.h>
50#include <linux/err.h> 50#include <linux/err.h>
51#include <linux/kthread.h> 51#include <linux/kthread.h>
52#include <linux/kernel.h>
53#include <linux/syscalls.h>
52 54
53#include <linux/audit.h> 55#include <linux/audit.h>
54 56
@@ -265,7 +267,6 @@ void audit_log_lost(const char *message)
265} 267}
266 268
267static int audit_log_config_change(char *function_name, int new, int old, 269static int audit_log_config_change(char *function_name, int new, int old,
268 kuid_t loginuid, u32 sessionid, u32 sid,
269 int allow_changes) 270 int allow_changes)
270{ 271{
271 struct audit_buffer *ab; 272 struct audit_buffer *ab;
@@ -274,29 +275,17 @@ static int audit_log_config_change(char *function_name, int new, int old,
274 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); 275 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
275 if (unlikely(!ab)) 276 if (unlikely(!ab))
276 return rc; 277 return rc;
277 audit_log_format(ab, "%s=%d old=%d auid=%u ses=%u", function_name, new, 278 audit_log_format(ab, "%s=%d old=%d", function_name, new, old);
278 old, from_kuid(&init_user_ns, loginuid), sessionid); 279 audit_log_session_info(ab);
279 if (sid) { 280 rc = audit_log_task_context(ab);
280 char *ctx = NULL; 281 if (rc)
281 u32 len; 282 allow_changes = 0; /* Something weird, deny request */
282
283 rc = security_secid_to_secctx(sid, &ctx, &len);
284 if (rc) {
285 audit_log_format(ab, " sid=%u", sid);
286 allow_changes = 0; /* Something weird, deny request */
287 } else {
288 audit_log_format(ab, " subj=%s", ctx);
289 security_release_secctx(ctx, len);
290 }
291 }
292 audit_log_format(ab, " res=%d", allow_changes); 283 audit_log_format(ab, " res=%d", allow_changes);
293 audit_log_end(ab); 284 audit_log_end(ab);
294 return rc; 285 return rc;
295} 286}
296 287
297static int audit_do_config_change(char *function_name, int *to_change, 288static int audit_do_config_change(char *function_name, int *to_change, int new)
298 int new, kuid_t loginuid, u32 sessionid,
299 u32 sid)
300{ 289{
301 int allow_changes, rc = 0, old = *to_change; 290 int allow_changes, rc = 0, old = *to_change;
302 291
@@ -307,8 +296,7 @@ static int audit_do_config_change(char *function_name, int *to_change,
307 allow_changes = 1; 296 allow_changes = 1;
308 297
309 if (audit_enabled != AUDIT_OFF) { 298 if (audit_enabled != AUDIT_OFF) {
310 rc = audit_log_config_change(function_name, new, old, loginuid, 299 rc = audit_log_config_change(function_name, new, old, allow_changes);
311 sessionid, sid, allow_changes);
312 if (rc) 300 if (rc)
313 allow_changes = 0; 301 allow_changes = 0;
314 } 302 }
@@ -322,44 +310,37 @@ static int audit_do_config_change(char *function_name, int *to_change,
322 return rc; 310 return rc;
323} 311}
324 312
325static int audit_set_rate_limit(int limit, kuid_t loginuid, u32 sessionid, 313static int audit_set_rate_limit(int limit)
326 u32 sid)
327{ 314{
328 return audit_do_config_change("audit_rate_limit", &audit_rate_limit, 315 return audit_do_config_change("audit_rate_limit", &audit_rate_limit, limit);
329 limit, loginuid, sessionid, sid);
330} 316}
331 317
332static int audit_set_backlog_limit(int limit, kuid_t loginuid, u32 sessionid, 318static int audit_set_backlog_limit(int limit)
333 u32 sid)
334{ 319{
335 return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit, 320 return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit, limit);
336 limit, loginuid, sessionid, sid);
337} 321}
338 322
339static int audit_set_enabled(int state, kuid_t loginuid, u32 sessionid, u32 sid) 323static int audit_set_enabled(int state)
340{ 324{
341 int rc; 325 int rc;
342 if (state < AUDIT_OFF || state > AUDIT_LOCKED) 326 if (state < AUDIT_OFF || state > AUDIT_LOCKED)
343 return -EINVAL; 327 return -EINVAL;
344 328
345 rc = audit_do_config_change("audit_enabled", &audit_enabled, state, 329 rc = audit_do_config_change("audit_enabled", &audit_enabled, state);
346 loginuid, sessionid, sid);
347
348 if (!rc) 330 if (!rc)
349 audit_ever_enabled |= !!state; 331 audit_ever_enabled |= !!state;
350 332
351 return rc; 333 return rc;
352} 334}
353 335
354static int audit_set_failure(int state, kuid_t loginuid, u32 sessionid, u32 sid) 336static int audit_set_failure(int state)
355{ 337{
356 if (state != AUDIT_FAIL_SILENT 338 if (state != AUDIT_FAIL_SILENT
357 && state != AUDIT_FAIL_PRINTK 339 && state != AUDIT_FAIL_PRINTK
358 && state != AUDIT_FAIL_PANIC) 340 && state != AUDIT_FAIL_PANIC)
359 return -EINVAL; 341 return -EINVAL;
360 342
361 return audit_do_config_change("audit_failure", &audit_failure, state, 343 return audit_do_config_change("audit_failure", &audit_failure, state);
362 loginuid, sessionid, sid);
363} 344}
364 345
365/* 346/*
@@ -417,34 +398,53 @@ static void kauditd_send_skb(struct sk_buff *skb)
417 consume_skb(skb); 398 consume_skb(skb);
418} 399}
419 400
420static int kauditd_thread(void *dummy) 401/*
402 * flush_hold_queue - empty the hold queue if auditd appears
403 *
404 * If auditd just started, drain the queue of messages already
405 * sent to syslog/printk. Remember loss here is ok. We already
406 * called audit_log_lost() if it didn't go out normally. so the
407 * race between the skb_dequeue and the next check for audit_pid
408 * doesn't matter.
409 *
410 * If you ever find kauditd to be too slow we can get a perf win
411 * by doing our own locking and keeping better track if there
412 * are messages in this queue. I don't see the need now, but
413 * in 5 years when I want to play with this again I'll see this
414 * note and still have no friggin idea what i'm thinking today.
415 */
416static void flush_hold_queue(void)
421{ 417{
422 struct sk_buff *skb; 418 struct sk_buff *skb;
423 419
420 if (!audit_default || !audit_pid)
421 return;
422
423 skb = skb_dequeue(&audit_skb_hold_queue);
424 if (likely(!skb))
425 return;
426
427 while (skb && audit_pid) {
428 kauditd_send_skb(skb);
429 skb = skb_dequeue(&audit_skb_hold_queue);
430 }
431
432 /*
433 * if auditd just disappeared but we
434 * dequeued an skb we need to drop ref
435 */
436 if (skb)
437 consume_skb(skb);
438}
439
440static int kauditd_thread(void *dummy)
441{
424 set_freezable(); 442 set_freezable();
425 while (!kthread_should_stop()) { 443 while (!kthread_should_stop()) {
426 /* 444 struct sk_buff *skb;
427 * if auditd just started drain the queue of messages already 445 DECLARE_WAITQUEUE(wait, current);
428 * sent to syslog/printk. remember loss here is ok. we already 446
429 * called audit_log_lost() if it didn't go out normally. so the 447 flush_hold_queue();
430 * race between the skb_dequeue and the next check for audit_pid
431 * doesn't matter.
432 *
433 * if you ever find kauditd to be too slow we can get a perf win
434 * by doing our own locking and keeping better track if there
435 * are messages in this queue. I don't see the need now, but
436 * in 5 years when I want to play with this again I'll see this
437 * note and still have no friggin idea what i'm thinking today.
438 */
439 if (audit_default && audit_pid) {
440 skb = skb_dequeue(&audit_skb_hold_queue);
441 if (unlikely(skb)) {
442 while (skb && audit_pid) {
443 kauditd_send_skb(skb);
444 skb = skb_dequeue(&audit_skb_hold_queue);
445 }
446 }
447 }
448 448
449 skb = skb_dequeue(&audit_skb_queue); 449 skb = skb_dequeue(&audit_skb_queue);
450 wake_up(&audit_backlog_wait); 450 wake_up(&audit_backlog_wait);
@@ -453,19 +453,18 @@ static int kauditd_thread(void *dummy)
453 kauditd_send_skb(skb); 453 kauditd_send_skb(skb);
454 else 454 else
455 audit_printk_skb(skb); 455 audit_printk_skb(skb);
456 } else { 456 continue;
457 DECLARE_WAITQUEUE(wait, current); 457 }
458 set_current_state(TASK_INTERRUPTIBLE); 458 set_current_state(TASK_INTERRUPTIBLE);
459 add_wait_queue(&kauditd_wait, &wait); 459 add_wait_queue(&kauditd_wait, &wait);
460
461 if (!skb_queue_len(&audit_skb_queue)) {
462 try_to_freeze();
463 schedule();
464 }
465 460
466 __set_current_state(TASK_RUNNING); 461 if (!skb_queue_len(&audit_skb_queue)) {
467 remove_wait_queue(&kauditd_wait, &wait); 462 try_to_freeze();
463 schedule();
468 } 464 }
465
466 __set_current_state(TASK_RUNNING);
467 remove_wait_queue(&kauditd_wait, &wait);
469 } 468 }
470 return 0; 469 return 0;
471} 470}
@@ -579,13 +578,14 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
579 return -EPERM; 578 return -EPERM;
580 579
581 switch (msg_type) { 580 switch (msg_type) {
582 case AUDIT_GET:
583 case AUDIT_LIST: 581 case AUDIT_LIST:
584 case AUDIT_LIST_RULES:
585 case AUDIT_SET:
586 case AUDIT_ADD: 582 case AUDIT_ADD:
587 case AUDIT_ADD_RULE:
588 case AUDIT_DEL: 583 case AUDIT_DEL:
584 return -EOPNOTSUPP;
585 case AUDIT_GET:
586 case AUDIT_SET:
587 case AUDIT_LIST_RULES:
588 case AUDIT_ADD_RULE:
589 case AUDIT_DEL_RULE: 589 case AUDIT_DEL_RULE:
590 case AUDIT_SIGNAL_INFO: 590 case AUDIT_SIGNAL_INFO:
591 case AUDIT_TTY_GET: 591 case AUDIT_TTY_GET:
@@ -608,12 +608,10 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
608 return err; 608 return err;
609} 609}
610 610
611static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type, 611static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type)
612 kuid_t auid, u32 ses, u32 sid)
613{ 612{
614 int rc = 0; 613 int rc = 0;
615 char *ctx = NULL; 614 uid_t uid = from_kuid(&init_user_ns, current_uid());
616 u32 len;
617 615
618 if (!audit_enabled) { 616 if (!audit_enabled) {
619 *ab = NULL; 617 *ab = NULL;
@@ -623,33 +621,21 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
623 *ab = audit_log_start(NULL, GFP_KERNEL, msg_type); 621 *ab = audit_log_start(NULL, GFP_KERNEL, msg_type);
624 if (unlikely(!*ab)) 622 if (unlikely(!*ab))
625 return rc; 623 return rc;
626 audit_log_format(*ab, "pid=%d uid=%u auid=%u ses=%u", 624 audit_log_format(*ab, "pid=%d uid=%u", task_tgid_vnr(current), uid);
627 task_tgid_vnr(current), 625 audit_log_session_info(*ab);
628 from_kuid(&init_user_ns, current_uid()), 626 audit_log_task_context(*ab);
629 from_kuid(&init_user_ns, auid), ses);
630 if (sid) {
631 rc = security_secid_to_secctx(sid, &ctx, &len);
632 if (rc)
633 audit_log_format(*ab, " ssid=%u", sid);
634 else {
635 audit_log_format(*ab, " subj=%s", ctx);
636 security_release_secctx(ctx, len);
637 }
638 }
639 627
640 return rc; 628 return rc;
641} 629}
642 630
643static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) 631static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
644{ 632{
645 u32 seq, sid; 633 u32 seq;
646 void *data; 634 void *data;
647 struct audit_status *status_get, status_set; 635 struct audit_status *status_get, status_set;
648 int err; 636 int err;
649 struct audit_buffer *ab; 637 struct audit_buffer *ab;
650 u16 msg_type = nlh->nlmsg_type; 638 u16 msg_type = nlh->nlmsg_type;
651 kuid_t loginuid; /* loginuid of sender */
652 u32 sessionid;
653 struct audit_sig_info *sig_data; 639 struct audit_sig_info *sig_data;
654 char *ctx = NULL; 640 char *ctx = NULL;
655 u32 len; 641 u32 len;
@@ -668,9 +654,6 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
668 return err; 654 return err;
669 } 655 }
670 } 656 }
671 loginuid = audit_get_loginuid(current);
672 sessionid = audit_get_sessionid(current);
673 security_task_getsecid(current, &sid);
674 seq = nlh->nlmsg_seq; 657 seq = nlh->nlmsg_seq;
675 data = nlmsg_data(nlh); 658 data = nlmsg_data(nlh);
676 659
@@ -691,14 +674,12 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
691 return -EINVAL; 674 return -EINVAL;
692 status_get = (struct audit_status *)data; 675 status_get = (struct audit_status *)data;
693 if (status_get->mask & AUDIT_STATUS_ENABLED) { 676 if (status_get->mask & AUDIT_STATUS_ENABLED) {
694 err = audit_set_enabled(status_get->enabled, 677 err = audit_set_enabled(status_get->enabled);
695 loginuid, sessionid, sid);
696 if (err < 0) 678 if (err < 0)
697 return err; 679 return err;
698 } 680 }
699 if (status_get->mask & AUDIT_STATUS_FAILURE) { 681 if (status_get->mask & AUDIT_STATUS_FAILURE) {
700 err = audit_set_failure(status_get->failure, 682 err = audit_set_failure(status_get->failure);
701 loginuid, sessionid, sid);
702 if (err < 0) 683 if (err < 0)
703 return err; 684 return err;
704 } 685 }
@@ -706,22 +687,17 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
706 int new_pid = status_get->pid; 687 int new_pid = status_get->pid;
707 688
708 if (audit_enabled != AUDIT_OFF) 689 if (audit_enabled != AUDIT_OFF)
709 audit_log_config_change("audit_pid", new_pid, 690 audit_log_config_change("audit_pid", new_pid, audit_pid, 1);
710 audit_pid, loginuid,
711 sessionid, sid, 1);
712
713 audit_pid = new_pid; 691 audit_pid = new_pid;
714 audit_nlk_portid = NETLINK_CB(skb).portid; 692 audit_nlk_portid = NETLINK_CB(skb).portid;
715 } 693 }
716 if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) { 694 if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {
717 err = audit_set_rate_limit(status_get->rate_limit, 695 err = audit_set_rate_limit(status_get->rate_limit);
718 loginuid, sessionid, sid);
719 if (err < 0) 696 if (err < 0)
720 return err; 697 return err;
721 } 698 }
722 if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) 699 if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
723 err = audit_set_backlog_limit(status_get->backlog_limit, 700 err = audit_set_backlog_limit(status_get->backlog_limit);
724 loginuid, sessionid, sid);
725 break; 701 break;
726 case AUDIT_USER: 702 case AUDIT_USER:
727 case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG: 703 case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:
@@ -729,25 +705,22 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
729 if (!audit_enabled && msg_type != AUDIT_USER_AVC) 705 if (!audit_enabled && msg_type != AUDIT_USER_AVC)
730 return 0; 706 return 0;
731 707
732 err = audit_filter_user(); 708 err = audit_filter_user(msg_type);
733 if (err == 1) { 709 if (err == 1) {
734 err = 0; 710 err = 0;
735 if (msg_type == AUDIT_USER_TTY) { 711 if (msg_type == AUDIT_USER_TTY) {
736 err = tty_audit_push_task(current, loginuid, 712 err = tty_audit_push_current();
737 sessionid);
738 if (err) 713 if (err)
739 break; 714 break;
740 } 715 }
741 audit_log_common_recv_msg(&ab, msg_type, 716 audit_log_common_recv_msg(&ab, msg_type);
742 loginuid, sessionid, sid);
743
744 if (msg_type != AUDIT_USER_TTY) 717 if (msg_type != AUDIT_USER_TTY)
745 audit_log_format(ab, " msg='%.1024s'", 718 audit_log_format(ab, " msg='%.1024s'",
746 (char *)data); 719 (char *)data);
747 else { 720 else {
748 int size; 721 int size;
749 722
750 audit_log_format(ab, " msg="); 723 audit_log_format(ab, " data=");
751 size = nlmsg_len(nlh); 724 size = nlmsg_len(nlh);
752 if (size > 0 && 725 if (size > 0 &&
753 ((unsigned char *)data)[size - 1] == '\0') 726 ((unsigned char *)data)[size - 1] == '\0')
@@ -758,50 +731,24 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
758 audit_log_end(ab); 731 audit_log_end(ab);
759 } 732 }
760 break; 733 break;
761 case AUDIT_ADD:
762 case AUDIT_DEL:
763 if (nlmsg_len(nlh) < sizeof(struct audit_rule))
764 return -EINVAL;
765 if (audit_enabled == AUDIT_LOCKED) {
766 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
767 loginuid, sessionid, sid);
768
769 audit_log_format(ab, " audit_enabled=%d res=0",
770 audit_enabled);
771 audit_log_end(ab);
772 return -EPERM;
773 }
774 /* fallthrough */
775 case AUDIT_LIST:
776 err = audit_receive_filter(msg_type, NETLINK_CB(skb).portid,
777 seq, data, nlmsg_len(nlh),
778 loginuid, sessionid, sid);
779 break;
780 case AUDIT_ADD_RULE: 734 case AUDIT_ADD_RULE:
781 case AUDIT_DEL_RULE: 735 case AUDIT_DEL_RULE:
782 if (nlmsg_len(nlh) < sizeof(struct audit_rule_data)) 736 if (nlmsg_len(nlh) < sizeof(struct audit_rule_data))
783 return -EINVAL; 737 return -EINVAL;
784 if (audit_enabled == AUDIT_LOCKED) { 738 if (audit_enabled == AUDIT_LOCKED) {
785 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, 739 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
786 loginuid, sessionid, sid); 740 audit_log_format(ab, " audit_enabled=%d res=0", audit_enabled);
787
788 audit_log_format(ab, " audit_enabled=%d res=0",
789 audit_enabled);
790 audit_log_end(ab); 741 audit_log_end(ab);
791 return -EPERM; 742 return -EPERM;
792 } 743 }
793 /* fallthrough */ 744 /* fallthrough */
794 case AUDIT_LIST_RULES: 745 case AUDIT_LIST_RULES:
795 err = audit_receive_filter(msg_type, NETLINK_CB(skb).portid, 746 err = audit_receive_filter(msg_type, NETLINK_CB(skb).portid,
796 seq, data, nlmsg_len(nlh), 747 seq, data, nlmsg_len(nlh));
797 loginuid, sessionid, sid);
798 break; 748 break;
799 case AUDIT_TRIM: 749 case AUDIT_TRIM:
800 audit_trim_trees(); 750 audit_trim_trees();
801 751 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
802 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
803 loginuid, sessionid, sid);
804
805 audit_log_format(ab, " op=trim res=1"); 752 audit_log_format(ab, " op=trim res=1");
806 audit_log_end(ab); 753 audit_log_end(ab);
807 break; 754 break;
@@ -831,8 +778,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
831 /* OK, here comes... */ 778 /* OK, here comes... */
832 err = audit_tag_tree(old, new); 779 err = audit_tag_tree(old, new);
833 780
834 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, 781 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
835 loginuid, sessionid, sid);
836 782
837 audit_log_format(ab, " op=make_equiv old="); 783 audit_log_format(ab, " op=make_equiv old=");
838 audit_log_untrustedstring(ab, old); 784 audit_log_untrustedstring(ab, old);
@@ -871,27 +817,30 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
871 struct audit_tty_status s; 817 struct audit_tty_status s;
872 struct task_struct *tsk = current; 818 struct task_struct *tsk = current;
873 819
874 spin_lock_irq(&tsk->sighand->siglock); 820 spin_lock(&tsk->sighand->siglock);
875 s.enabled = tsk->signal->audit_tty != 0; 821 s.enabled = tsk->signal->audit_tty != 0;
876 spin_unlock_irq(&tsk->sighand->siglock); 822 s.log_passwd = tsk->signal->audit_tty_log_passwd;
823 spin_unlock(&tsk->sighand->siglock);
877 824
878 audit_send_reply(NETLINK_CB(skb).portid, seq, 825 audit_send_reply(NETLINK_CB(skb).portid, seq,
879 AUDIT_TTY_GET, 0, 0, &s, sizeof(s)); 826 AUDIT_TTY_GET, 0, 0, &s, sizeof(s));
880 break; 827 break;
881 } 828 }
882 case AUDIT_TTY_SET: { 829 case AUDIT_TTY_SET: {
883 struct audit_tty_status *s; 830 struct audit_tty_status s;
884 struct task_struct *tsk = current; 831 struct task_struct *tsk = current;
885 832
886 if (nlh->nlmsg_len < sizeof(struct audit_tty_status)) 833 memset(&s, 0, sizeof(s));
887 return -EINVAL; 834 /* guard against past and future API changes */
888 s = data; 835 memcpy(&s, data, min(sizeof(s), (size_t)nlh->nlmsg_len));
889 if (s->enabled != 0 && s->enabled != 1) 836 if ((s.enabled != 0 && s.enabled != 1) ||
837 (s.log_passwd != 0 && s.log_passwd != 1))
890 return -EINVAL; 838 return -EINVAL;
891 839
892 spin_lock_irq(&tsk->sighand->siglock); 840 spin_lock(&tsk->sighand->siglock);
893 tsk->signal->audit_tty = s->enabled != 0; 841 tsk->signal->audit_tty = s.enabled;
894 spin_unlock_irq(&tsk->sighand->siglock); 842 tsk->signal->audit_tty_log_passwd = s.log_passwd;
843 spin_unlock(&tsk->sighand->siglock);
895 break; 844 break;
896 } 845 }
897 default: 846 default:
@@ -1434,6 +1383,14 @@ void audit_log_d_path(struct audit_buffer *ab, const char *prefix,
1434 kfree(pathname); 1383 kfree(pathname);
1435} 1384}
1436 1385
1386void audit_log_session_info(struct audit_buffer *ab)
1387{
1388 u32 sessionid = audit_get_sessionid(current);
1389 uid_t auid = from_kuid(&init_user_ns, audit_get_loginuid(current));
1390
1391 audit_log_format(ab, " auid=%u ses=%u\n", auid, sessionid);
1392}
1393
1437void audit_log_key(struct audit_buffer *ab, char *key) 1394void audit_log_key(struct audit_buffer *ab, char *key)
1438{ 1395{
1439 audit_log_format(ab, " key="); 1396 audit_log_format(ab, " key=");
@@ -1443,6 +1400,224 @@ void audit_log_key(struct audit_buffer *ab, char *key)
1443 audit_log_format(ab, "(null)"); 1400 audit_log_format(ab, "(null)");
1444} 1401}
1445 1402
1403void audit_log_cap(struct audit_buffer *ab, char *prefix, kernel_cap_t *cap)
1404{
1405 int i;
1406
1407 audit_log_format(ab, " %s=", prefix);
1408 CAP_FOR_EACH_U32(i) {
1409 audit_log_format(ab, "%08x",
1410 cap->cap[(_KERNEL_CAPABILITY_U32S-1) - i]);
1411 }
1412}
1413
1414void audit_log_fcaps(struct audit_buffer *ab, struct audit_names *name)
1415{
1416 kernel_cap_t *perm = &name->fcap.permitted;
1417 kernel_cap_t *inh = &name->fcap.inheritable;
1418 int log = 0;
1419
1420 if (!cap_isclear(*perm)) {
1421 audit_log_cap(ab, "cap_fp", perm);
1422 log = 1;
1423 }
1424 if (!cap_isclear(*inh)) {
1425 audit_log_cap(ab, "cap_fi", inh);
1426 log = 1;
1427 }
1428
1429 if (log)
1430 audit_log_format(ab, " cap_fe=%d cap_fver=%x",
1431 name->fcap.fE, name->fcap_ver);
1432}
1433
1434static inline int audit_copy_fcaps(struct audit_names *name,
1435 const struct dentry *dentry)
1436{
1437 struct cpu_vfs_cap_data caps;
1438 int rc;
1439
1440 if (!dentry)
1441 return 0;
1442
1443 rc = get_vfs_caps_from_disk(dentry, &caps);
1444 if (rc)
1445 return rc;
1446
1447 name->fcap.permitted = caps.permitted;
1448 name->fcap.inheritable = caps.inheritable;
1449 name->fcap.fE = !!(caps.magic_etc & VFS_CAP_FLAGS_EFFECTIVE);
1450 name->fcap_ver = (caps.magic_etc & VFS_CAP_REVISION_MASK) >>
1451 VFS_CAP_REVISION_SHIFT;
1452
1453 return 0;
1454}
1455
1456/* Copy inode data into an audit_names. */
1457void audit_copy_inode(struct audit_names *name, const struct dentry *dentry,
1458 const struct inode *inode)
1459{
1460 name->ino = inode->i_ino;
1461 name->dev = inode->i_sb->s_dev;
1462 name->mode = inode->i_mode;
1463 name->uid = inode->i_uid;
1464 name->gid = inode->i_gid;
1465 name->rdev = inode->i_rdev;
1466 security_inode_getsecid(inode, &name->osid);
1467 audit_copy_fcaps(name, dentry);
1468}
1469
1470/**
1471 * audit_log_name - produce AUDIT_PATH record from struct audit_names
1472 * @context: audit_context for the task
1473 * @n: audit_names structure with reportable details
1474 * @path: optional path to report instead of audit_names->name
1475 * @record_num: record number to report when handling a list of names
1476 * @call_panic: optional pointer to int that will be updated if secid fails
1477 */
1478void audit_log_name(struct audit_context *context, struct audit_names *n,
1479 struct path *path, int record_num, int *call_panic)
1480{
1481 struct audit_buffer *ab;
1482 ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH);
1483 if (!ab)
1484 return;
1485
1486 audit_log_format(ab, "item=%d", record_num);
1487
1488 if (path)
1489 audit_log_d_path(ab, " name=", path);
1490 else if (n->name) {
1491 switch (n->name_len) {
1492 case AUDIT_NAME_FULL:
1493 /* log the full path */
1494 audit_log_format(ab, " name=");
1495 audit_log_untrustedstring(ab, n->name->name);
1496 break;
1497 case 0:
1498 /* name was specified as a relative path and the
1499 * directory component is the cwd */
1500 audit_log_d_path(ab, " name=", &context->pwd);
1501 break;
1502 default:
1503 /* log the name's directory component */
1504 audit_log_format(ab, " name=");
1505 audit_log_n_untrustedstring(ab, n->name->name,
1506 n->name_len);
1507 }
1508 } else
1509 audit_log_format(ab, " name=(null)");
1510
1511 if (n->ino != (unsigned long)-1) {
1512 audit_log_format(ab, " inode=%lu"
1513 " dev=%02x:%02x mode=%#ho"
1514 " ouid=%u ogid=%u rdev=%02x:%02x",
1515 n->ino,
1516 MAJOR(n->dev),
1517 MINOR(n->dev),
1518 n->mode,
1519 from_kuid(&init_user_ns, n->uid),
1520 from_kgid(&init_user_ns, n->gid),
1521 MAJOR(n->rdev),
1522 MINOR(n->rdev));
1523 }
1524 if (n->osid != 0) {
1525 char *ctx = NULL;
1526 u32 len;
1527 if (security_secid_to_secctx(
1528 n->osid, &ctx, &len)) {
1529 audit_log_format(ab, " osid=%u", n->osid);
1530 if (call_panic)
1531 *call_panic = 2;
1532 } else {
1533 audit_log_format(ab, " obj=%s", ctx);
1534 security_release_secctx(ctx, len);
1535 }
1536 }
1537
1538 audit_log_fcaps(ab, n);
1539 audit_log_end(ab);
1540}
1541
1542int audit_log_task_context(struct audit_buffer *ab)
1543{
1544 char *ctx = NULL;
1545 unsigned len;
1546 int error;
1547 u32 sid;
1548
1549 security_task_getsecid(current, &sid);
1550 if (!sid)
1551 return 0;
1552
1553 error = security_secid_to_secctx(sid, &ctx, &len);
1554 if (error) {
1555 if (error != -EINVAL)
1556 goto error_path;
1557 return 0;
1558 }
1559
1560 audit_log_format(ab, " subj=%s", ctx);
1561 security_release_secctx(ctx, len);
1562 return 0;
1563
1564error_path:
1565 audit_panic("error in audit_log_task_context");
1566 return error;
1567}
1568EXPORT_SYMBOL(audit_log_task_context);
1569
1570void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
1571{
1572 const struct cred *cred;
1573 char name[sizeof(tsk->comm)];
1574 struct mm_struct *mm = tsk->mm;
1575 char *tty;
1576
1577 if (!ab)
1578 return;
1579
1580 /* tsk == current */
1581 cred = current_cred();
1582
1583 spin_lock_irq(&tsk->sighand->siglock);
1584 if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
1585 tty = tsk->signal->tty->name;
1586 else
1587 tty = "(none)";
1588 spin_unlock_irq(&tsk->sighand->siglock);
1589
1590 audit_log_format(ab,
1591 " ppid=%ld pid=%d auid=%u uid=%u gid=%u"
1592 " euid=%u suid=%u fsuid=%u"
1593 " egid=%u sgid=%u fsgid=%u ses=%u tty=%s",
1594 sys_getppid(),
1595 tsk->pid,
1596 from_kuid(&init_user_ns, audit_get_loginuid(tsk)),
1597 from_kuid(&init_user_ns, cred->uid),
1598 from_kgid(&init_user_ns, cred->gid),
1599 from_kuid(&init_user_ns, cred->euid),
1600 from_kuid(&init_user_ns, cred->suid),
1601 from_kuid(&init_user_ns, cred->fsuid),
1602 from_kgid(&init_user_ns, cred->egid),
1603 from_kgid(&init_user_ns, cred->sgid),
1604 from_kgid(&init_user_ns, cred->fsgid),
1605 audit_get_sessionid(tsk), tty);
1606
1607 get_task_comm(name, tsk);
1608 audit_log_format(ab, " comm=");
1609 audit_log_untrustedstring(ab, name);
1610
1611 if (mm) {
1612 down_read(&mm->mmap_sem);
1613 if (mm->exe_file)
1614 audit_log_d_path(ab, " exe=", &mm->exe_file->f_path);
1615 up_read(&mm->mmap_sem);
1616 }
1617 audit_log_task_context(ab);
1618}
1619EXPORT_SYMBOL(audit_log_task_info);
1620
1446/** 1621/**
1447 * audit_log_link_denied - report a link restriction denial 1622 * audit_log_link_denied - report a link restriction denial
1448 * @operation: specific link opreation 1623 * @operation: specific link opreation
@@ -1451,19 +1626,28 @@ void audit_log_key(struct audit_buffer *ab, char *key)
1451void audit_log_link_denied(const char *operation, struct path *link) 1626void audit_log_link_denied(const char *operation, struct path *link)
1452{ 1627{
1453 struct audit_buffer *ab; 1628 struct audit_buffer *ab;
1629 struct audit_names *name;
1630
1631 name = kzalloc(sizeof(*name), GFP_NOFS);
1632 if (!name)
1633 return;
1454 1634
1635 /* Generate AUDIT_ANOM_LINK with subject, operation, outcome. */
1455 ab = audit_log_start(current->audit_context, GFP_KERNEL, 1636 ab = audit_log_start(current->audit_context, GFP_KERNEL,
1456 AUDIT_ANOM_LINK); 1637 AUDIT_ANOM_LINK);
1457 if (!ab) 1638 if (!ab)
1458 return; 1639 goto out;
1459 audit_log_format(ab, "op=%s action=denied", operation); 1640 audit_log_format(ab, "op=%s", operation);
1460 audit_log_format(ab, " pid=%d comm=", current->pid); 1641 audit_log_task_info(ab, current);
1461 audit_log_untrustedstring(ab, current->comm); 1642 audit_log_format(ab, " res=0");
1462 audit_log_d_path(ab, " path=", link);
1463 audit_log_format(ab, " dev=");
1464 audit_log_untrustedstring(ab, link->dentry->d_inode->i_sb->s_id);
1465 audit_log_format(ab, " ino=%lu", link->dentry->d_inode->i_ino);
1466 audit_log_end(ab); 1643 audit_log_end(ab);
1644
1645 /* Generate AUDIT_PATH record with object. */
1646 name->type = AUDIT_TYPE_NORMAL;
1647 audit_copy_inode(name, link->dentry, link->dentry->d_inode);
1648 audit_log_name(current->audit_context, name, link, 0, NULL);
1649out:
1650 kfree(name);
1467} 1651}
1468 1652
1469/** 1653/**
diff --git a/kernel/audit.h b/kernel/audit.h
index 11468d99dad0..1c95131ef760 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -22,6 +22,7 @@
22#include <linux/fs.h> 22#include <linux/fs.h>
23#include <linux/audit.h> 23#include <linux/audit.h>
24#include <linux/skbuff.h> 24#include <linux/skbuff.h>
25#include <uapi/linux/mqueue.h>
25 26
26/* 0 = no checking 27/* 0 = no checking
27 1 = put_count checking 28 1 = put_count checking
@@ -29,6 +30,11 @@
29*/ 30*/
30#define AUDIT_DEBUG 0 31#define AUDIT_DEBUG 0
31 32
33/* AUDIT_NAMES is the number of slots we reserve in the audit_context
34 * for saving names from getname(). If we get more names we will allocate
35 * a name dynamically and also add those to the list anchored by names_list. */
36#define AUDIT_NAMES 5
37
32/* At task start time, the audit_state is set in the audit_context using 38/* At task start time, the audit_state is set in the audit_context using
33 a per-task filter. At syscall entry, the audit_state is augmented by 39 a per-task filter. At syscall entry, the audit_state is augmented by
34 the syscall filter. */ 40 the syscall filter. */
@@ -59,8 +65,158 @@ struct audit_entry {
59 struct audit_krule rule; 65 struct audit_krule rule;
60}; 66};
61 67
68struct audit_cap_data {
69 kernel_cap_t permitted;
70 kernel_cap_t inheritable;
71 union {
72 unsigned int fE; /* effective bit of file cap */
73 kernel_cap_t effective; /* effective set of process */
74 };
75};
76
77/* When fs/namei.c:getname() is called, we store the pointer in name and
78 * we don't let putname() free it (instead we free all of the saved
79 * pointers at syscall exit time).
80 *
81 * Further, in fs/namei.c:path_lookup() we store the inode and device.
82 */
83struct audit_names {
84 struct list_head list; /* audit_context->names_list */
85
86 struct filename *name;
87 int name_len; /* number of chars to log */
88 bool name_put; /* call __putname()? */
89
90 unsigned long ino;
91 dev_t dev;
92 umode_t mode;
93 kuid_t uid;
94 kgid_t gid;
95 dev_t rdev;
96 u32 osid;
97 struct audit_cap_data fcap;
98 unsigned int fcap_ver;
99 unsigned char type; /* record type */
100 /*
101 * This was an allocated audit_names and not from the array of
102 * names allocated in the task audit context. Thus this name
103 * should be freed on syscall exit.
104 */
105 bool should_free;
106};
107
108/* The per-task audit context. */
109struct audit_context {
110 int dummy; /* must be the first element */
111 int in_syscall; /* 1 if task is in a syscall */
112 enum audit_state state, current_state;
113 unsigned int serial; /* serial number for record */
114 int major; /* syscall number */
115 struct timespec ctime; /* time of syscall entry */
116 unsigned long argv[4]; /* syscall arguments */
117 long return_code;/* syscall return code */
118 u64 prio;
119 int return_valid; /* return code is valid */
120 /*
121 * The names_list is the list of all audit_names collected during this
122 * syscall. The first AUDIT_NAMES entries in the names_list will
123 * actually be from the preallocated_names array for performance
124 * reasons. Except during allocation they should never be referenced
125 * through the preallocated_names array and should only be found/used
126 * by running the names_list.
127 */
128 struct audit_names preallocated_names[AUDIT_NAMES];
129 int name_count; /* total records in names_list */
130 struct list_head names_list; /* struct audit_names->list anchor */
131 char *filterkey; /* key for rule that triggered record */
132 struct path pwd;
133 struct audit_aux_data *aux;
134 struct audit_aux_data *aux_pids;
135 struct sockaddr_storage *sockaddr;
136 size_t sockaddr_len;
137 /* Save things to print about task_struct */
138 pid_t pid, ppid;
139 kuid_t uid, euid, suid, fsuid;
140 kgid_t gid, egid, sgid, fsgid;
141 unsigned long personality;
142 int arch;
143
144 pid_t target_pid;
145 kuid_t target_auid;
146 kuid_t target_uid;
147 unsigned int target_sessionid;
148 u32 target_sid;
149 char target_comm[TASK_COMM_LEN];
150
151 struct audit_tree_refs *trees, *first_trees;
152 struct list_head killed_trees;
153 int tree_count;
154
155 int type;
156 union {
157 struct {
158 int nargs;
159 long args[6];
160 } socketcall;
161 struct {
162 kuid_t uid;
163 kgid_t gid;
164 umode_t mode;
165 u32 osid;
166 int has_perm;
167 uid_t perm_uid;
168 gid_t perm_gid;
169 umode_t perm_mode;
170 unsigned long qbytes;
171 } ipc;
172 struct {
173 mqd_t mqdes;
174 struct mq_attr mqstat;
175 } mq_getsetattr;
176 struct {
177 mqd_t mqdes;
178 int sigev_signo;
179 } mq_notify;
180 struct {
181 mqd_t mqdes;
182 size_t msg_len;
183 unsigned int msg_prio;
184 struct timespec abs_timeout;
185 } mq_sendrecv;
186 struct {
187 int oflag;
188 umode_t mode;
189 struct mq_attr attr;
190 } mq_open;
191 struct {
192 pid_t pid;
193 struct audit_cap_data cap;
194 } capset;
195 struct {
196 int fd;
197 int flags;
198 } mmap;
199 };
200 int fds[2];
201
202#if AUDIT_DEBUG
203 int put_count;
204 int ino_count;
205#endif
206};
207
62extern int audit_ever_enabled; 208extern int audit_ever_enabled;
63 209
210extern void audit_copy_inode(struct audit_names *name,
211 const struct dentry *dentry,
212 const struct inode *inode);
213extern void audit_log_cap(struct audit_buffer *ab, char *prefix,
214 kernel_cap_t *cap);
215extern void audit_log_fcaps(struct audit_buffer *ab, struct audit_names *name);
216extern void audit_log_name(struct audit_context *context,
217 struct audit_names *n, struct path *path,
218 int record_num, int *call_panic);
219
64extern int audit_pid; 220extern int audit_pid;
65 221
66#define AUDIT_INODE_BUCKETS 32 222#define AUDIT_INODE_BUCKETS 32
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 267436826c3b..83a2970295d1 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -310,121 +310,83 @@ static u32 audit_to_op(u32 op)
310 return n; 310 return n;
311} 311}
312 312
313 313/* check if an audit field is valid */
314/* Translate struct audit_rule to kernel's rule respresentation. 314static int audit_field_valid(struct audit_entry *entry, struct audit_field *f)
315 * Exists for backward compatibility with userspace. */
316static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
317{ 315{
318 struct audit_entry *entry; 316 switch(f->type) {
319 int err = 0; 317 case AUDIT_MSGTYPE:
320 int i; 318 if (entry->rule.listnr != AUDIT_FILTER_TYPE &&
321 319 entry->rule.listnr != AUDIT_FILTER_USER)
322 entry = audit_to_entry_common(rule); 320 return -EINVAL;
323 if (IS_ERR(entry)) 321 break;
324 goto exit_nofree; 322 };
325
326 for (i = 0; i < rule->field_count; i++) {
327 struct audit_field *f = &entry->rule.fields[i];
328 u32 n;
329
330 n = rule->fields[i] & (AUDIT_NEGATE|AUDIT_OPERATORS);
331
332 /* Support for legacy operators where
333 * AUDIT_NEGATE bit signifies != and otherwise assumes == */
334 if (n & AUDIT_NEGATE)
335 f->op = Audit_not_equal;
336 else if (!n)
337 f->op = Audit_equal;
338 else
339 f->op = audit_to_op(n);
340
341 entry->rule.vers_ops = (n & AUDIT_OPERATORS) ? 2 : 1;
342
343 f->type = rule->fields[i] & ~(AUDIT_NEGATE|AUDIT_OPERATORS);
344 f->val = rule->values[i];
345 f->uid = INVALID_UID;
346 f->gid = INVALID_GID;
347
348 err = -EINVAL;
349 if (f->op == Audit_bad)
350 goto exit_free;
351
352 switch(f->type) {
353 default:
354 goto exit_free;
355 case AUDIT_UID:
356 case AUDIT_EUID:
357 case AUDIT_SUID:
358 case AUDIT_FSUID:
359 case AUDIT_LOGINUID:
360 /* bit ops not implemented for uid comparisons */
361 if (f->op == Audit_bitmask || f->op == Audit_bittest)
362 goto exit_free;
363
364 f->uid = make_kuid(current_user_ns(), f->val);
365 if (!uid_valid(f->uid))
366 goto exit_free;
367 break;
368 case AUDIT_GID:
369 case AUDIT_EGID:
370 case AUDIT_SGID:
371 case AUDIT_FSGID:
372 /* bit ops not implemented for gid comparisons */
373 if (f->op == Audit_bitmask || f->op == Audit_bittest)
374 goto exit_free;
375
376 f->gid = make_kgid(current_user_ns(), f->val);
377 if (!gid_valid(f->gid))
378 goto exit_free;
379 break;
380 case AUDIT_PID:
381 case AUDIT_PERS:
382 case AUDIT_MSGTYPE:
383 case AUDIT_PPID:
384 case AUDIT_DEVMAJOR:
385 case AUDIT_DEVMINOR:
386 case AUDIT_EXIT:
387 case AUDIT_SUCCESS:
388 /* bit ops are only useful on syscall args */
389 if (f->op == Audit_bitmask || f->op == Audit_bittest)
390 goto exit_free;
391 break;
392 case AUDIT_ARG0:
393 case AUDIT_ARG1:
394 case AUDIT_ARG2:
395 case AUDIT_ARG3:
396 break;
397 /* arch is only allowed to be = or != */
398 case AUDIT_ARCH:
399 if (f->op != Audit_not_equal && f->op != Audit_equal)
400 goto exit_free;
401 entry->rule.arch_f = f;
402 break;
403 case AUDIT_PERM:
404 if (f->val & ~15)
405 goto exit_free;
406 break;
407 case AUDIT_FILETYPE:
408 if (f->val & ~S_IFMT)
409 goto exit_free;
410 break;
411 case AUDIT_INODE:
412 err = audit_to_inode(&entry->rule, f);
413 if (err)
414 goto exit_free;
415 break;
416 }
417 }
418
419 if (entry->rule.inode_f && entry->rule.inode_f->op == Audit_not_equal)
420 entry->rule.inode_f = NULL;
421
422exit_nofree:
423 return entry;
424 323
425exit_free: 324 switch(f->type) {
426 audit_free_rule(entry); 325 default:
427 return ERR_PTR(err); 326 return -EINVAL;
327 case AUDIT_UID:
328 case AUDIT_EUID:
329 case AUDIT_SUID:
330 case AUDIT_FSUID:
331 case AUDIT_LOGINUID:
332 case AUDIT_OBJ_UID:
333 case AUDIT_GID:
334 case AUDIT_EGID:
335 case AUDIT_SGID:
336 case AUDIT_FSGID:
337 case AUDIT_OBJ_GID:
338 case AUDIT_PID:
339 case AUDIT_PERS:
340 case AUDIT_MSGTYPE:
341 case AUDIT_PPID:
342 case AUDIT_DEVMAJOR:
343 case AUDIT_DEVMINOR:
344 case AUDIT_EXIT:
345 case AUDIT_SUCCESS:
346 /* bit ops are only useful on syscall args */
347 if (f->op == Audit_bitmask || f->op == Audit_bittest)
348 return -EINVAL;
349 break;
350 case AUDIT_ARG0:
351 case AUDIT_ARG1:
352 case AUDIT_ARG2:
353 case AUDIT_ARG3:
354 case AUDIT_SUBJ_USER:
355 case AUDIT_SUBJ_ROLE:
356 case AUDIT_SUBJ_TYPE:
357 case AUDIT_SUBJ_SEN:
358 case AUDIT_SUBJ_CLR:
359 case AUDIT_OBJ_USER:
360 case AUDIT_OBJ_ROLE:
361 case AUDIT_OBJ_TYPE:
362 case AUDIT_OBJ_LEV_LOW:
363 case AUDIT_OBJ_LEV_HIGH:
364 case AUDIT_WATCH:
365 case AUDIT_DIR:
366 case AUDIT_FILTERKEY:
367 break;
368 case AUDIT_LOGINUID_SET:
369 if ((f->val != 0) && (f->val != 1))
370 return -EINVAL;
371 /* FALL THROUGH */
372 case AUDIT_ARCH:
373 if (f->op != Audit_not_equal && f->op != Audit_equal)
374 return -EINVAL;
375 break;
376 case AUDIT_PERM:
377 if (f->val & ~15)
378 return -EINVAL;
379 break;
380 case AUDIT_FILETYPE:
381 if (f->val & ~S_IFMT)
382 return -EINVAL;
383 break;
384 case AUDIT_FIELD_COMPARE:
385 if (f->val > AUDIT_MAX_FIELD_COMPARE)
386 return -EINVAL;
387 break;
388 };
389 return 0;
428} 390}
429 391
430/* Translate struct audit_rule_data to kernel's rule respresentation. */ 392/* Translate struct audit_rule_data to kernel's rule respresentation. */
@@ -459,17 +421,25 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
459 f->gid = INVALID_GID; 421 f->gid = INVALID_GID;
460 f->lsm_str = NULL; 422 f->lsm_str = NULL;
461 f->lsm_rule = NULL; 423 f->lsm_rule = NULL;
462 switch(f->type) { 424
425 /* Support legacy tests for a valid loginuid */
426 if ((f->type == AUDIT_LOGINUID) && (f->val == 4294967295)) {
427 f->type = AUDIT_LOGINUID_SET;
428 f->val = 0;
429 }
430
431 err = audit_field_valid(entry, f);
432 if (err)
433 goto exit_free;
434
435 err = -EINVAL;
436 switch (f->type) {
437 case AUDIT_LOGINUID:
463 case AUDIT_UID: 438 case AUDIT_UID:
464 case AUDIT_EUID: 439 case AUDIT_EUID:
465 case AUDIT_SUID: 440 case AUDIT_SUID:
466 case AUDIT_FSUID: 441 case AUDIT_FSUID:
467 case AUDIT_LOGINUID:
468 case AUDIT_OBJ_UID: 442 case AUDIT_OBJ_UID:
469 /* bit ops not implemented for uid comparisons */
470 if (f->op == Audit_bitmask || f->op == Audit_bittest)
471 goto exit_free;
472
473 f->uid = make_kuid(current_user_ns(), f->val); 443 f->uid = make_kuid(current_user_ns(), f->val);
474 if (!uid_valid(f->uid)) 444 if (!uid_valid(f->uid))
475 goto exit_free; 445 goto exit_free;
@@ -479,27 +449,10 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
479 case AUDIT_SGID: 449 case AUDIT_SGID:
480 case AUDIT_FSGID: 450 case AUDIT_FSGID:
481 case AUDIT_OBJ_GID: 451 case AUDIT_OBJ_GID:
482 /* bit ops not implemented for gid comparisons */
483 if (f->op == Audit_bitmask || f->op == Audit_bittest)
484 goto exit_free;
485
486 f->gid = make_kgid(current_user_ns(), f->val); 452 f->gid = make_kgid(current_user_ns(), f->val);
487 if (!gid_valid(f->gid)) 453 if (!gid_valid(f->gid))
488 goto exit_free; 454 goto exit_free;
489 break; 455 break;
490 case AUDIT_PID:
491 case AUDIT_PERS:
492 case AUDIT_MSGTYPE:
493 case AUDIT_PPID:
494 case AUDIT_DEVMAJOR:
495 case AUDIT_DEVMINOR:
496 case AUDIT_EXIT:
497 case AUDIT_SUCCESS:
498 case AUDIT_ARG0:
499 case AUDIT_ARG1:
500 case AUDIT_ARG2:
501 case AUDIT_ARG3:
502 break;
503 case AUDIT_ARCH: 456 case AUDIT_ARCH:
504 entry->rule.arch_f = f; 457 entry->rule.arch_f = f;
505 break; 458 break;
@@ -570,20 +523,6 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
570 entry->rule.buflen += f->val; 523 entry->rule.buflen += f->val;
571 entry->rule.filterkey = str; 524 entry->rule.filterkey = str;
572 break; 525 break;
573 case AUDIT_PERM:
574 if (f->val & ~15)
575 goto exit_free;
576 break;
577 case AUDIT_FILETYPE:
578 if (f->val & ~S_IFMT)
579 goto exit_free;
580 break;
581 case AUDIT_FIELD_COMPARE:
582 if (f->val > AUDIT_MAX_FIELD_COMPARE)
583 goto exit_free;
584 break;
585 default:
586 goto exit_free;
587 } 526 }
588 } 527 }
589 528
@@ -613,36 +552,6 @@ static inline size_t audit_pack_string(void **bufp, const char *str)
613 return len; 552 return len;
614} 553}
615 554
616/* Translate kernel rule respresentation to struct audit_rule.
617 * Exists for backward compatibility with userspace. */
618static struct audit_rule *audit_krule_to_rule(struct audit_krule *krule)
619{
620 struct audit_rule *rule;
621 int i;
622
623 rule = kzalloc(sizeof(*rule), GFP_KERNEL);
624 if (unlikely(!rule))
625 return NULL;
626
627 rule->flags = krule->flags | krule->listnr;
628 rule->action = krule->action;
629 rule->field_count = krule->field_count;
630 for (i = 0; i < rule->field_count; i++) {
631 rule->values[i] = krule->fields[i].val;
632 rule->fields[i] = krule->fields[i].type;
633
634 if (krule->vers_ops == 1) {
635 if (krule->fields[i].op == Audit_not_equal)
636 rule->fields[i] |= AUDIT_NEGATE;
637 } else {
638 rule->fields[i] |= audit_ops[krule->fields[i].op];
639 }
640 }
641 for (i = 0; i < AUDIT_BITMASK_SIZE; i++) rule->mask[i] = krule->mask[i];
642
643 return rule;
644}
645
646/* Translate kernel rule respresentation to struct audit_rule_data. */ 555/* Translate kernel rule respresentation to struct audit_rule_data. */
647static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule) 556static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule)
648{ 557{
@@ -1055,35 +964,6 @@ out:
1055 return ret; 964 return ret;
1056} 965}
1057 966
1058/* List rules using struct audit_rule. Exists for backward
1059 * compatibility with userspace. */
1060static void audit_list(int pid, int seq, struct sk_buff_head *q)
1061{
1062 struct sk_buff *skb;
1063 struct audit_krule *r;
1064 int i;
1065
1066 /* This is a blocking read, so use audit_filter_mutex instead of rcu
1067 * iterator to sync with list writers. */
1068 for (i=0; i<AUDIT_NR_FILTERS; i++) {
1069 list_for_each_entry(r, &audit_rules_list[i], list) {
1070 struct audit_rule *rule;
1071
1072 rule = audit_krule_to_rule(r);
1073 if (unlikely(!rule))
1074 break;
1075 skb = audit_make_reply(pid, seq, AUDIT_LIST, 0, 1,
1076 rule, sizeof(*rule));
1077 if (skb)
1078 skb_queue_tail(q, skb);
1079 kfree(rule);
1080 }
1081 }
1082 skb = audit_make_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
1083 if (skb)
1084 skb_queue_tail(q, skb);
1085}
1086
1087/* List rules using struct audit_rule_data. */ 967/* List rules using struct audit_rule_data. */
1088static void audit_list_rules(int pid, int seq, struct sk_buff_head *q) 968static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
1089{ 969{
@@ -1113,11 +993,11 @@ static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
1113} 993}
1114 994
1115/* Log rule additions and removals */ 995/* Log rule additions and removals */
1116static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid, 996static void audit_log_rule_change(char *action, struct audit_krule *rule, int res)
1117 char *action, struct audit_krule *rule,
1118 int res)
1119{ 997{
1120 struct audit_buffer *ab; 998 struct audit_buffer *ab;
999 uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(current));
1000 u32 sessionid = audit_get_sessionid(current);
1121 1001
1122 if (!audit_enabled) 1002 if (!audit_enabled)
1123 return; 1003 return;
@@ -1125,18 +1005,8 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
1125 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); 1005 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
1126 if (!ab) 1006 if (!ab)
1127 return; 1007 return;
1128 audit_log_format(ab, "auid=%u ses=%u", 1008 audit_log_format(ab, "auid=%u ses=%u" ,loginuid, sessionid);
1129 from_kuid(&init_user_ns, loginuid), sessionid); 1009 audit_log_task_context(ab);
1130 if (sid) {
1131 char *ctx = NULL;
1132 u32 len;
1133 if (security_secid_to_secctx(sid, &ctx, &len))
1134 audit_log_format(ab, " ssid=%u", sid);
1135 else {
1136 audit_log_format(ab, " subj=%s", ctx);
1137 security_release_secctx(ctx, len);
1138 }
1139 }
1140 audit_log_format(ab, " op="); 1010 audit_log_format(ab, " op=");
1141 audit_log_string(ab, action); 1011 audit_log_string(ab, action);
1142 audit_log_key(ab, rule->filterkey); 1012 audit_log_key(ab, rule->filterkey);
@@ -1155,8 +1025,7 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
1155 * @sessionid: sessionid for netlink audit message 1025 * @sessionid: sessionid for netlink audit message
1156 * @sid: SE Linux Security ID of sender 1026 * @sid: SE Linux Security ID of sender
1157 */ 1027 */
1158int audit_receive_filter(int type, int pid, int seq, void *data, 1028int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz)
1159 size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid)
1160{ 1029{
1161 struct task_struct *tsk; 1030 struct task_struct *tsk;
1162 struct audit_netlink_list *dest; 1031 struct audit_netlink_list *dest;
@@ -1164,7 +1033,6 @@ int audit_receive_filter(int type, int pid, int seq, void *data,
1164 struct audit_entry *entry; 1033 struct audit_entry *entry;
1165 1034
1166 switch (type) { 1035 switch (type) {
1167 case AUDIT_LIST:
1168 case AUDIT_LIST_RULES: 1036 case AUDIT_LIST_RULES:
1169 /* We can't just spew out the rules here because we might fill 1037 /* We can't just spew out the rules here because we might fill
1170 * the available socket buffer space and deadlock waiting for 1038 * the available socket buffer space and deadlock waiting for
@@ -1179,10 +1047,7 @@ int audit_receive_filter(int type, int pid, int seq, void *data,
1179 skb_queue_head_init(&dest->q); 1047 skb_queue_head_init(&dest->q);
1180 1048
1181 mutex_lock(&audit_filter_mutex); 1049 mutex_lock(&audit_filter_mutex);
1182 if (type == AUDIT_LIST) 1050 audit_list_rules(pid, seq, &dest->q);
1183 audit_list(pid, seq, &dest->q);
1184 else
1185 audit_list_rules(pid, seq, &dest->q);
1186 mutex_unlock(&audit_filter_mutex); 1051 mutex_unlock(&audit_filter_mutex);
1187 1052
1188 tsk = kthread_run(audit_send_list, dest, "audit_send_list"); 1053 tsk = kthread_run(audit_send_list, dest, "audit_send_list");
@@ -1192,35 +1057,23 @@ int audit_receive_filter(int type, int pid, int seq, void *data,
1192 err = PTR_ERR(tsk); 1057 err = PTR_ERR(tsk);
1193 } 1058 }
1194 break; 1059 break;
1195 case AUDIT_ADD:
1196 case AUDIT_ADD_RULE: 1060 case AUDIT_ADD_RULE:
1197 if (type == AUDIT_ADD) 1061 entry = audit_data_to_entry(data, datasz);
1198 entry = audit_rule_to_entry(data);
1199 else
1200 entry = audit_data_to_entry(data, datasz);
1201 if (IS_ERR(entry)) 1062 if (IS_ERR(entry))
1202 return PTR_ERR(entry); 1063 return PTR_ERR(entry);
1203 1064
1204 err = audit_add_rule(entry); 1065 err = audit_add_rule(entry);
1205 audit_log_rule_change(loginuid, sessionid, sid, "add rule", 1066 audit_log_rule_change("add rule", &entry->rule, !err);
1206 &entry->rule, !err);
1207
1208 if (err) 1067 if (err)
1209 audit_free_rule(entry); 1068 audit_free_rule(entry);
1210 break; 1069 break;
1211 case AUDIT_DEL:
1212 case AUDIT_DEL_RULE: 1070 case AUDIT_DEL_RULE:
1213 if (type == AUDIT_DEL) 1071 entry = audit_data_to_entry(data, datasz);
1214 entry = audit_rule_to_entry(data);
1215 else
1216 entry = audit_data_to_entry(data, datasz);
1217 if (IS_ERR(entry)) 1072 if (IS_ERR(entry))
1218 return PTR_ERR(entry); 1073 return PTR_ERR(entry);
1219 1074
1220 err = audit_del_rule(entry); 1075 err = audit_del_rule(entry);
1221 audit_log_rule_change(loginuid, sessionid, sid, "remove rule", 1076 audit_log_rule_change("remove rule", &entry->rule, !err);
1222 &entry->rule, !err);
1223
1224 audit_free_rule(entry); 1077 audit_free_rule(entry);
1225 break; 1078 break;
1226 default: 1079 default:
@@ -1358,7 +1211,7 @@ int audit_compare_dname_path(const char *dname, const char *path, int parentlen)
1358 return strncmp(p, dname, dlen); 1211 return strncmp(p, dname, dlen);
1359} 1212}
1360 1213
1361static int audit_filter_user_rules(struct audit_krule *rule, 1214static int audit_filter_user_rules(struct audit_krule *rule, int type,
1362 enum audit_state *state) 1215 enum audit_state *state)
1363{ 1216{
1364 int i; 1217 int i;
@@ -1382,6 +1235,13 @@ static int audit_filter_user_rules(struct audit_krule *rule,
1382 result = audit_uid_comparator(audit_get_loginuid(current), 1235 result = audit_uid_comparator(audit_get_loginuid(current),
1383 f->op, f->uid); 1236 f->op, f->uid);
1384 break; 1237 break;
1238 case AUDIT_LOGINUID_SET:
1239 result = audit_comparator(audit_loginuid_set(current),
1240 f->op, f->val);
1241 break;
1242 case AUDIT_MSGTYPE:
1243 result = audit_comparator(type, f->op, f->val);
1244 break;
1385 case AUDIT_SUBJ_USER: 1245 case AUDIT_SUBJ_USER:
1386 case AUDIT_SUBJ_ROLE: 1246 case AUDIT_SUBJ_ROLE:
1387 case AUDIT_SUBJ_TYPE: 1247 case AUDIT_SUBJ_TYPE:
@@ -1408,7 +1268,7 @@ static int audit_filter_user_rules(struct audit_krule *rule,
1408 return 1; 1268 return 1;
1409} 1269}
1410 1270
1411int audit_filter_user(void) 1271int audit_filter_user(int type)
1412{ 1272{
1413 enum audit_state state = AUDIT_DISABLED; 1273 enum audit_state state = AUDIT_DISABLED;
1414 struct audit_entry *e; 1274 struct audit_entry *e;
@@ -1416,7 +1276,7 @@ int audit_filter_user(void)
1416 1276
1417 rcu_read_lock(); 1277 rcu_read_lock();
1418 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_USER], list) { 1278 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_USER], list) {
1419 if (audit_filter_user_rules(&e->rule, &state)) { 1279 if (audit_filter_user_rules(&e->rule, type, &state)) {
1420 if (state == AUDIT_DISABLED) 1280 if (state == AUDIT_DISABLED)
1421 ret = 0; 1281 ret = 0;
1422 break; 1282 break;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index c68229411a7c..3c8a601324a2 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -76,11 +76,6 @@
76#define AUDITSC_SUCCESS 1 76#define AUDITSC_SUCCESS 1
77#define AUDITSC_FAILURE 2 77#define AUDITSC_FAILURE 2
78 78
79/* AUDIT_NAMES is the number of slots we reserve in the audit_context
80 * for saving names from getname(). If we get more names we will allocate
81 * a name dynamically and also add those to the list anchored by names_list. */
82#define AUDIT_NAMES 5
83
84/* no execve audit message should be longer than this (userspace limits) */ 79/* no execve audit message should be longer than this (userspace limits) */
85#define MAX_EXECVE_AUDIT_LEN 7500 80#define MAX_EXECVE_AUDIT_LEN 7500
86 81
@@ -90,44 +85,6 @@ int audit_n_rules;
90/* determines whether we collect data for signals sent */ 85/* determines whether we collect data for signals sent */
91int audit_signals; 86int audit_signals;
92 87
93struct audit_cap_data {
94 kernel_cap_t permitted;
95 kernel_cap_t inheritable;
96 union {
97 unsigned int fE; /* effective bit of a file capability */
98 kernel_cap_t effective; /* effective set of a process */
99 };
100};
101
102/* When fs/namei.c:getname() is called, we store the pointer in name and
103 * we don't let putname() free it (instead we free all of the saved
104 * pointers at syscall exit time).
105 *
106 * Further, in fs/namei.c:path_lookup() we store the inode and device.
107 */
108struct audit_names {
109 struct list_head list; /* audit_context->names_list */
110 struct filename *name;
111 unsigned long ino;
112 dev_t dev;
113 umode_t mode;
114 kuid_t uid;
115 kgid_t gid;
116 dev_t rdev;
117 u32 osid;
118 struct audit_cap_data fcap;
119 unsigned int fcap_ver;
120 int name_len; /* number of name's characters to log */
121 unsigned char type; /* record type */
122 bool name_put; /* call __putname() for this name */
123 /*
124 * This was an allocated audit_names and not from the array of
125 * names allocated in the task audit context. Thus this name
126 * should be freed on syscall exit
127 */
128 bool should_free;
129};
130
131struct audit_aux_data { 88struct audit_aux_data {
132 struct audit_aux_data *next; 89 struct audit_aux_data *next;
133 int type; 90 int type;
@@ -175,106 +132,6 @@ struct audit_tree_refs {
175 struct audit_chunk *c[31]; 132 struct audit_chunk *c[31];
176}; 133};
177 134
178/* The per-task audit context. */
179struct audit_context {
180 int dummy; /* must be the first element */
181 int in_syscall; /* 1 if task is in a syscall */
182 enum audit_state state, current_state;
183 unsigned int serial; /* serial number for record */
184 int major; /* syscall number */
185 struct timespec ctime; /* time of syscall entry */
186 unsigned long argv[4]; /* syscall arguments */
187 long return_code;/* syscall return code */
188 u64 prio;
189 int return_valid; /* return code is valid */
190 /*
191 * The names_list is the list of all audit_names collected during this
192 * syscall. The first AUDIT_NAMES entries in the names_list will
193 * actually be from the preallocated_names array for performance
194 * reasons. Except during allocation they should never be referenced
195 * through the preallocated_names array and should only be found/used
196 * by running the names_list.
197 */
198 struct audit_names preallocated_names[AUDIT_NAMES];
199 int name_count; /* total records in names_list */
200 struct list_head names_list; /* anchor for struct audit_names->list */
201 char * filterkey; /* key for rule that triggered record */
202 struct path pwd;
203 struct audit_aux_data *aux;
204 struct audit_aux_data *aux_pids;
205 struct sockaddr_storage *sockaddr;
206 size_t sockaddr_len;
207 /* Save things to print about task_struct */
208 pid_t pid, ppid;
209 kuid_t uid, euid, suid, fsuid;
210 kgid_t gid, egid, sgid, fsgid;
211 unsigned long personality;
212 int arch;
213
214 pid_t target_pid;
215 kuid_t target_auid;
216 kuid_t target_uid;
217 unsigned int target_sessionid;
218 u32 target_sid;
219 char target_comm[TASK_COMM_LEN];
220
221 struct audit_tree_refs *trees, *first_trees;
222 struct list_head killed_trees;
223 int tree_count;
224
225 int type;
226 union {
227 struct {
228 int nargs;
229 long args[6];
230 } socketcall;
231 struct {
232 kuid_t uid;
233 kgid_t gid;
234 umode_t mode;
235 u32 osid;
236 int has_perm;
237 uid_t perm_uid;
238 gid_t perm_gid;
239 umode_t perm_mode;
240 unsigned long qbytes;
241 } ipc;
242 struct {
243 mqd_t mqdes;
244 struct mq_attr mqstat;
245 } mq_getsetattr;
246 struct {
247 mqd_t mqdes;
248 int sigev_signo;
249 } mq_notify;
250 struct {
251 mqd_t mqdes;
252 size_t msg_len;
253 unsigned int msg_prio;
254 struct timespec abs_timeout;
255 } mq_sendrecv;
256 struct {
257 int oflag;
258 umode_t mode;
259 struct mq_attr attr;
260 } mq_open;
261 struct {
262 pid_t pid;
263 struct audit_cap_data cap;
264 } capset;
265 struct {
266 int fd;
267 int flags;
268 } mmap;
269 };
270 int fds[2];
271
272#if AUDIT_DEBUG
273 int put_count;
274 int ino_count;
275#endif
276};
277
278static inline int open_arg(int flags, int mask) 135static inline int open_arg(int flags, int mask)
279{ 136{
280 int n = ACC_MODE(flags); 137 int n = ACC_MODE(flags);
@@ -633,9 +490,23 @@ static int audit_filter_rules(struct task_struct *tsk,
633 break; 490 break;
634 case AUDIT_GID: 491 case AUDIT_GID:
635 result = audit_gid_comparator(cred->gid, f->op, f->gid); 492 result = audit_gid_comparator(cred->gid, f->op, f->gid);
493 if (f->op == Audit_equal) {
494 if (!result)
495 result = in_group_p(f->gid);
496 } else if (f->op == Audit_not_equal) {
497 if (result)
498 result = !in_group_p(f->gid);
499 }
636 break; 500 break;
637 case AUDIT_EGID: 501 case AUDIT_EGID:
638 result = audit_gid_comparator(cred->egid, f->op, f->gid); 502 result = audit_gid_comparator(cred->egid, f->op, f->gid);
503 if (f->op == Audit_equal) {
504 if (!result)
505 result = in_egroup_p(f->gid);
506 } else if (f->op == Audit_not_equal) {
507 if (result)
508 result = !in_egroup_p(f->gid);
509 }
639 break; 510 break;
640 case AUDIT_SGID: 511 case AUDIT_SGID:
641 result = audit_gid_comparator(cred->sgid, f->op, f->gid); 512 result = audit_gid_comparator(cred->sgid, f->op, f->gid);
@@ -742,6 +613,9 @@ static int audit_filter_rules(struct task_struct *tsk,
742 if (ctx) 613 if (ctx)
743 result = audit_uid_comparator(tsk->loginuid, f->op, f->uid); 614 result = audit_uid_comparator(tsk->loginuid, f->op, f->uid);
744 break; 615 break;
616 case AUDIT_LOGINUID_SET:
617 result = audit_comparator(audit_loginuid_set(tsk), f->op, f->val);
618 break;
745 case AUDIT_SUBJ_USER: 619 case AUDIT_SUBJ_USER:
746 case AUDIT_SUBJ_ROLE: 620 case AUDIT_SUBJ_ROLE:
747 case AUDIT_SUBJ_TYPE: 621 case AUDIT_SUBJ_TYPE:
@@ -987,6 +861,8 @@ static inline void audit_free_names(struct audit_context *context)
987 861
988#if AUDIT_DEBUG == 2 862#if AUDIT_DEBUG == 2
989 if (context->put_count + context->ino_count != context->name_count) { 863 if (context->put_count + context->ino_count != context->name_count) {
864 int i = 0;
865
990 printk(KERN_ERR "%s:%d(:%d): major=%d in_syscall=%d" 866 printk(KERN_ERR "%s:%d(:%d): major=%d in_syscall=%d"
991 " name_count=%d put_count=%d" 867 " name_count=%d put_count=%d"
992 " ino_count=%d [NOT freeing]\n", 868 " ino_count=%d [NOT freeing]\n",
@@ -995,7 +871,7 @@ static inline void audit_free_names(struct audit_context *context)
995 context->name_count, context->put_count, 871 context->name_count, context->put_count,
996 context->ino_count); 872 context->ino_count);
997 list_for_each_entry(n, &context->names_list, list) { 873 list_for_each_entry(n, &context->names_list, list) {
998 printk(KERN_ERR "names[%d] = %p = %s\n", i, 874 printk(KERN_ERR "names[%d] = %p = %s\n", i++,
999 n->name, n->name->name ?: "(null)"); 875 n->name, n->name->name ?: "(null)");
1000 } 876 }
1001 dump_stack(); 877 dump_stack();
@@ -1010,7 +886,7 @@ static inline void audit_free_names(struct audit_context *context)
1010 list_for_each_entry_safe(n, next, &context->names_list, list) { 886 list_for_each_entry_safe(n, next, &context->names_list, list) {
1011 list_del(&n->list); 887 list_del(&n->list);
1012 if (n->name && n->name_put) 888 if (n->name && n->name_put)
1013 __putname(n->name); 889 final_putname(n->name);
1014 if (n->should_free) 890 if (n->should_free)
1015 kfree(n); 891 kfree(n);
1016 } 892 }
@@ -1093,88 +969,6 @@ static inline void audit_free_context(struct audit_context *context)
1093 kfree(context); 969 kfree(context);
1094} 970}
1095 971
1096void audit_log_task_context(struct audit_buffer *ab)
1097{
1098 char *ctx = NULL;
1099 unsigned len;
1100 int error;
1101 u32 sid;
1102
1103 security_task_getsecid(current, &sid);
1104 if (!sid)
1105 return;
1106
1107 error = security_secid_to_secctx(sid, &ctx, &len);
1108 if (error) {
1109 if (error != -EINVAL)
1110 goto error_path;
1111 return;
1112 }
1113
1114 audit_log_format(ab, " subj=%s", ctx);
1115 security_release_secctx(ctx, len);
1116 return;
1117
1118error_path:
1119 audit_panic("error in audit_log_task_context");
1120 return;
1121}
1122
1123EXPORT_SYMBOL(audit_log_task_context);
1124
1125void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
1126{
1127 const struct cred *cred;
1128 char name[sizeof(tsk->comm)];
1129 struct mm_struct *mm = tsk->mm;
1130 char *tty;
1131
1132 if (!ab)
1133 return;
1134
1135 /* tsk == current */
1136 cred = current_cred();
1137
1138 spin_lock_irq(&tsk->sighand->siglock);
1139 if (tsk->signal && tsk->signal->tty)
1140 tty = tsk->signal->tty->name;
1141 else
1142 tty = "(none)";
1143 spin_unlock_irq(&tsk->sighand->siglock);
1144
1145
1146 audit_log_format(ab,
1147 " ppid=%ld pid=%d auid=%u uid=%u gid=%u"
1148 " euid=%u suid=%u fsuid=%u"
1149 " egid=%u sgid=%u fsgid=%u ses=%u tty=%s",
1150 sys_getppid(),
1151 tsk->pid,
1152 from_kuid(&init_user_ns, tsk->loginuid),
1153 from_kuid(&init_user_ns, cred->uid),
1154 from_kgid(&init_user_ns, cred->gid),
1155 from_kuid(&init_user_ns, cred->euid),
1156 from_kuid(&init_user_ns, cred->suid),
1157 from_kuid(&init_user_ns, cred->fsuid),
1158 from_kgid(&init_user_ns, cred->egid),
1159 from_kgid(&init_user_ns, cred->sgid),
1160 from_kgid(&init_user_ns, cred->fsgid),
1161 tsk->sessionid, tty);
1162
1163 get_task_comm(name, tsk);
1164 audit_log_format(ab, " comm=");
1165 audit_log_untrustedstring(ab, name);
1166
1167 if (mm) {
1168 down_read(&mm->mmap_sem);
1169 if (mm->exe_file)
1170 audit_log_d_path(ab, " exe=", &mm->exe_file->f_path);
1171 up_read(&mm->mmap_sem);
1172 }
1173 audit_log_task_context(ab);
1174}
1175
1176EXPORT_SYMBOL(audit_log_task_info);
1177
1178static int audit_log_pid_context(struct audit_context *context, pid_t pid, 972static int audit_log_pid_context(struct audit_context *context, pid_t pid,
1179 kuid_t auid, kuid_t uid, unsigned int sessionid, 973 kuid_t auid, kuid_t uid, unsigned int sessionid,
1180 u32 sid, char *comm) 974 u32 sid, char *comm)
@@ -1191,12 +985,14 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
1191 audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, 985 audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid,
1192 from_kuid(&init_user_ns, auid), 986 from_kuid(&init_user_ns, auid),
1193 from_kuid(&init_user_ns, uid), sessionid); 987 from_kuid(&init_user_ns, uid), sessionid);
1194 if (security_secid_to_secctx(sid, &ctx, &len)) { 988 if (sid) {
1195 audit_log_format(ab, " obj=(none)"); 989 if (security_secid_to_secctx(sid, &ctx, &len)) {
1196 rc = 1; 990 audit_log_format(ab, " obj=(none)");
1197 } else { 991 rc = 1;
1198 audit_log_format(ab, " obj=%s", ctx); 992 } else {
1199 security_release_secctx(ctx, len); 993 audit_log_format(ab, " obj=%s", ctx);
994 security_release_secctx(ctx, len);
995 }
1200 } 996 }
1201 audit_log_format(ab, " ocomm="); 997 audit_log_format(ab, " ocomm=");
1202 audit_log_untrustedstring(ab, comm); 998 audit_log_untrustedstring(ab, comm);
@@ -1390,35 +1186,6 @@ static void audit_log_execve_info(struct audit_context *context,
1390 kfree(buf); 1186 kfree(buf);
1391} 1187}
1392 1188
1393static void audit_log_cap(struct audit_buffer *ab, char *prefix, kernel_cap_t *cap)
1394{
1395 int i;
1396
1397 audit_log_format(ab, " %s=", prefix);
1398 CAP_FOR_EACH_U32(i) {
1399 audit_log_format(ab, "%08x", cap->cap[(_KERNEL_CAPABILITY_U32S-1) - i]);
1400 }
1401}
1402
1403static void audit_log_fcaps(struct audit_buffer *ab, struct audit_names *name)
1404{
1405 kernel_cap_t *perm = &name->fcap.permitted;
1406 kernel_cap_t *inh = &name->fcap.inheritable;
1407 int log = 0;
1408
1409 if (!cap_isclear(*perm)) {
1410 audit_log_cap(ab, "cap_fp", perm);
1411 log = 1;
1412 }
1413 if (!cap_isclear(*inh)) {
1414 audit_log_cap(ab, "cap_fi", inh);
1415 log = 1;
1416 }
1417
1418 if (log)
1419 audit_log_format(ab, " cap_fe=%d cap_fver=%x", name->fcap.fE, name->fcap_ver);
1420}
1421
1422static void show_special(struct audit_context *context, int *call_panic) 1189static void show_special(struct audit_context *context, int *call_panic)
1423{ 1190{
1424 struct audit_buffer *ab; 1191 struct audit_buffer *ab;
@@ -1516,68 +1283,6 @@ static void show_special(struct audit_context *context, int *call_panic)
1516 audit_log_end(ab); 1283 audit_log_end(ab);
1517} 1284}
1518 1285
1519static void audit_log_name(struct audit_context *context, struct audit_names *n,
1520 int record_num, int *call_panic)
1521{
1522 struct audit_buffer *ab;
1523 ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH);
1524 if (!ab)
1525 return; /* audit_panic has been called */
1526
1527 audit_log_format(ab, "item=%d", record_num);
1528
1529 if (n->name) {
1530 switch (n->name_len) {
1531 case AUDIT_NAME_FULL:
1532 /* log the full path */
1533 audit_log_format(ab, " name=");
1534 audit_log_untrustedstring(ab, n->name->name);
1535 break;
1536 case 0:
1537 /* name was specified as a relative path and the
1538 * directory component is the cwd */
1539 audit_log_d_path(ab, " name=", &context->pwd);
1540 break;
1541 default:
1542 /* log the name's directory component */
1543 audit_log_format(ab, " name=");
1544 audit_log_n_untrustedstring(ab, n->name->name,
1545 n->name_len);
1546 }
1547 } else
1548 audit_log_format(ab, " name=(null)");
1549
1550 if (n->ino != (unsigned long)-1) {
1551 audit_log_format(ab, " inode=%lu"
1552 " dev=%02x:%02x mode=%#ho"
1553 " ouid=%u ogid=%u rdev=%02x:%02x",
1554 n->ino,
1555 MAJOR(n->dev),
1556 MINOR(n->dev),
1557 n->mode,
1558 from_kuid(&init_user_ns, n->uid),
1559 from_kgid(&init_user_ns, n->gid),
1560 MAJOR(n->rdev),
1561 MINOR(n->rdev));
1562 }
1563 if (n->osid != 0) {
1564 char *ctx = NULL;
1565 u32 len;
1566 if (security_secid_to_secctx(
1567 n->osid, &ctx, &len)) {
1568 audit_log_format(ab, " osid=%u", n->osid);
1569 *call_panic = 2;
1570 } else {
1571 audit_log_format(ab, " obj=%s", ctx);
1572 security_release_secctx(ctx, len);
1573 }
1574 }
1575
1576 audit_log_fcaps(ab, n);
1577
1578 audit_log_end(ab);
1579}
1580
1581static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) 1286static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
1582{ 1287{
1583 int i, call_panic = 0; 1288 int i, call_panic = 0;
@@ -1695,7 +1400,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
1695 1400
1696 i = 0; 1401 i = 0;
1697 list_for_each_entry(n, &context->names_list, list) 1402 list_for_each_entry(n, &context->names_list, list)
1698 audit_log_name(context, n, i++, &call_panic); 1403 audit_log_name(context, n, NULL, i++, &call_panic);
1699 1404
1700 /* Send end of event record to help user space know we are finished */ 1405 /* Send end of event record to help user space know we are finished */
1701 ab = audit_log_start(context, GFP_KERNEL, AUDIT_EOE); 1406 ab = audit_log_start(context, GFP_KERNEL, AUDIT_EOE);
@@ -2030,18 +1735,18 @@ void audit_putname(struct filename *name)
2030 BUG_ON(!context); 1735 BUG_ON(!context);
2031 if (!context->in_syscall) { 1736 if (!context->in_syscall) {
2032#if AUDIT_DEBUG == 2 1737#if AUDIT_DEBUG == 2
2033 printk(KERN_ERR "%s:%d(:%d): __putname(%p)\n", 1738 printk(KERN_ERR "%s:%d(:%d): final_putname(%p)\n",
2034 __FILE__, __LINE__, context->serial, name); 1739 __FILE__, __LINE__, context->serial, name);
2035 if (context->name_count) { 1740 if (context->name_count) {
2036 struct audit_names *n; 1741 struct audit_names *n;
2037 int i; 1742 int i = 0;
2038 1743
2039 list_for_each_entry(n, &context->names_list, list) 1744 list_for_each_entry(n, &context->names_list, list)
2040 printk(KERN_ERR "name[%d] = %p = %s\n", i, 1745 printk(KERN_ERR "name[%d] = %p = %s\n", i++,
2041 n->name, n->name->name ?: "(null)"); 1746 n->name, n->name->name ?: "(null)");
2042 } 1747 }
2043#endif 1748#endif
2044 __putname(name); 1749 final_putname(name);
2045 } 1750 }
2046#if AUDIT_DEBUG 1751#if AUDIT_DEBUG
2047 else { 1752 else {
@@ -2060,41 +1765,6 @@ void audit_putname(struct filename *name)
2060#endif 1765#endif
2061} 1766}
2062 1767
2063static inline int audit_copy_fcaps(struct audit_names *name, const struct dentry *dentry)
2064{
2065 struct cpu_vfs_cap_data caps;
2066 int rc;
2067
2068 if (!dentry)
2069 return 0;
2070
2071 rc = get_vfs_caps_from_disk(dentry, &caps);
2072 if (rc)
2073 return rc;
2074
2075 name->fcap.permitted = caps.permitted;
2076 name->fcap.inheritable = caps.inheritable;
2077 name->fcap.fE = !!(caps.magic_etc & VFS_CAP_FLAGS_EFFECTIVE);
2078 name->fcap_ver = (caps.magic_etc & VFS_CAP_REVISION_MASK) >> VFS_CAP_REVISION_SHIFT;
2079
2080 return 0;
2081}
2082
2083
2084/* Copy inode data into an audit_names. */
2085static void audit_copy_inode(struct audit_names *name, const struct dentry *dentry,
2086 const struct inode *inode)
2087{
2088 name->ino = inode->i_ino;
2089 name->dev = inode->i_sb->s_dev;
2090 name->mode = inode->i_mode;
2091 name->uid = inode->i_uid;
2092 name->gid = inode->i_gid;
2093 name->rdev = inode->i_rdev;
2094 security_inode_getsecid(inode, &name->osid);
2095 audit_copy_fcaps(name, dentry);
2096}
2097
2098/** 1768/**
2099 * __audit_inode - store the inode and device from a lookup 1769 * __audit_inode - store the inode and device from a lookup
2100 * @name: name being audited 1770 * @name: name being audited
@@ -2303,7 +1973,7 @@ int audit_set_loginuid(kuid_t loginuid)
2303 unsigned int sessionid; 1973 unsigned int sessionid;
2304 1974
2305#ifdef CONFIG_AUDIT_LOGINUID_IMMUTABLE 1975#ifdef CONFIG_AUDIT_LOGINUID_IMMUTABLE
2306 if (uid_valid(task->loginuid)) 1976 if (audit_loginuid_set(task))
2307 return -EPERM; 1977 return -EPERM;
2308#else /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */ 1978#else /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */
2309 if (!capable(CAP_AUDIT_CONTROL)) 1979 if (!capable(CAP_AUDIT_CONTROL))
@@ -2471,17 +2141,20 @@ int __audit_bprm(struct linux_binprm *bprm)
2471 2141
2472/** 2142/**
2473 * audit_socketcall - record audit data for sys_socketcall 2143 * audit_socketcall - record audit data for sys_socketcall
2474 * @nargs: number of args 2144 * @nargs: number of args, which should not be more than AUDITSC_ARGS.
2475 * @args: args array 2145 * @args: args array
2476 * 2146 *
2477 */ 2147 */
2478void __audit_socketcall(int nargs, unsigned long *args) 2148int __audit_socketcall(int nargs, unsigned long *args)
2479{ 2149{
2480 struct audit_context *context = current->audit_context; 2150 struct audit_context *context = current->audit_context;
2481 2151
2152 if (nargs <= 0 || nargs > AUDITSC_ARGS || !args)
2153 return -EINVAL;
2482 context->type = AUDIT_SOCKETCALL; 2154 context->type = AUDIT_SOCKETCALL;
2483 context->socketcall.nargs = nargs; 2155 context->socketcall.nargs = nargs;
2484 memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long)); 2156 memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long));
2157 return 0;
2485} 2158}
2486 2159
2487/** 2160/**