diff options
| author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-10-04 11:15:55 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-10-04 11:15:55 -0400 |
| commit | 18e6756a6b463e09fd3873592ec6b0579c78103d (patch) | |
| tree | 71e1394146450f9124041ae7f9a7f804e6c75c30 /kernel | |
| parent | a0a00cbf8ae5cea3d72e28982c06f3270420c657 (diff) | |
| parent | c8e649ba908954447e9a095677f6a6c8e50a37b2 (diff) | |
Merge branch 'audit.b32' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b32' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[PATCH] message types updated
[PATCH] name_count array overrun
[PATCH] PPID filtering fix
[PATCH] arch filter lists with < or > should not be accepted
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/auditfilter.c | 9 | ||||
| -rw-r--r-- | kernel/auditsc.c | 28 |
2 files changed, 32 insertions, 5 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 1a58a81fb09d..4f40d923af8e 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -411,7 +411,6 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) | |||
| 411 | case AUDIT_FSGID: | 411 | case AUDIT_FSGID: |
| 412 | case AUDIT_LOGINUID: | 412 | case AUDIT_LOGINUID: |
| 413 | case AUDIT_PERS: | 413 | case AUDIT_PERS: |
| 414 | case AUDIT_ARCH: | ||
| 415 | case AUDIT_MSGTYPE: | 414 | case AUDIT_MSGTYPE: |
| 416 | case AUDIT_PPID: | 415 | case AUDIT_PPID: |
| 417 | case AUDIT_DEVMAJOR: | 416 | case AUDIT_DEVMAJOR: |
| @@ -423,6 +422,14 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) | |||
| 423 | case AUDIT_ARG2: | 422 | case AUDIT_ARG2: |
| 424 | case AUDIT_ARG3: | 423 | case AUDIT_ARG3: |
| 425 | break; | 424 | break; |
| 425 | /* arch is only allowed to be = or != */ | ||
| 426 | case AUDIT_ARCH: | ||
| 427 | if ((f->op != AUDIT_NOT_EQUAL) && (f->op != AUDIT_EQUAL) | ||
| 428 | && (f->op != AUDIT_NEGATE) && (f->op)) { | ||
| 429 | err = -EINVAL; | ||
| 430 | goto exit_free; | ||
| 431 | } | ||
| 432 | break; | ||
| 426 | case AUDIT_PERM: | 433 | case AUDIT_PERM: |
| 427 | if (f->val & ~15) | 434 | if (f->val & ~15) |
| 428 | goto exit_free; | 435 | goto exit_free; |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 105147631753..42f2f1179711 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -278,8 +278,11 @@ static int audit_filter_rules(struct task_struct *tsk, | |||
| 278 | result = audit_comparator(tsk->pid, f->op, f->val); | 278 | result = audit_comparator(tsk->pid, f->op, f->val); |
| 279 | break; | 279 | break; |
| 280 | case AUDIT_PPID: | 280 | case AUDIT_PPID: |
| 281 | if (ctx) | 281 | if (ctx) { |
| 282 | if (!ctx->ppid) | ||
| 283 | ctx->ppid = sys_getppid(); | ||
| 282 | result = audit_comparator(ctx->ppid, f->op, f->val); | 284 | result = audit_comparator(ctx->ppid, f->op, f->val); |
| 285 | } | ||
| 283 | break; | 286 | break; |
| 284 | case AUDIT_UID: | 287 | case AUDIT_UID: |
| 285 | result = audit_comparator(tsk->uid, f->op, f->val); | 288 | result = audit_comparator(tsk->uid, f->op, f->val); |
| @@ -795,7 +798,8 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
| 795 | 798 | ||
| 796 | /* tsk == current */ | 799 | /* tsk == current */ |
| 797 | context->pid = tsk->pid; | 800 | context->pid = tsk->pid; |
| 798 | context->ppid = sys_getppid(); /* sic. tsk == current in all cases */ | 801 | if (!context->ppid) |
| 802 | context->ppid = sys_getppid(); | ||
| 799 | context->uid = tsk->uid; | 803 | context->uid = tsk->uid; |
| 800 | context->gid = tsk->gid; | 804 | context->gid = tsk->gid; |
| 801 | context->euid = tsk->euid; | 805 | context->euid = tsk->euid; |
| @@ -1137,6 +1141,7 @@ void audit_syscall_entry(int arch, int major, | |||
| 1137 | context->ctime = CURRENT_TIME; | 1141 | context->ctime = CURRENT_TIME; |
| 1138 | context->in_syscall = 1; | 1142 | context->in_syscall = 1; |
| 1139 | context->auditable = !!(state == AUDIT_RECORD_CONTEXT); | 1143 | context->auditable = !!(state == AUDIT_RECORD_CONTEXT); |
| 1144 | context->ppid = 0; | ||
| 1140 | } | 1145 | } |
| 1141 | 1146 | ||
| 1142 | /** | 1147 | /** |
| @@ -1352,7 +1357,13 @@ void __audit_inode_child(const char *dname, const struct inode *inode, | |||
| 1352 | } | 1357 | } |
| 1353 | 1358 | ||
| 1354 | update_context: | 1359 | update_context: |
| 1355 | idx = context->name_count++; | 1360 | idx = context->name_count; |
| 1361 | if (context->name_count == AUDIT_NAMES) { | ||
| 1362 | printk(KERN_DEBUG "name_count maxed and losing %s\n", | ||
| 1363 | found_name ?: "(null)"); | ||
| 1364 | return; | ||
| 1365 | } | ||
| 1366 | context->name_count++; | ||
| 1356 | #if AUDIT_DEBUG | 1367 | #if AUDIT_DEBUG |
| 1357 | context->ino_count++; | 1368 | context->ino_count++; |
| 1358 | #endif | 1369 | #endif |
| @@ -1370,7 +1381,16 @@ update_context: | |||
| 1370 | /* A parent was not found in audit_names, so copy the inode data for the | 1381 | /* A parent was not found in audit_names, so copy the inode data for the |
| 1371 | * provided parent. */ | 1382 | * provided parent. */ |
| 1372 | if (!found_name) { | 1383 | if (!found_name) { |
| 1373 | idx = context->name_count++; | 1384 | idx = context->name_count; |
| 1385 | if (context->name_count == AUDIT_NAMES) { | ||
| 1386 | printk(KERN_DEBUG | ||
| 1387 | "name_count maxed and losing parent inode data: dev=%02x:%02x, inode=%lu", | ||
| 1388 | MAJOR(parent->i_sb->s_dev), | ||
| 1389 | MINOR(parent->i_sb->s_dev), | ||
| 1390 | parent->i_ino); | ||
| 1391 | return; | ||
| 1392 | } | ||
| 1393 | context->name_count++; | ||
| 1374 | #if AUDIT_DEBUG | 1394 | #if AUDIT_DEBUG |
| 1375 | context->ino_count++; | 1395 | context->ino_count++; |
| 1376 | #endif | 1396 | #endif |