aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-02-07 19:53:48 -0500
committerEric W. Biederman <ebiederm@xmission.com>2012-09-18 04:00:26 -0400
commitcca080d9b622094831672a136e5ee4f702d116b1 (patch)
tree7a8238c1c0a0d4de682e0ebb97dc06ab3a18fdb5 /kernel
parente1760bd5ffae8cb98cffb030ee8e631eba28f3d8 (diff)
userns: Convert audit to work with user namespaces enabled
- Explicitly format uids gids in audit messges in the initial user namespace. This is safe because auditd is restrected to be in the initial user namespace. - Convert audit_sig_uid into a kuid_t. - Enable building the audit code and user namespaces at the same time. The net result is that the audit subsystem now uses kuid_t and kgid_t whenever possible making it almost impossible to confuse a raw uid_t with a kuid_t preventing bugs. Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Eric Paris <eparis@redhat.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/audit.c4
-rw-r--r--kernel/audit.h2
-rw-r--r--kernel/auditsc.c51
3 files changed, 34 insertions, 23 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 44a4b13c9f00..511488a7bc71 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -105,7 +105,7 @@ static int audit_backlog_wait_time = 60 * HZ;
105static int audit_backlog_wait_overflow = 0; 105static int audit_backlog_wait_overflow = 0;
106 106
107/* The identity of the user shutting down the audit system. */ 107/* The identity of the user shutting down the audit system. */
108uid_t audit_sig_uid = -1; 108kuid_t audit_sig_uid = INVALID_UID;
109pid_t audit_sig_pid = -1; 109pid_t audit_sig_pid = -1;
110u32 audit_sig_sid = 0; 110u32 audit_sig_sid = 0;
111 111
@@ -853,7 +853,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
853 security_release_secctx(ctx, len); 853 security_release_secctx(ctx, len);
854 return -ENOMEM; 854 return -ENOMEM;
855 } 855 }
856 sig_data->uid = audit_sig_uid; 856 sig_data->uid = from_kuid(&init_user_ns, audit_sig_uid);
857 sig_data->pid = audit_sig_pid; 857 sig_data->pid = audit_sig_pid;
858 if (audit_sig_sid) { 858 if (audit_sig_sid) {
859 memcpy(sig_data->ctx, ctx, len); 859 memcpy(sig_data->ctx, ctx, len);
diff --git a/kernel/audit.h b/kernel/audit.h
index 4b428bb41ea3..9eb3d79482b6 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -146,7 +146,7 @@ extern void audit_kill_trees(struct list_head *);
146extern char *audit_unpack_string(void **, size_t *, size_t); 146extern char *audit_unpack_string(void **, size_t *, size_t);
147 147
148extern pid_t audit_sig_pid; 148extern pid_t audit_sig_pid;
149extern uid_t audit_sig_uid; 149extern kuid_t audit_sig_uid;
150extern u32 audit_sig_sid; 150extern u32 audit_sig_sid;
151 151
152#ifdef CONFIG_AUDITSYSCALL 152#ifdef CONFIG_AUDITSYSCALL
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 26fdfc092e35..ff4798fcb488 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -150,7 +150,7 @@ struct audit_aux_data_pids {
150 struct audit_aux_data d; 150 struct audit_aux_data d;
151 pid_t target_pid[AUDIT_AUX_PIDS]; 151 pid_t target_pid[AUDIT_AUX_PIDS];
152 kuid_t target_auid[AUDIT_AUX_PIDS]; 152 kuid_t target_auid[AUDIT_AUX_PIDS];
153 uid_t target_uid[AUDIT_AUX_PIDS]; 153 kuid_t target_uid[AUDIT_AUX_PIDS];
154 unsigned int target_sessionid[AUDIT_AUX_PIDS]; 154 unsigned int target_sessionid[AUDIT_AUX_PIDS];
155 u32 target_sid[AUDIT_AUX_PIDS]; 155 u32 target_sid[AUDIT_AUX_PIDS];
156 char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; 156 char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN];
@@ -208,14 +208,14 @@ struct audit_context {
208 size_t sockaddr_len; 208 size_t sockaddr_len;
209 /* Save things to print about task_struct */ 209 /* Save things to print about task_struct */
210 pid_t pid, ppid; 210 pid_t pid, ppid;
211 uid_t uid, euid, suid, fsuid; 211 kuid_t uid, euid, suid, fsuid;
212 gid_t gid, egid, sgid, fsgid; 212 kgid_t gid, egid, sgid, fsgid;
213 unsigned long personality; 213 unsigned long personality;
214 int arch; 214 int arch;
215 215
216 pid_t target_pid; 216 pid_t target_pid;
217 kuid_t target_auid; 217 kuid_t target_auid;
218 uid_t target_uid; 218 kuid_t target_uid;
219 unsigned int target_sessionid; 219 unsigned int target_sessionid;
220 u32 target_sid; 220 u32 target_sid;
221 char target_comm[TASK_COMM_LEN]; 221 char target_comm[TASK_COMM_LEN];
@@ -231,8 +231,8 @@ struct audit_context {
231 long args[6]; 231 long args[6];
232 } socketcall; 232 } socketcall;
233 struct { 233 struct {
234 uid_t uid; 234 kuid_t uid;
235 gid_t gid; 235 kgid_t gid;
236 umode_t mode; 236 umode_t mode;
237 u32 osid; 237 u32 osid;
238 int has_perm; 238 int has_perm;
@@ -1176,7 +1176,7 @@ static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk
1176} 1176}
1177 1177
1178static int audit_log_pid_context(struct audit_context *context, pid_t pid, 1178static int audit_log_pid_context(struct audit_context *context, pid_t pid,
1179 kuid_t auid, uid_t uid, unsigned int sessionid, 1179 kuid_t auid, kuid_t uid, unsigned int sessionid,
1180 u32 sid, char *comm) 1180 u32 sid, char *comm)
1181{ 1181{
1182 struct audit_buffer *ab; 1182 struct audit_buffer *ab;
@@ -1190,7 +1190,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
1190 1190
1191 audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, 1191 audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid,
1192 from_kuid(&init_user_ns, auid), 1192 from_kuid(&init_user_ns, auid),
1193 uid, sessionid); 1193 from_kuid(&init_user_ns, uid), sessionid);
1194 if (security_secid_to_secctx(sid, &ctx, &len)) { 1194 if (security_secid_to_secctx(sid, &ctx, &len)) {
1195 audit_log_format(ab, " obj=(none)"); 1195 audit_log_format(ab, " obj=(none)");
1196 rc = 1; 1196 rc = 1;
@@ -1440,7 +1440,9 @@ static void show_special(struct audit_context *context, int *call_panic)
1440 u32 osid = context->ipc.osid; 1440 u32 osid = context->ipc.osid;
1441 1441
1442 audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", 1442 audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho",
1443 context->ipc.uid, context->ipc.gid, context->ipc.mode); 1443 from_kuid(&init_user_ns, context->ipc.uid),
1444 from_kgid(&init_user_ns, context->ipc.gid),
1445 context->ipc.mode);
1444 if (osid) { 1446 if (osid) {
1445 char *ctx = NULL; 1447 char *ctx = NULL;
1446 u32 len; 1448 u32 len;
@@ -1553,8 +1555,8 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n,
1553 MAJOR(n->dev), 1555 MAJOR(n->dev),
1554 MINOR(n->dev), 1556 MINOR(n->dev),
1555 n->mode, 1557 n->mode,
1556 n->uid, 1558 from_kuid(&init_user_ns, n->uid),
1557 n->gid, 1559 from_kgid(&init_user_ns, n->gid),
1558 MAJOR(n->rdev), 1560 MAJOR(n->rdev),
1559 MINOR(n->rdev)); 1561 MINOR(n->rdev));
1560 } 1562 }
@@ -1632,10 +1634,15 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
1632 context->ppid, 1634 context->ppid,
1633 context->pid, 1635 context->pid,
1634 from_kuid(&init_user_ns, tsk->loginuid), 1636 from_kuid(&init_user_ns, tsk->loginuid),
1635 context->uid, 1637 from_kuid(&init_user_ns, context->uid),
1636 context->gid, 1638 from_kgid(&init_user_ns, context->gid),
1637 context->euid, context->suid, context->fsuid, 1639 from_kuid(&init_user_ns, context->euid),
1638 context->egid, context->sgid, context->fsgid, tty, 1640 from_kuid(&init_user_ns, context->suid),
1641 from_kuid(&init_user_ns, context->fsuid),
1642 from_kgid(&init_user_ns, context->egid),
1643 from_kgid(&init_user_ns, context->sgid),
1644 from_kgid(&init_user_ns, context->fsgid),
1645 tty,
1639 tsk->sessionid); 1646 tsk->sessionid);
1640 1647
1641 1648
@@ -2315,7 +2322,8 @@ int audit_set_loginuid(kuid_t loginuid)
2315 audit_log_format(ab, "login pid=%d uid=%u " 2322 audit_log_format(ab, "login pid=%d uid=%u "
2316 "old auid=%u new auid=%u" 2323 "old auid=%u new auid=%u"
2317 " old ses=%u new ses=%u", 2324 " old ses=%u new ses=%u",
2318 task->pid, task_uid(task), 2325 task->pid,
2326 from_kuid(&init_user_ns, task_uid(task)),
2319 from_kuid(&init_user_ns, task->loginuid), 2327 from_kuid(&init_user_ns, task->loginuid),
2320 from_kuid(&init_user_ns, loginuid), 2328 from_kuid(&init_user_ns, loginuid),
2321 task->sessionid, sessionid); 2329 task->sessionid, sessionid);
@@ -2540,7 +2548,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
2540 struct audit_aux_data_pids *axp; 2548 struct audit_aux_data_pids *axp;
2541 struct task_struct *tsk = current; 2549 struct task_struct *tsk = current;
2542 struct audit_context *ctx = tsk->audit_context; 2550 struct audit_context *ctx = tsk->audit_context;
2543 uid_t uid = current_uid(), t_uid = task_uid(t); 2551 kuid_t uid = current_uid(), t_uid = task_uid(t);
2544 2552
2545 if (audit_pid && t->tgid == audit_pid) { 2553 if (audit_pid && t->tgid == audit_pid) {
2546 if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) { 2554 if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) {
@@ -2666,8 +2674,8 @@ void __audit_mmap_fd(int fd, int flags)
2666 2674
2667static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr) 2675static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr)
2668{ 2676{
2669 uid_t auid, uid; 2677 kuid_t auid, uid;
2670 gid_t gid; 2678 kgid_t gid;
2671 unsigned int sessionid; 2679 unsigned int sessionid;
2672 2680
2673 auid = audit_get_loginuid(current); 2681 auid = audit_get_loginuid(current);
@@ -2675,7 +2683,10 @@ static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr)
2675 current_uid_gid(&uid, &gid); 2683 current_uid_gid(&uid, &gid);
2676 2684
2677 audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u", 2685 audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u",
2678 auid, uid, gid, sessionid); 2686 from_kuid(&init_user_ns, auid),
2687 from_kuid(&init_user_ns, uid),
2688 from_kgid(&init_user_ns, gid),
2689 sessionid);
2679 audit_log_task_context(ab); 2690 audit_log_task_context(ab);
2680 audit_log_format(ab, " pid=%d comm=", current->pid); 2691 audit_log_format(ab, " pid=%d comm=", current->pid);
2681 audit_log_untrustedstring(ab, current->comm); 2692 audit_log_untrustedstring(ab, current->comm);