Audit: send signal info if selinux is disabled

Audit will not respond to signal requests if selinux is disabled since it is
unable to translate the 0 sid from the sending process to a context.  This
patch just doesn't send the context info if there isn't any.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

1 files changed, 12 insertions, 6 deletions

diff --git a/kernel/audit.c b/kernel/audit.c
index defc2e6f1e3b..5feed232be9d 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -855,18 +855,24 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                 break;
         }
         case AUDIT_SIGNAL_INFO:
-                err = security_secid_to_secctx(audit_sig_sid, &ctx, &len);
-                if (err)
-                        return err;
+                len = 0;
+                if (audit_sig_sid) {
+                        err = security_secid_to_secctx(audit_sig_sid, &ctx, &len);
+                        if (err)
+                                return err;
+                }
                 sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL);
                 if (!sig_data) {
-                        security_release_secctx(ctx, len);
+                        if (audit_sig_sid)
+                                security_release_secctx(ctx, len);
                         return -ENOMEM;
                 }
                 sig_data->uid = audit_sig_uid;
                 sig_data->pid = audit_sig_pid;
-                memcpy(sig_data->ctx, ctx, len);
-                security_release_secctx(ctx, len);
+                if (audit_sig_sid) {
+                        memcpy(sig_data->ctx, ctx, len);
+                        security_release_secctx(ctx, len);
+                }
                 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
                                 0, 0, sig_data, sizeof(*sig_data) + len);
                 kfree(sig_data);