diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2013-04-09 05:22:10 -0400 |
|---|---|---|
| committer | Eric Paris <eparis@redhat.com> | 2013-05-07 22:27:15 -0400 |
| commit | 780a7654cee8d61819512385e778e4827db4bfbc (patch) | |
| tree | a97ea8256b7507c976714f9e9c48d8dd581d07a6 /kernel | |
| parent | b24a30a7305418ff138ff51776fc555ec57c011a (diff) | |
audit: Make testing for a valid loginuid explicit.
audit rule additions containing "-F auid!=4294967295" were failing
with EINVAL because of a regression caused by e1760bd.
Apparently some userland audit rule sets want to know if loginuid uid
has been set and are using a test for auid != 4294967295 to determine
that.
In practice that is a horrible way to ask if a value has been set,
because it relies on subtle implementation details and will break
every time the uid implementation in the kernel changes.
So add a clean way to test if the audit loginuid has been set, and
silently convert the old idiom to the cleaner and more comprehensible
new idiom.
Cc: <stable@vger.kernel.org> # 3.7
Reported-By: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Tested-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/auditfilter.c | 17 | ||||
| -rw-r--r-- | kernel/auditsc.c | 5 |
2 files changed, 19 insertions, 3 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 478f4602c96b..bc6595fe952e 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -365,7 +365,10 @@ static int audit_field_valid(struct audit_entry *entry, struct audit_field *f) | |||
| 365 | case AUDIT_DIR: | 365 | case AUDIT_DIR: |
| 366 | case AUDIT_FILTERKEY: | 366 | case AUDIT_FILTERKEY: |
| 367 | break; | 367 | break; |
| 368 | /* arch is only allowed to be = or != */ | 368 | case AUDIT_LOGINUID_SET: |
| 369 | if ((f->val != 0) && (f->val != 1)) | ||
| 370 | return -EINVAL; | ||
| 371 | /* FALL THROUGH */ | ||
| 369 | case AUDIT_ARCH: | 372 | case AUDIT_ARCH: |
| 370 | if (f->op != Audit_not_equal && f->op != Audit_equal) | 373 | if (f->op != Audit_not_equal && f->op != Audit_equal) |
| 371 | return -EINVAL; | 374 | return -EINVAL; |
| @@ -419,17 +422,23 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, | |||
| 419 | f->lsm_str = NULL; | 422 | f->lsm_str = NULL; |
| 420 | f->lsm_rule = NULL; | 423 | f->lsm_rule = NULL; |
| 421 | 424 | ||
| 425 | /* Support legacy tests for a valid loginuid */ | ||
| 426 | if ((f->type == AUDIT_LOGINUID) && (f->val == 4294967295)) { | ||
| 427 | f->type = AUDIT_LOGINUID_SET; | ||
| 428 | f->val = 0; | ||
| 429 | } | ||
| 430 | |||
| 422 | err = audit_field_valid(entry, f); | 431 | err = audit_field_valid(entry, f); |
| 423 | if (err) | 432 | if (err) |
| 424 | goto exit_free; | 433 | goto exit_free; |
| 425 | 434 | ||
| 426 | err = -EINVAL; | 435 | err = -EINVAL; |
| 427 | switch (f->type) { | 436 | switch (f->type) { |
| 437 | case AUDIT_LOGINUID: | ||
| 428 | case AUDIT_UID: | 438 | case AUDIT_UID: |
| 429 | case AUDIT_EUID: | 439 | case AUDIT_EUID: |
| 430 | case AUDIT_SUID: | 440 | case AUDIT_SUID: |
| 431 | case AUDIT_FSUID: | 441 | case AUDIT_FSUID: |
| 432 | case AUDIT_LOGINUID: | ||
| 433 | case AUDIT_OBJ_UID: | 442 | case AUDIT_OBJ_UID: |
| 434 | f->uid = make_kuid(current_user_ns(), f->val); | 443 | f->uid = make_kuid(current_user_ns(), f->val); |
| 435 | if (!uid_valid(f->uid)) | 444 | if (!uid_valid(f->uid)) |
| @@ -1222,6 +1231,10 @@ static int audit_filter_user_rules(struct audit_krule *rule, int type, | |||
| 1222 | result = audit_uid_comparator(audit_get_loginuid(current), | 1231 | result = audit_uid_comparator(audit_get_loginuid(current), |
| 1223 | f->op, f->uid); | 1232 | f->op, f->uid); |
| 1224 | break; | 1233 | break; |
| 1234 | case AUDIT_LOGINUID_SET: | ||
| 1235 | result = audit_comparator(audit_loginuid_set(current), | ||
| 1236 | f->op, f->val); | ||
| 1237 | break; | ||
| 1225 | case AUDIT_MSGTYPE: | 1238 | case AUDIT_MSGTYPE: |
| 1226 | result = audit_comparator(type, f->op, f->val); | 1239 | result = audit_comparator(type, f->op, f->val); |
| 1227 | break; | 1240 | break; |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index add3086bdb02..3c8a601324a2 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -613,6 +613,9 @@ static int audit_filter_rules(struct task_struct *tsk, | |||
| 613 | if (ctx) | 613 | if (ctx) |
| 614 | result = audit_uid_comparator(tsk->loginuid, f->op, f->uid); | 614 | result = audit_uid_comparator(tsk->loginuid, f->op, f->uid); |
| 615 | break; | 615 | break; |
| 616 | case AUDIT_LOGINUID_SET: | ||
| 617 | result = audit_comparator(audit_loginuid_set(tsk), f->op, f->val); | ||
| 618 | break; | ||
| 616 | case AUDIT_SUBJ_USER: | 619 | case AUDIT_SUBJ_USER: |
| 617 | case AUDIT_SUBJ_ROLE: | 620 | case AUDIT_SUBJ_ROLE: |
| 618 | case AUDIT_SUBJ_TYPE: | 621 | case AUDIT_SUBJ_TYPE: |
| @@ -1970,7 +1973,7 @@ int audit_set_loginuid(kuid_t loginuid) | |||
| 1970 | unsigned int sessionid; | 1973 | unsigned int sessionid; |
| 1971 | 1974 | ||
| 1972 | #ifdef CONFIG_AUDIT_LOGINUID_IMMUTABLE | 1975 | #ifdef CONFIG_AUDIT_LOGINUID_IMMUTABLE |
| 1973 | if (uid_valid(task->loginuid)) | 1976 | if (audit_loginuid_set(task)) |
| 1974 | return -EPERM; | 1977 | return -EPERM; |
| 1975 | #else /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */ | 1978 | #else /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */ |
| 1976 | if (!capable(CAP_AUDIT_CONTROL)) | 1979 | if (!capable(CAP_AUDIT_CONTROL)) |