Merge branch 'devel-stable' into for-next

4 files changed, 60 insertions, 26 deletions

diff --git a/kernel/audit.c b/kernel/audit.c
index f8f203e8018c..72ab759a0b43 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -429,7 +429,7 @@ static void kauditd_send_skb(struct sk_buff *skb)
  * This function doesn't consume an skb as might be expected since it has to
  * copy it anyways.
  */
-static void kauditd_send_multicast_skb(struct sk_buff *skb)
+static void kauditd_send_multicast_skb(struct sk_buff *skb, gfp_t gfp_mask)
 {
         struct sk_buff          *copy;
         struct audit_net        *aunet = net_generic(&init_net, audit_net_id);
@@ -448,11 +448,11 @@ static void kauditd_send_multicast_skb(struct sk_buff *skb)
          * no reason for new multicast clients to continue with this
          * non-compliance.
          */
-        copy = skb_copy(skb, GFP_KERNEL);
+        copy = skb_copy(skb, gfp_mask);
         if (!copy)
                 return;
 
-        nlmsg_multicast(sock, copy, 0, AUDIT_NLGRP_READLOG, GFP_KERNEL);
+        nlmsg_multicast(sock, copy, 0, AUDIT_NLGRP_READLOG, gfp_mask);
 }
 
 /*
@@ -1100,7 +1100,7 @@ static void audit_receive(struct sk_buff  *skb)
 }
 
 /* Run custom bind function on netlink socket group connect or bind requests. */
-static int audit_bind(int group)
+static int audit_bind(struct net *net, int group)
 {
         if (!capable(CAP_AUDIT_READ))
                 return -EPERM;
@@ -1940,7 +1940,7 @@ void audit_log_end(struct audit_buffer *ab)
                 struct nlmsghdr *nlh = nlmsg_hdr(ab->skb);
 
                 nlh->nlmsg_len = ab->skb->len;
-                kauditd_send_multicast_skb(ab->skb);
+                kauditd_send_multicast_skb(ab->skb, ab->gfp_mask);
 
                 /*
                  * The original kaudit unicast socket sends up messages with
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 3598e13f2a65..4f68a326d92e 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -442,19 +442,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
                 if ((f->type == AUDIT_LOGINUID) && (f->val == AUDIT_UID_UNSET)) {
                         f->type = AUDIT_LOGINUID_SET;
                         f->val = 0;
-                }
-
-                if ((f->type == AUDIT_PID) || (f->type == AUDIT_PPID)) {
-                        struct pid *pid;
-                        rcu_read_lock();
-                        pid = find_vpid(f->val);
-                        if (!pid) {
-                                rcu_read_unlock();
-                                err = -ESRCH;
-                                goto exit_free;
-                        }
-                        f->val = pid_nr(pid);
-                        rcu_read_unlock();
+                        entry->rule.pflags |= AUDIT_LOGINUID_LEGACY;
                 }
 
                 err = audit_field_valid(entry, f);
@@ -630,6 +618,13 @@ static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule)
                         data->buflen += data->values[i] =
                                 audit_pack_string(&bufp, krule->filterkey);
                         break;
+                case AUDIT_LOGINUID_SET:
+                        if (krule->pflags & AUDIT_LOGINUID_LEGACY && !f->val) {
+                                data->fields[i] = AUDIT_LOGINUID;
+                                data->values[i] = AUDIT_UID_UNSET;
+                                break;
+                        }
+                        /* fallthrough if set */
                 default:
                         data->values[i] = f->val;
                 }
@@ -646,6 +641,7 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
         int i;
 
         if (a->flags != b->flags ||
+            a->pflags != b->pflags ||
             a->listnr != b->listnr ||
             a->action != b->action ||
             a->field_count != b->field_count)
@@ -764,6 +760,7 @@ struct audit_entry *audit_dupe_rule(struct audit_krule *old)
         new = &entry->rule;
         new->vers_ops = old->vers_ops;
         new->flags = old->flags;
+        new->pflags = old->pflags;
         new->listnr = old->listnr;
         new->action = old->action;
         for (i = 0; i < AUDIT_BITMASK_SIZE; i++)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index c75522a83678..072566dd0caf 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -72,6 +72,8 @@
 #include <linux/fs_struct.h>
 #include <linux/compat.h>
 #include <linux/ctype.h>
+#include <linux/string.h>
+#include <uapi/linux/limits.h>
 
 #include "audit.h"
 
@@ -1861,8 +1863,7 @@ void __audit_inode(struct filename *name, const struct dentry *dentry,
         }
 
         list_for_each_entry_reverse(n, &context->names_list, list) {
-                /* does the name pointer match? */
-                if (!n->name || n->name->name != name->name)
+                if (!n->name || strcmp(n->name->name, name->name))
                         continue;
 
                 /* match the correct record type */
@@ -1877,12 +1878,48 @@ void __audit_inode(struct filename *name, const struct dentry *dentry,
         }
 
 out_alloc:
-        /* unable to find the name from a previous getname(). Allocate a new
-         * anonymous entry.
-         */
-        n = audit_alloc_name(context, AUDIT_TYPE_NORMAL);
+        /* unable to find an entry with both a matching name and type */
+        n = audit_alloc_name(context, AUDIT_TYPE_UNKNOWN);
         if (!n)
                 return;
+        /* unfortunately, while we may have a path name to record with the
+         * inode, we can't always rely on the string lasting until the end of
+         * the syscall so we need to create our own copy, it may fail due to
+         * memory allocation issues, but we do our best */
+        if (name) {
+                /* we can't use getname_kernel() due to size limits */
+                size_t len = strlen(name->name) + 1;
+                struct filename *new = __getname();
+
+                if (unlikely(!new))
+                        goto out;
+
+                if (len <= (PATH_MAX - sizeof(*new))) {
+                        new->name = (char *)(new) + sizeof(*new);
+                        new->separate = false;
+                } else if (len <= PATH_MAX) {
+                        /* this looks odd, but is due to final_putname() */
+                        struct filename *new2;
+
+                        new2 = kmalloc(sizeof(*new2), GFP_KERNEL);
+                        if (unlikely(!new2)) {
+                                __putname(new);
+                                goto out;
+                        }
+                        new2->name = (char *)new;
+                        new2->separate = true;
+                        new = new2;
+                } else {
+                        /* we should never get here, but let's be safe */
+                        __putname(new);
+                        goto out;
+                }
+                strlcpy((char *)new->name, name->name, len);
+                new->uptr = NULL;
+                new->aname = n;
+                n->name = new;
+                n->name_put = true;
+        }
 out:
         if (parent) {
                 n->name_len = n->name ? parent_len(n->name->name) : AUDIT_NAME_FULL;
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 06f58309fed2..bad4e959f2f7 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -717,7 +717,7 @@ static void prepare_optimized_kprobe(struct kprobe *p)
         struct optimized_kprobe *op;
 
         op = container_of(p, struct optimized_kprobe, kp);
-        arch_prepare_optimized_kprobe(op);
+        arch_prepare_optimized_kprobe(op, p);
 }
 
 /* Allocate new optimized_kprobe and try to prepare optimized instructions */
@@ -731,7 +731,7 @@ static struct kprobe *alloc_aggr_kprobe(struct kprobe *p)
 
         INIT_LIST_HEAD(&op->list);
         op->kp.addr = p->addr;
-        arch_prepare_optimized_kprobe(op);
+        arch_prepare_optimized_kprobe(op, p);
 
         return &op->kp;
 }