Audit: collect sessionid in netlink messages

Previously I added sessionid output to all audit messages where it was
available but we still didn't know the sessionid of the sender of
netlink messages.  This patch adds that information to netlink messages
so we can audit who sent netlink messages.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

1 files changed, 8 insertions, 4 deletions

diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index e0c0390613c0..cae9fd815543 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -762,6 +762,7 @@ xfrm_policy_flush_secctx_check(u8 type, struct xfrm_audit *audit_info)
                         if (err) {
                                 xfrm_audit_policy_delete(pol, 0,
                                                          audit_info->loginuid,
+                                                         audit_info->sessionid,
                                                          audit_info->secid);
                                 return err;
                         }
@@ -777,6 +778,7 @@ xfrm_policy_flush_secctx_check(u8 type, struct xfrm_audit *audit_info)
                                 if (err) {
                                         xfrm_audit_policy_delete(pol, 0,
                                                         audit_info->loginuid,
+                                                        audit_info->sessionid,
                                                         audit_info->secid);
                                         return err;
                                 }
@@ -819,6 +821,7 @@ int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info)
                         write_unlock_bh(&xfrm_policy_lock);
 
                         xfrm_audit_policy_delete(pol, 1, audit_info->loginuid,
+                                                 audit_info->sessionid,
                                                  audit_info->secid);
 
                         xfrm_policy_kill(pol);
@@ -841,6 +844,7 @@ int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info)
 
                                 xfrm_audit_policy_delete(pol, 1,
                                                          audit_info->loginuid,
+                                                         audit_info->sessionid,
                                                          audit_info->secid);
                                 xfrm_policy_kill(pol);
                                 killed++;
@@ -2472,14 +2476,14 @@ static void xfrm_audit_common_policyinfo(struct xfrm_policy *xp,
 }
 
 void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
-                           u32 auid, u32 secid)
+                           uid_t auid, u32 sessionid, u32 secid)
 {
         struct audit_buffer *audit_buf;
 
         audit_buf = xfrm_audit_start("SPD-add");
         if (audit_buf == NULL)
                 return;
-        xfrm_audit_helper_usrinfo(auid, secid, audit_buf);
+        xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
         audit_log_format(audit_buf, " res=%u", result);
         xfrm_audit_common_policyinfo(xp, audit_buf);
         audit_log_end(audit_buf);
@@ -2487,14 +2491,14 @@ void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
 EXPORT_SYMBOL_GPL(xfrm_audit_policy_add);
 
 void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
-                              u32 auid, u32 secid)
+                              uid_t auid, u32 sessionid, u32 secid)
 {
         struct audit_buffer *audit_buf;
 
         audit_buf = xfrm_audit_start("SPD-delete");
         if (audit_buf == NULL)
                 return;
-        xfrm_audit_helper_usrinfo(auid, secid, audit_buf);
+        xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
         audit_log_format(audit_buf, " res=%u", result);
         xfrm_audit_common_policyinfo(xp, audit_buf);
         audit_log_end(audit_buf);