aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2014-04-12 15:38:53 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2014-04-12 15:38:53 -0400
commit0b747172dce6e0905ab173afbaffebb7a11d89bd (patch)
treecef4092aa49bd44d4759b58762bfa221dac45f57 /security
parentb7e70ca9c7d7f049bba8047d7ab49966fd5e9e9d (diff)
parent312103d64d0fcadb332899a2c84b357ddb18f4e3 (diff)
Merge git://git.infradead.org/users/eparis/audit
Pull audit updates from Eric Paris. * git://git.infradead.org/users/eparis/audit: (28 commits) AUDIT: make audit_is_compat depend on CONFIG_AUDIT_COMPAT_GENERIC audit: renumber AUDIT_FEATURE_CHANGE into the 1300 range audit: do not cast audit_rule_data pointers pointlesly AUDIT: Allow login in non-init namespaces audit: define audit_is_compat in kernel internal header kernel: Use RCU_INIT_POINTER(x, NULL) in audit.c sched: declare pid_alive as inline audit: use uapi/linux/audit.h for AUDIT_ARCH declarations syscall_get_arch: remove useless function arguments audit: remove stray newline from audit_log_execve_info() audit_panic() call audit: remove stray newlines from audit_log_lost messages audit: include subject in login records audit: remove superfluous new- prefix in AUDIT_LOGIN messages audit: allow user processes to log from another PID namespace audit: anchor all pid references in the initial pid namespace audit: convert PPIDs to the inital PID namespace. pid: get pid_t ppid of task in init_pid_ns audit: rename the misleading audit_get_context() to audit_take_context() audit: Add generic compat syscall support audit: Add CONFIG_HAVE_ARCH_AUDITSYSCALL ...
Diffstat (limited to 'security')
-rw-r--r--security/integrity/integrity_audit.c2
-rw-r--r--security/lsm_audit.c11
2 files changed, 8 insertions, 5 deletions
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index aab9fa5a8231..90987d15b6fe 100644
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -40,7 +40,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
40 40
41 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); 41 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
42 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u", 42 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
43 current->pid, 43 task_pid_nr(current),
44 from_kuid(&init_user_ns, current_cred()->uid), 44 from_kuid(&init_user_ns, current_cred()->uid),
45 from_kuid(&init_user_ns, audit_get_loginuid(current)), 45 from_kuid(&init_user_ns, audit_get_loginuid(current)),
46 audit_get_sessionid(current)); 46 audit_get_sessionid(current));
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 9a62045e6282..69fdf3bc765b 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -220,7 +220,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
220 */ 220 */
221 BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2); 221 BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2);
222 222
223 audit_log_format(ab, " pid=%d comm=", tsk->pid); 223 audit_log_format(ab, " pid=%d comm=", task_pid_nr(tsk));
224 audit_log_untrustedstring(ab, tsk->comm); 224 audit_log_untrustedstring(ab, tsk->comm);
225 225
226 switch (a->type) { 226 switch (a->type) {
@@ -278,9 +278,12 @@ static void dump_common_audit_data(struct audit_buffer *ab,
278 } 278 }
279 case LSM_AUDIT_DATA_TASK: 279 case LSM_AUDIT_DATA_TASK:
280 tsk = a->u.tsk; 280 tsk = a->u.tsk;
281 if (tsk && tsk->pid) { 281 if (tsk) {
282 audit_log_format(ab, " pid=%d comm=", tsk->pid); 282 pid_t pid = task_pid_nr(tsk);
283 audit_log_untrustedstring(ab, tsk->comm); 283 if (pid) {
284 audit_log_format(ab, " pid=%d comm=", pid);
285 audit_log_untrustedstring(ab, tsk->comm);
286 }
284 } 287 }
285 break; 288 break;
286 case LSM_AUDIT_DATA_NET: 289 case LSM_AUDIT_DATA_NET: