aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2012-01-07 13:41:04 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2012-01-17 16:17:03 -0500
commit41fdc3054e23e3229edea27053522fe052d02ec2 (patch)
tree00bb62aef2288df07eae059f344d11d32b004f69 /security
parent5afb8a3f96573f7ea018abb768f5b6ebe1a6c1a4 (diff)
audit: treat s_id as an untrusted string
The use of s_id should go through the untrusted string path, just to be extra careful. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security')
-rw-r--r--security/integrity/ima/ima_audit.c8
-rw-r--r--security/lsm_audit.c23
2 files changed, 18 insertions, 13 deletions
diff --git a/security/integrity/ima/ima_audit.c b/security/integrity/ima/ima_audit.c
index c5c5a72c30be..2ad942fb1e23 100644
--- a/security/integrity/ima/ima_audit.c
+++ b/security/integrity/ima/ima_audit.c
@@ -56,9 +56,11 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
56 audit_log_format(ab, " name="); 56 audit_log_format(ab, " name=");
57 audit_log_untrustedstring(ab, fname); 57 audit_log_untrustedstring(ab, fname);
58 } 58 }
59 if (inode) 59 if (inode) {
60 audit_log_format(ab, " dev=%s ino=%lu", 60 audit_log_format(ab, " dev=");
61 inode->i_sb->s_id, inode->i_ino); 61 audit_log_untrustedstring(ab, inode->i_sb->s_id);
62 audit_log_format(ab, " ino=%lu", inode->i_ino);
63 }
62 audit_log_format(ab, " res=%d", !result ? 0 : 1); 64 audit_log_format(ab, " res=%d", !result ? 0 : 1);
63 audit_log_end(ab); 65 audit_log_end(ab);
64} 66}
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 7bd6f138236b..fc41b7cccb53 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -235,10 +235,11 @@ static void dump_common_audit_data(struct audit_buffer *ab,
235 audit_log_d_path(ab, "path=", &a->u.path); 235 audit_log_d_path(ab, "path=", &a->u.path);
236 236
237 inode = a->u.path.dentry->d_inode; 237 inode = a->u.path.dentry->d_inode;
238 if (inode) 238 if (inode) {
239 audit_log_format(ab, " dev=%s ino=%lu", 239 audit_log_format(ab, " dev=");
240 inode->i_sb->s_id, 240 audit_log_untrustedstring(ab, inode->i_sb->s_id);
241 inode->i_ino); 241 audit_log_format(ab, " ino=%lu", inode->i_ino);
242 }
242 break; 243 break;
243 } 244 }
244 case LSM_AUDIT_DATA_DENTRY: { 245 case LSM_AUDIT_DATA_DENTRY: {
@@ -248,10 +249,11 @@ static void dump_common_audit_data(struct audit_buffer *ab,
248 audit_log_untrustedstring(ab, a->u.dentry->d_name.name); 249 audit_log_untrustedstring(ab, a->u.dentry->d_name.name);
249 250
250 inode = a->u.dentry->d_inode; 251 inode = a->u.dentry->d_inode;
251 if (inode) 252 if (inode) {
252 audit_log_format(ab, " dev=%s ino=%lu", 253 audit_log_format(ab, " dev=");
253 inode->i_sb->s_id, 254 audit_log_untrustedstring(ab, inode->i_sb->s_id);
254 inode->i_ino); 255 audit_log_format(ab, " ino=%lu", inode->i_ino);
256 }
255 break; 257 break;
256 } 258 }
257 case LSM_AUDIT_DATA_INODE: { 259 case LSM_AUDIT_DATA_INODE: {
@@ -266,8 +268,9 @@ static void dump_common_audit_data(struct audit_buffer *ab,
266 dentry->d_name.name); 268 dentry->d_name.name);
267 dput(dentry); 269 dput(dentry);
268 } 270 }
269 audit_log_format(ab, " dev=%s ino=%lu", inode->i_sb->s_id, 271 audit_log_format(ab, " dev=");
270 inode->i_ino); 272 audit_log_untrustedstring(ab, inode->i_sb->s_id);
273 audit_log_format(ab, " ino=%lu", inode->i_ino);
271 break; 274 break;
272 } 275 }
273 case LSM_AUDIT_DATA_TASK: 276 case LSM_AUDIT_DATA_TASK:
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-23 02:43:24 -0500