diff options
| -rw-r--r-- | kernel/audit.c | 18 | ||||
| -rw-r--r-- | kernel/audit_watch.c | 2 | ||||
| -rw-r--r-- | kernel/auditsc.c | 6 | ||||
| -rw-r--r-- | security/lsm_audit.c | 2 |
4 files changed, 17 insertions, 11 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index defc2e6f1e3b..5feed232be9d 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -855,18 +855,24 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 855 | break; | 855 | break; |
| 856 | } | 856 | } |
| 857 | case AUDIT_SIGNAL_INFO: | 857 | case AUDIT_SIGNAL_INFO: |
| 858 | err = security_secid_to_secctx(audit_sig_sid, &ctx, &len); | 858 | len = 0; |
| 859 | if (err) | 859 | if (audit_sig_sid) { |
| 860 | return err; | 860 | err = security_secid_to_secctx(audit_sig_sid, &ctx, &len); |
| 861 | if (err) | ||
| 862 | return err; | ||
| 863 | } | ||
| 861 | sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL); | 864 | sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL); |
| 862 | if (!sig_data) { | 865 | if (!sig_data) { |
| 863 | security_release_secctx(ctx, len); | 866 | if (audit_sig_sid) |
| 867 | security_release_secctx(ctx, len); | ||
| 864 | return -ENOMEM; | 868 | return -ENOMEM; |
| 865 | } | 869 | } |
| 866 | sig_data->uid = audit_sig_uid; | 870 | sig_data->uid = audit_sig_uid; |
| 867 | sig_data->pid = audit_sig_pid; | 871 | sig_data->pid = audit_sig_pid; |
| 868 | memcpy(sig_data->ctx, ctx, len); | 872 | if (audit_sig_sid) { |
| 869 | security_release_secctx(ctx, len); | 873 | memcpy(sig_data->ctx, ctx, len); |
| 874 | security_release_secctx(ctx, len); | ||
| 875 | } | ||
| 870 | audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO, | 876 | audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO, |
| 871 | 0, 0, sig_data, sizeof(*sig_data) + len); | 877 | 0, 0, sig_data, sizeof(*sig_data) + len); |
| 872 | kfree(sig_data); | 878 | kfree(sig_data); |
diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c index 0e96dbc60ea9..cc7e87936cbc 100644 --- a/kernel/audit_watch.c +++ b/kernel/audit_watch.c | |||
| @@ -45,8 +45,8 @@ | |||
| 45 | 45 | ||
| 46 | struct audit_watch { | 46 | struct audit_watch { |
| 47 | atomic_t count; /* reference count */ | 47 | atomic_t count; /* reference count */ |
| 48 | char *path; /* insertion path */ | ||
| 49 | dev_t dev; /* associated superblock device */ | 48 | dev_t dev; /* associated superblock device */ |
| 49 | char *path; /* insertion path */ | ||
| 50 | unsigned long ino; /* associated inode number */ | 50 | unsigned long ino; /* associated inode number */ |
| 51 | struct audit_parent *parent; /* associated parent */ | 51 | struct audit_parent *parent; /* associated parent */ |
| 52 | struct list_head wlist; /* entry in parent->watches list */ | 52 | struct list_head wlist; /* entry in parent->watches list */ |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 68d3c6a0ecd6..267e484f0198 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -168,12 +168,12 @@ struct audit_context { | |||
| 168 | int in_syscall; /* 1 if task is in a syscall */ | 168 | int in_syscall; /* 1 if task is in a syscall */ |
| 169 | enum audit_state state, current_state; | 169 | enum audit_state state, current_state; |
| 170 | unsigned int serial; /* serial number for record */ | 170 | unsigned int serial; /* serial number for record */ |
| 171 | struct timespec ctime; /* time of syscall entry */ | ||
| 172 | int major; /* syscall number */ | 171 | int major; /* syscall number */ |
| 172 | struct timespec ctime; /* time of syscall entry */ | ||
| 173 | unsigned long argv[4]; /* syscall arguments */ | 173 | unsigned long argv[4]; /* syscall arguments */ |
| 174 | int return_valid; /* return code is valid */ | ||
| 175 | long return_code;/* syscall return code */ | 174 | long return_code;/* syscall return code */ |
| 176 | u64 prio; | 175 | u64 prio; |
| 176 | int return_valid; /* return code is valid */ | ||
| 177 | int name_count; | 177 | int name_count; |
| 178 | struct audit_names names[AUDIT_NAMES]; | 178 | struct audit_names names[AUDIT_NAMES]; |
| 179 | char * filterkey; /* key for rule that triggered record */ | 179 | char * filterkey; /* key for rule that triggered record */ |
| @@ -198,8 +198,8 @@ struct audit_context { | |||
| 198 | char target_comm[TASK_COMM_LEN]; | 198 | char target_comm[TASK_COMM_LEN]; |
| 199 | 199 | ||
| 200 | struct audit_tree_refs *trees, *first_trees; | 200 | struct audit_tree_refs *trees, *first_trees; |
| 201 | int tree_count; | ||
| 202 | struct list_head killed_trees; | 201 | struct list_head killed_trees; |
| 202 | int tree_count; | ||
| 203 | 203 | ||
| 204 | int type; | 204 | int type; |
| 205 | union { | 205 | union { |
diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 500aad0ebd6a..3bb90b6f1dd3 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c | |||
| @@ -187,7 +187,7 @@ static inline void print_ipv6_addr(struct audit_buffer *ab, | |||
| 187 | char *name1, char *name2) | 187 | char *name1, char *name2) |
| 188 | { | 188 | { |
| 189 | if (!ipv6_addr_any(addr)) | 189 | if (!ipv6_addr_any(addr)) |
| 190 | audit_log_format(ab, " %s=%pI6", name1, addr); | 190 | audit_log_format(ab, " %s=%pI6c", name1, addr); |
| 191 | if (port) | 191 | if (port) |
| 192 | audit_log_format(ab, " %s=%d", name2, ntohs(port)); | 192 | audit_log_format(ab, " %s=%d", name2, ntohs(port)); |
| 193 | } | 193 | } |