diff options
-rw-r--r-- | drivers/tty/tty_audit.c | 5 | ||||
-rw-r--r-- | init/Kconfig | 2 | ||||
-rw-r--r-- | kernel/audit.c | 4 | ||||
-rw-r--r-- | kernel/audit.h | 2 | ||||
-rw-r--r-- | kernel/auditsc.c | 51 |
5 files changed, 37 insertions, 27 deletions
diff --git a/drivers/tty/tty_audit.c b/drivers/tty/tty_audit.c index 5b59bd7f4227..b0b39b823ccf 100644 --- a/drivers/tty/tty_audit.c +++ b/drivers/tty/tty_audit.c | |||
@@ -69,11 +69,12 @@ static void tty_audit_log(const char *description, struct task_struct *tsk, | |||
69 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY); | 69 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY); |
70 | if (ab) { | 70 | if (ab) { |
71 | char name[sizeof(tsk->comm)]; | 71 | char name[sizeof(tsk->comm)]; |
72 | uid_t uid = task_uid(tsk); | 72 | kuid_t uid = task_uid(tsk); |
73 | 73 | ||
74 | audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u " | 74 | audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u " |
75 | "major=%d minor=%d comm=", description, | 75 | "major=%d minor=%d comm=", description, |
76 | tsk->pid, uid, | 76 | tsk->pid, |
77 | from_kuid(&init_user_ns, uid), | ||
77 | from_kuid(&init_user_ns, loginuid), | 78 | from_kuid(&init_user_ns, loginuid), |
78 | sessionid, | 79 | sessionid, |
79 | major, minor); | 80 | major, minor); |
diff --git a/init/Kconfig b/init/Kconfig index fd8696b1a81e..b5ecb4e75518 100644 --- a/init/Kconfig +++ b/init/Kconfig | |||
@@ -927,8 +927,6 @@ config UIDGID_CONVERTED | |||
927 | # Features | 927 | # Features |
928 | depends on IMA = n | 928 | depends on IMA = n |
929 | depends on EVM = n | 929 | depends on EVM = n |
930 | depends on AUDIT = n | ||
931 | depends on AUDITSYSCALL = n | ||
932 | depends on TASKSTATS = n | 930 | depends on TASKSTATS = n |
933 | depends on TRACING = n | 931 | depends on TRACING = n |
934 | depends on FS_POSIX_ACL = n | 932 | depends on FS_POSIX_ACL = n |
diff --git a/kernel/audit.c b/kernel/audit.c index 44a4b13c9f00..511488a7bc71 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
@@ -105,7 +105,7 @@ static int audit_backlog_wait_time = 60 * HZ; | |||
105 | static int audit_backlog_wait_overflow = 0; | 105 | static int audit_backlog_wait_overflow = 0; |
106 | 106 | ||
107 | /* The identity of the user shutting down the audit system. */ | 107 | /* The identity of the user shutting down the audit system. */ |
108 | uid_t audit_sig_uid = -1; | 108 | kuid_t audit_sig_uid = INVALID_UID; |
109 | pid_t audit_sig_pid = -1; | 109 | pid_t audit_sig_pid = -1; |
110 | u32 audit_sig_sid = 0; | 110 | u32 audit_sig_sid = 0; |
111 | 111 | ||
@@ -853,7 +853,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
853 | security_release_secctx(ctx, len); | 853 | security_release_secctx(ctx, len); |
854 | return -ENOMEM; | 854 | return -ENOMEM; |
855 | } | 855 | } |
856 | sig_data->uid = audit_sig_uid; | 856 | sig_data->uid = from_kuid(&init_user_ns, audit_sig_uid); |
857 | sig_data->pid = audit_sig_pid; | 857 | sig_data->pid = audit_sig_pid; |
858 | if (audit_sig_sid) { | 858 | if (audit_sig_sid) { |
859 | memcpy(sig_data->ctx, ctx, len); | 859 | memcpy(sig_data->ctx, ctx, len); |
diff --git a/kernel/audit.h b/kernel/audit.h index 4b428bb41ea3..9eb3d79482b6 100644 --- a/kernel/audit.h +++ b/kernel/audit.h | |||
@@ -146,7 +146,7 @@ extern void audit_kill_trees(struct list_head *); | |||
146 | extern char *audit_unpack_string(void **, size_t *, size_t); | 146 | extern char *audit_unpack_string(void **, size_t *, size_t); |
147 | 147 | ||
148 | extern pid_t audit_sig_pid; | 148 | extern pid_t audit_sig_pid; |
149 | extern uid_t audit_sig_uid; | 149 | extern kuid_t audit_sig_uid; |
150 | extern u32 audit_sig_sid; | 150 | extern u32 audit_sig_sid; |
151 | 151 | ||
152 | #ifdef CONFIG_AUDITSYSCALL | 152 | #ifdef CONFIG_AUDITSYSCALL |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 26fdfc092e35..ff4798fcb488 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -150,7 +150,7 @@ struct audit_aux_data_pids { | |||
150 | struct audit_aux_data d; | 150 | struct audit_aux_data d; |
151 | pid_t target_pid[AUDIT_AUX_PIDS]; | 151 | pid_t target_pid[AUDIT_AUX_PIDS]; |
152 | kuid_t target_auid[AUDIT_AUX_PIDS]; | 152 | kuid_t target_auid[AUDIT_AUX_PIDS]; |
153 | uid_t target_uid[AUDIT_AUX_PIDS]; | 153 | kuid_t target_uid[AUDIT_AUX_PIDS]; |
154 | unsigned int target_sessionid[AUDIT_AUX_PIDS]; | 154 | unsigned int target_sessionid[AUDIT_AUX_PIDS]; |
155 | u32 target_sid[AUDIT_AUX_PIDS]; | 155 | u32 target_sid[AUDIT_AUX_PIDS]; |
156 | char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; | 156 | char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; |
@@ -208,14 +208,14 @@ struct audit_context { | |||
208 | size_t sockaddr_len; | 208 | size_t sockaddr_len; |
209 | /* Save things to print about task_struct */ | 209 | /* Save things to print about task_struct */ |
210 | pid_t pid, ppid; | 210 | pid_t pid, ppid; |
211 | uid_t uid, euid, suid, fsuid; | 211 | kuid_t uid, euid, suid, fsuid; |
212 | gid_t gid, egid, sgid, fsgid; | 212 | kgid_t gid, egid, sgid, fsgid; |
213 | unsigned long personality; | 213 | unsigned long personality; |
214 | int arch; | 214 | int arch; |
215 | 215 | ||
216 | pid_t target_pid; | 216 | pid_t target_pid; |
217 | kuid_t target_auid; | 217 | kuid_t target_auid; |
218 | uid_t target_uid; | 218 | kuid_t target_uid; |
219 | unsigned int target_sessionid; | 219 | unsigned int target_sessionid; |
220 | u32 target_sid; | 220 | u32 target_sid; |
221 | char target_comm[TASK_COMM_LEN]; | 221 | char target_comm[TASK_COMM_LEN]; |
@@ -231,8 +231,8 @@ struct audit_context { | |||
231 | long args[6]; | 231 | long args[6]; |
232 | } socketcall; | 232 | } socketcall; |
233 | struct { | 233 | struct { |
234 | uid_t uid; | 234 | kuid_t uid; |
235 | gid_t gid; | 235 | kgid_t gid; |
236 | umode_t mode; | 236 | umode_t mode; |
237 | u32 osid; | 237 | u32 osid; |
238 | int has_perm; | 238 | int has_perm; |
@@ -1176,7 +1176,7 @@ static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk | |||
1176 | } | 1176 | } |
1177 | 1177 | ||
1178 | static int audit_log_pid_context(struct audit_context *context, pid_t pid, | 1178 | static int audit_log_pid_context(struct audit_context *context, pid_t pid, |
1179 | kuid_t auid, uid_t uid, unsigned int sessionid, | 1179 | kuid_t auid, kuid_t uid, unsigned int sessionid, |
1180 | u32 sid, char *comm) | 1180 | u32 sid, char *comm) |
1181 | { | 1181 | { |
1182 | struct audit_buffer *ab; | 1182 | struct audit_buffer *ab; |
@@ -1190,7 +1190,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, | |||
1190 | 1190 | ||
1191 | audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, | 1191 | audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, |
1192 | from_kuid(&init_user_ns, auid), | 1192 | from_kuid(&init_user_ns, auid), |
1193 | uid, sessionid); | 1193 | from_kuid(&init_user_ns, uid), sessionid); |
1194 | if (security_secid_to_secctx(sid, &ctx, &len)) { | 1194 | if (security_secid_to_secctx(sid, &ctx, &len)) { |
1195 | audit_log_format(ab, " obj=(none)"); | 1195 | audit_log_format(ab, " obj=(none)"); |
1196 | rc = 1; | 1196 | rc = 1; |
@@ -1440,7 +1440,9 @@ static void show_special(struct audit_context *context, int *call_panic) | |||
1440 | u32 osid = context->ipc.osid; | 1440 | u32 osid = context->ipc.osid; |
1441 | 1441 | ||
1442 | audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", | 1442 | audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", |
1443 | context->ipc.uid, context->ipc.gid, context->ipc.mode); | 1443 | from_kuid(&init_user_ns, context->ipc.uid), |
1444 | from_kgid(&init_user_ns, context->ipc.gid), | ||
1445 | context->ipc.mode); | ||
1444 | if (osid) { | 1446 | if (osid) { |
1445 | char *ctx = NULL; | 1447 | char *ctx = NULL; |
1446 | u32 len; | 1448 | u32 len; |
@@ -1553,8 +1555,8 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, | |||
1553 | MAJOR(n->dev), | 1555 | MAJOR(n->dev), |
1554 | MINOR(n->dev), | 1556 | MINOR(n->dev), |
1555 | n->mode, | 1557 | n->mode, |
1556 | n->uid, | 1558 | from_kuid(&init_user_ns, n->uid), |
1557 | n->gid, | 1559 | from_kgid(&init_user_ns, n->gid), |
1558 | MAJOR(n->rdev), | 1560 | MAJOR(n->rdev), |
1559 | MINOR(n->rdev)); | 1561 | MINOR(n->rdev)); |
1560 | } | 1562 | } |
@@ -1632,10 +1634,15 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
1632 | context->ppid, | 1634 | context->ppid, |
1633 | context->pid, | 1635 | context->pid, |
1634 | from_kuid(&init_user_ns, tsk->loginuid), | 1636 | from_kuid(&init_user_ns, tsk->loginuid), |
1635 | context->uid, | 1637 | from_kuid(&init_user_ns, context->uid), |
1636 | context->gid, | 1638 | from_kgid(&init_user_ns, context->gid), |
1637 | context->euid, context->suid, context->fsuid, | 1639 | from_kuid(&init_user_ns, context->euid), |
1638 | context->egid, context->sgid, context->fsgid, tty, | 1640 | from_kuid(&init_user_ns, context->suid), |
1641 | from_kuid(&init_user_ns, context->fsuid), | ||
1642 | from_kgid(&init_user_ns, context->egid), | ||
1643 | from_kgid(&init_user_ns, context->sgid), | ||
1644 | from_kgid(&init_user_ns, context->fsgid), | ||
1645 | tty, | ||
1639 | tsk->sessionid); | 1646 | tsk->sessionid); |
1640 | 1647 | ||
1641 | 1648 | ||
@@ -2315,7 +2322,8 @@ int audit_set_loginuid(kuid_t loginuid) | |||
2315 | audit_log_format(ab, "login pid=%d uid=%u " | 2322 | audit_log_format(ab, "login pid=%d uid=%u " |
2316 | "old auid=%u new auid=%u" | 2323 | "old auid=%u new auid=%u" |
2317 | " old ses=%u new ses=%u", | 2324 | " old ses=%u new ses=%u", |
2318 | task->pid, task_uid(task), | 2325 | task->pid, |
2326 | from_kuid(&init_user_ns, task_uid(task)), | ||
2319 | from_kuid(&init_user_ns, task->loginuid), | 2327 | from_kuid(&init_user_ns, task->loginuid), |
2320 | from_kuid(&init_user_ns, loginuid), | 2328 | from_kuid(&init_user_ns, loginuid), |
2321 | task->sessionid, sessionid); | 2329 | task->sessionid, sessionid); |
@@ -2540,7 +2548,7 @@ int __audit_signal_info(int sig, struct task_struct *t) | |||
2540 | struct audit_aux_data_pids *axp; | 2548 | struct audit_aux_data_pids *axp; |
2541 | struct task_struct *tsk = current; | 2549 | struct task_struct *tsk = current; |
2542 | struct audit_context *ctx = tsk->audit_context; | 2550 | struct audit_context *ctx = tsk->audit_context; |
2543 | uid_t uid = current_uid(), t_uid = task_uid(t); | 2551 | kuid_t uid = current_uid(), t_uid = task_uid(t); |
2544 | 2552 | ||
2545 | if (audit_pid && t->tgid == audit_pid) { | 2553 | if (audit_pid && t->tgid == audit_pid) { |
2546 | if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) { | 2554 | if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) { |
@@ -2666,8 +2674,8 @@ void __audit_mmap_fd(int fd, int flags) | |||
2666 | 2674 | ||
2667 | static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr) | 2675 | static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr) |
2668 | { | 2676 | { |
2669 | uid_t auid, uid; | 2677 | kuid_t auid, uid; |
2670 | gid_t gid; | 2678 | kgid_t gid; |
2671 | unsigned int sessionid; | 2679 | unsigned int sessionid; |
2672 | 2680 | ||
2673 | auid = audit_get_loginuid(current); | 2681 | auid = audit_get_loginuid(current); |
@@ -2675,7 +2683,10 @@ static void audit_log_abend(struct audit_buffer *ab, char *reason, long signr) | |||
2675 | current_uid_gid(&uid, &gid); | 2683 | current_uid_gid(&uid, &gid); |
2676 | 2684 | ||
2677 | audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u", | 2685 | audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u", |
2678 | auid, uid, gid, sessionid); | 2686 | from_kuid(&init_user_ns, auid), |
2687 | from_kuid(&init_user_ns, uid), | ||
2688 | from_kgid(&init_user_ns, gid), | ||
2689 | sessionid); | ||
2679 | audit_log_task_context(ab); | 2690 | audit_log_task_context(ab); |
2680 | audit_log_format(ab, " pid=%d comm=", current->pid); | 2691 | audit_log_format(ab, " pid=%d comm=", current->pid); |
2681 | audit_log_untrustedstring(ab, current->comm); | 2692 | audit_log_untrustedstring(ab, current->comm); |