aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kernel/auditsc.c62
1 files changed, 32 insertions, 30 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 8ec52ffad633..ba0ec1ba6698 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -506,7 +506,7 @@ static inline void audit_free_context(struct audit_context *context)
506 printk(KERN_ERR "audit: freed %d contexts\n", count); 506 printk(KERN_ERR "audit: freed %d contexts\n", count);
507} 507}
508 508
509static void audit_log_task_context(struct audit_buffer *ab, gfp_t gfp_mask) 509static void audit_log_task_context(struct audit_buffer *ab)
510{ 510{
511 char *ctx = NULL; 511 char *ctx = NULL;
512 ssize_t len = 0; 512 ssize_t len = 0;
@@ -518,7 +518,7 @@ static void audit_log_task_context(struct audit_buffer *ab, gfp_t gfp_mask)
518 return; 518 return;
519 } 519 }
520 520
521 ctx = kmalloc(len, gfp_mask); 521 ctx = kmalloc(len, GFP_KERNEL);
522 if (!ctx) 522 if (!ctx)
523 goto error_path; 523 goto error_path;
524 524
@@ -536,47 +536,46 @@ error_path:
536 return; 536 return;
537} 537}
538 538
539static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk, gfp_t gfp_mask) 539static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
540{ 540{
541 char name[sizeof(tsk->comm)]; 541 char name[sizeof(tsk->comm)];
542 struct mm_struct *mm = tsk->mm; 542 struct mm_struct *mm = tsk->mm;
543 struct vm_area_struct *vma; 543 struct vm_area_struct *vma;
544 544
545 /* tsk == current */
546
545 get_task_comm(name, tsk); 547 get_task_comm(name, tsk);
546 audit_log_format(ab, " comm="); 548 audit_log_format(ab, " comm=");
547 audit_log_untrustedstring(ab, name); 549 audit_log_untrustedstring(ab, name);
548 550
549 if (!mm) 551 if (mm) {
550 return; 552 down_read(&mm->mmap_sem);
551 553 vma = mm->mmap;
552 /* 554 while (vma) {
553 * this is brittle; all callers that pass GFP_ATOMIC will have 555 if ((vma->vm_flags & VM_EXECUTABLE) &&
554 * NULL tsk->mm and we won't get here. 556 vma->vm_file) {
555 */ 557 audit_log_d_path(ab, "exe=",
556 down_read(&mm->mmap_sem); 558 vma->vm_file->f_dentry,
557 vma = mm->mmap; 559 vma->vm_file->f_vfsmnt);
558 while (vma) { 560 break;
559 if ((vma->vm_flags & VM_EXECUTABLE) && 561 }
560 vma->vm_file) { 562 vma = vma->vm_next;
561 audit_log_d_path(ab, "exe=",
562 vma->vm_file->f_dentry,
563 vma->vm_file->f_vfsmnt);
564 break;
565 } 563 }
566 vma = vma->vm_next; 564 up_read(&mm->mmap_sem);
567 } 565 }
568 up_read(&mm->mmap_sem); 566 audit_log_task_context(ab);
569 audit_log_task_context(ab, gfp_mask);
570} 567}
571 568
572static void audit_log_exit(struct audit_context *context, struct task_struct *tsk, gfp_t gfp_mask) 569static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
573{ 570{
574 int i; 571 int i;
575 struct audit_buffer *ab; 572 struct audit_buffer *ab;
576 struct audit_aux_data *aux; 573 struct audit_aux_data *aux;
577 const char *tty; 574 const char *tty;
578 575
579 ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL); 576 /* tsk == current */
577
578 ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL);
580 if (!ab) 579 if (!ab)
581 return; /* audit_panic has been called */ 580 return; /* audit_panic has been called */
582 audit_log_format(ab, "arch=%x syscall=%d", 581 audit_log_format(ab, "arch=%x syscall=%d",
@@ -607,12 +606,12 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
607 context->gid, 606 context->gid,
608 context->euid, context->suid, context->fsuid, 607 context->euid, context->suid, context->fsuid,
609 context->egid, context->sgid, context->fsgid, tty); 608 context->egid, context->sgid, context->fsgid, tty);
610 audit_log_task_info(ab, gfp_mask); 609 audit_log_task_info(ab, tsk);
611 audit_log_end(ab); 610 audit_log_end(ab);
612 611
613 for (aux = context->aux; aux; aux = aux->next) { 612 for (aux = context->aux; aux; aux = aux->next) {
614 613
615 ab = audit_log_start(context, gfp_mask, aux->type); 614 ab = audit_log_start(context, GFP_KERNEL, aux->type);
616 if (!ab) 615 if (!ab)
617 continue; /* audit_panic has been called */ 616 continue; /* audit_panic has been called */
618 617
@@ -649,7 +648,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
649 } 648 }
650 649
651 if (context->pwd && context->pwdmnt) { 650 if (context->pwd && context->pwdmnt) {
652 ab = audit_log_start(context, gfp_mask, AUDIT_CWD); 651 ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD);
653 if (ab) { 652 if (ab) {
654 audit_log_d_path(ab, "cwd=", context->pwd, context->pwdmnt); 653 audit_log_d_path(ab, "cwd=", context->pwd, context->pwdmnt);
655 audit_log_end(ab); 654 audit_log_end(ab);
@@ -659,7 +658,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
659 unsigned long ino = context->names[i].ino; 658 unsigned long ino = context->names[i].ino;
660 unsigned long pino = context->names[i].pino; 659 unsigned long pino = context->names[i].pino;
661 660
662 ab = audit_log_start(context, gfp_mask, AUDIT_PATH); 661 ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH);
663 if (!ab) 662 if (!ab)
664 continue; /* audit_panic has been called */ 663 continue; /* audit_panic has been called */
665 664
@@ -712,8 +711,9 @@ void audit_free(struct task_struct *tsk)
712 * function (e.g., exit_group), then free context block. 711 * function (e.g., exit_group), then free context block.
713 * We use GFP_ATOMIC here because we might be doing this 712 * We use GFP_ATOMIC here because we might be doing this
714 * in the context of the idle thread */ 713 * in the context of the idle thread */
714 /* that can happen only if we are called from do_exit() */
715 if (context->in_syscall && context->auditable) 715 if (context->in_syscall && context->auditable)
716 audit_log_exit(context, tsk, GFP_ATOMIC); 716 audit_log_exit(context, tsk);
717 717
718 audit_free_context(context); 718 audit_free_context(context);
719} 719}
@@ -821,6 +821,8 @@ void audit_syscall_exit(struct task_struct *tsk, int valid, long return_code)
821{ 821{
822 struct audit_context *context; 822 struct audit_context *context;
823 823
824 /* tsk == current */
825
824 get_task_struct(tsk); 826 get_task_struct(tsk);
825 task_lock(tsk); 827 task_lock(tsk);
826 context = audit_get_context(tsk, valid, return_code); 828 context = audit_get_context(tsk, valid, return_code);
@@ -832,7 +834,7 @@ void audit_syscall_exit(struct task_struct *tsk, int valid, long return_code)
832 goto out; 834 goto out;
833 835
834 if (context->in_syscall && context->auditable) 836 if (context->in_syscall && context->auditable)
835 audit_log_exit(context, tsk, GFP_KERNEL); 837 audit_log_exit(context, tsk);
836 838
837 context->in_syscall = 0; 839 context->in_syscall = 0;
838 context->auditable = 0; 840 context->auditable = 0;