diff options
-rw-r--r-- | kernel/auditsc.c | 62 |
1 files changed, 32 insertions, 30 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 8ec52ffad633..ba0ec1ba6698 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -506,7 +506,7 @@ static inline void audit_free_context(struct audit_context *context) | |||
506 | printk(KERN_ERR "audit: freed %d contexts\n", count); | 506 | printk(KERN_ERR "audit: freed %d contexts\n", count); |
507 | } | 507 | } |
508 | 508 | ||
509 | static void audit_log_task_context(struct audit_buffer *ab, gfp_t gfp_mask) | 509 | static void audit_log_task_context(struct audit_buffer *ab) |
510 | { | 510 | { |
511 | char *ctx = NULL; | 511 | char *ctx = NULL; |
512 | ssize_t len = 0; | 512 | ssize_t len = 0; |
@@ -518,7 +518,7 @@ static void audit_log_task_context(struct audit_buffer *ab, gfp_t gfp_mask) | |||
518 | return; | 518 | return; |
519 | } | 519 | } |
520 | 520 | ||
521 | ctx = kmalloc(len, gfp_mask); | 521 | ctx = kmalloc(len, GFP_KERNEL); |
522 | if (!ctx) | 522 | if (!ctx) |
523 | goto error_path; | 523 | goto error_path; |
524 | 524 | ||
@@ -536,47 +536,46 @@ error_path: | |||
536 | return; | 536 | return; |
537 | } | 537 | } |
538 | 538 | ||
539 | static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk, gfp_t gfp_mask) | 539 | static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk) |
540 | { | 540 | { |
541 | char name[sizeof(tsk->comm)]; | 541 | char name[sizeof(tsk->comm)]; |
542 | struct mm_struct *mm = tsk->mm; | 542 | struct mm_struct *mm = tsk->mm; |
543 | struct vm_area_struct *vma; | 543 | struct vm_area_struct *vma; |
544 | 544 | ||
545 | /* tsk == current */ | ||
546 | |||
545 | get_task_comm(name, tsk); | 547 | get_task_comm(name, tsk); |
546 | audit_log_format(ab, " comm="); | 548 | audit_log_format(ab, " comm="); |
547 | audit_log_untrustedstring(ab, name); | 549 | audit_log_untrustedstring(ab, name); |
548 | 550 | ||
549 | if (!mm) | 551 | if (mm) { |
550 | return; | 552 | down_read(&mm->mmap_sem); |
551 | 553 | vma = mm->mmap; | |
552 | /* | 554 | while (vma) { |
553 | * this is brittle; all callers that pass GFP_ATOMIC will have | 555 | if ((vma->vm_flags & VM_EXECUTABLE) && |
554 | * NULL tsk->mm and we won't get here. | 556 | vma->vm_file) { |
555 | */ | 557 | audit_log_d_path(ab, "exe=", |
556 | down_read(&mm->mmap_sem); | 558 | vma->vm_file->f_dentry, |
557 | vma = mm->mmap; | 559 | vma->vm_file->f_vfsmnt); |
558 | while (vma) { | 560 | break; |
559 | if ((vma->vm_flags & VM_EXECUTABLE) && | 561 | } |
560 | vma->vm_file) { | 562 | vma = vma->vm_next; |
561 | audit_log_d_path(ab, "exe=", | ||
562 | vma->vm_file->f_dentry, | ||
563 | vma->vm_file->f_vfsmnt); | ||
564 | break; | ||
565 | } | 563 | } |
566 | vma = vma->vm_next; | 564 | up_read(&mm->mmap_sem); |
567 | } | 565 | } |
568 | up_read(&mm->mmap_sem); | 566 | audit_log_task_context(ab); |
569 | audit_log_task_context(ab, gfp_mask); | ||
570 | } | 567 | } |
571 | 568 | ||
572 | static void audit_log_exit(struct audit_context *context, struct task_struct *tsk, gfp_t gfp_mask) | 569 | static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) |
573 | { | 570 | { |
574 | int i; | 571 | int i; |
575 | struct audit_buffer *ab; | 572 | struct audit_buffer *ab; |
576 | struct audit_aux_data *aux; | 573 | struct audit_aux_data *aux; |
577 | const char *tty; | 574 | const char *tty; |
578 | 575 | ||
579 | ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL); | 576 | /* tsk == current */ |
577 | |||
578 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL); | ||
580 | if (!ab) | 579 | if (!ab) |
581 | return; /* audit_panic has been called */ | 580 | return; /* audit_panic has been called */ |
582 | audit_log_format(ab, "arch=%x syscall=%d", | 581 | audit_log_format(ab, "arch=%x syscall=%d", |
@@ -607,12 +606,12 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
607 | context->gid, | 606 | context->gid, |
608 | context->euid, context->suid, context->fsuid, | 607 | context->euid, context->suid, context->fsuid, |
609 | context->egid, context->sgid, context->fsgid, tty); | 608 | context->egid, context->sgid, context->fsgid, tty); |
610 | audit_log_task_info(ab, gfp_mask); | 609 | audit_log_task_info(ab, tsk); |
611 | audit_log_end(ab); | 610 | audit_log_end(ab); |
612 | 611 | ||
613 | for (aux = context->aux; aux; aux = aux->next) { | 612 | for (aux = context->aux; aux; aux = aux->next) { |
614 | 613 | ||
615 | ab = audit_log_start(context, gfp_mask, aux->type); | 614 | ab = audit_log_start(context, GFP_KERNEL, aux->type); |
616 | if (!ab) | 615 | if (!ab) |
617 | continue; /* audit_panic has been called */ | 616 | continue; /* audit_panic has been called */ |
618 | 617 | ||
@@ -649,7 +648,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
649 | } | 648 | } |
650 | 649 | ||
651 | if (context->pwd && context->pwdmnt) { | 650 | if (context->pwd && context->pwdmnt) { |
652 | ab = audit_log_start(context, gfp_mask, AUDIT_CWD); | 651 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD); |
653 | if (ab) { | 652 | if (ab) { |
654 | audit_log_d_path(ab, "cwd=", context->pwd, context->pwdmnt); | 653 | audit_log_d_path(ab, "cwd=", context->pwd, context->pwdmnt); |
655 | audit_log_end(ab); | 654 | audit_log_end(ab); |
@@ -659,7 +658,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
659 | unsigned long ino = context->names[i].ino; | 658 | unsigned long ino = context->names[i].ino; |
660 | unsigned long pino = context->names[i].pino; | 659 | unsigned long pino = context->names[i].pino; |
661 | 660 | ||
662 | ab = audit_log_start(context, gfp_mask, AUDIT_PATH); | 661 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH); |
663 | if (!ab) | 662 | if (!ab) |
664 | continue; /* audit_panic has been called */ | 663 | continue; /* audit_panic has been called */ |
665 | 664 | ||
@@ -712,8 +711,9 @@ void audit_free(struct task_struct *tsk) | |||
712 | * function (e.g., exit_group), then free context block. | 711 | * function (e.g., exit_group), then free context block. |
713 | * We use GFP_ATOMIC here because we might be doing this | 712 | * We use GFP_ATOMIC here because we might be doing this |
714 | * in the context of the idle thread */ | 713 | * in the context of the idle thread */ |
714 | /* that can happen only if we are called from do_exit() */ | ||
715 | if (context->in_syscall && context->auditable) | 715 | if (context->in_syscall && context->auditable) |
716 | audit_log_exit(context, tsk, GFP_ATOMIC); | 716 | audit_log_exit(context, tsk); |
717 | 717 | ||
718 | audit_free_context(context); | 718 | audit_free_context(context); |
719 | } | 719 | } |
@@ -821,6 +821,8 @@ void audit_syscall_exit(struct task_struct *tsk, int valid, long return_code) | |||
821 | { | 821 | { |
822 | struct audit_context *context; | 822 | struct audit_context *context; |
823 | 823 | ||
824 | /* tsk == current */ | ||
825 | |||
824 | get_task_struct(tsk); | 826 | get_task_struct(tsk); |
825 | task_lock(tsk); | 827 | task_lock(tsk); |
826 | context = audit_get_context(tsk, valid, return_code); | 828 | context = audit_get_context(tsk, valid, return_code); |
@@ -832,7 +834,7 @@ void audit_syscall_exit(struct task_struct *tsk, int valid, long return_code) | |||
832 | goto out; | 834 | goto out; |
833 | 835 | ||
834 | if (context->in_syscall && context->auditable) | 836 | if (context->in_syscall && context->auditable) |
835 | audit_log_exit(context, tsk, GFP_KERNEL); | 837 | audit_log_exit(context, tsk); |
836 | 838 | ||
837 | context->in_syscall = 0; | 839 | context->in_syscall = 0; |
838 | context->auditable = 0; | 840 | context->auditable = 0; |