aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/linux/audit.h24
-rw-r--r--kernel/auditsc.c14
2 files changed, 25 insertions, 13 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index da5f521be04b..4b62743b2e6d 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -301,11 +301,16 @@ extern void audit_syscall_entry(int arch,
301 int major, unsigned long a0, unsigned long a1, 301 int major, unsigned long a0, unsigned long a1,
302 unsigned long a2, unsigned long a3); 302 unsigned long a2, unsigned long a3);
303extern void audit_syscall_exit(int failed, long return_code); 303extern void audit_syscall_exit(int failed, long return_code);
304extern void audit_getname(const char *name); 304extern void __audit_getname(const char *name);
305extern void audit_putname(const char *name); 305extern void audit_putname(const char *name);
306extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); 306extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags);
307extern void __audit_inode_child(const char *dname, const struct inode *inode, 307extern void __audit_inode_child(const char *dname, const struct inode *inode,
308 unsigned long pino); 308 unsigned long pino);
309static inline void audit_getname(const char *name)
310{
311 if (unlikely(current->audit_context))
312 __audit_getname(name);
313}
309static inline void audit_inode(const char *name, const struct inode *inode, 314static inline void audit_inode(const char *name, const struct inode *inode,
310 unsigned flags) { 315 unsigned flags) {
311 if (unlikely(current->audit_context)) 316 if (unlikely(current->audit_context))
@@ -324,13 +329,26 @@ extern void auditsc_get_stamp(struct audit_context *ctx,
324 struct timespec *t, unsigned int *serial); 329 struct timespec *t, unsigned int *serial);
325extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); 330extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
326extern uid_t audit_get_loginuid(struct audit_context *ctx); 331extern uid_t audit_get_loginuid(struct audit_context *ctx);
327extern int audit_ipc_obj(struct kern_ipc_perm *ipcp); 332extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);
328extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); 333extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
329extern int audit_bprm(struct linux_binprm *bprm); 334extern int audit_bprm(struct linux_binprm *bprm);
330extern int audit_socketcall(int nargs, unsigned long *args); 335extern int audit_socketcall(int nargs, unsigned long *args);
331extern int audit_sockaddr(int len, void *addr); 336extern int audit_sockaddr(int len, void *addr);
332extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); 337extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
333extern int audit_set_macxattr(const char *name); 338extern int audit_set_macxattr(const char *name);
339
340static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp)
341{
342 if (unlikely(current->audit_context))
343 return __audit_ipc_obj(ipcp);
344 return 0;
345}
346static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
347{
348 if (unlikely(current->audit_context))
349 return __audit_ipc_set_perm(qbytes, uid, gid, mode);
350 return 0;
351}
334#else 352#else
335#define audit_alloc(t) ({ 0; }) 353#define audit_alloc(t) ({ 0; })
336#define audit_free(t) do { ; } while (0) 354#define audit_free(t) do { ; } while (0)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index fa4bf9625456..05d31ee4f3dd 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -922,11 +922,11 @@ void audit_syscall_exit(int valid, long return_code)
922 * Add a name to the list of audit names for this context. 922 * Add a name to the list of audit names for this context.
923 * Called from fs/namei.c:getname(). 923 * Called from fs/namei.c:getname().
924 */ 924 */
925void audit_getname(const char *name) 925void __audit_getname(const char *name)
926{ 926{
927 struct audit_context *context = current->audit_context; 927 struct audit_context *context = current->audit_context;
928 928
929 if (!context || IS_ERR(name) || !name) 929 if (IS_ERR(name) || !name)
930 return; 930 return;
931 931
932 if (!context->in_syscall) { 932 if (!context->in_syscall) {
@@ -1189,14 +1189,11 @@ uid_t audit_get_loginuid(struct audit_context *ctx)
1189 * 1189 *
1190 * Returns 0 for success or NULL context or < 0 on error. 1190 * Returns 0 for success or NULL context or < 0 on error.
1191 */ 1191 */
1192int audit_ipc_obj(struct kern_ipc_perm *ipcp) 1192int __audit_ipc_obj(struct kern_ipc_perm *ipcp)
1193{ 1193{
1194 struct audit_aux_data_ipcctl *ax; 1194 struct audit_aux_data_ipcctl *ax;
1195 struct audit_context *context = current->audit_context; 1195 struct audit_context *context = current->audit_context;
1196 1196
1197 if (likely(!context))
1198 return 0;
1199
1200 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 1197 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1201 if (!ax) 1198 if (!ax)
1202 return -ENOMEM; 1199 return -ENOMEM;
@@ -1221,14 +1218,11 @@ int audit_ipc_obj(struct kern_ipc_perm *ipcp)
1221 * 1218 *
1222 * Returns 0 for success or NULL context or < 0 on error. 1219 * Returns 0 for success or NULL context or < 0 on error.
1223 */ 1220 */
1224int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) 1221int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
1225{ 1222{
1226 struct audit_aux_data_ipcctl *ax; 1223 struct audit_aux_data_ipcctl *ax;
1227 struct audit_context *context = current->audit_context; 1224 struct audit_context *context = current->audit_context;
1228 1225
1229 if (likely(!context))
1230 return 0;
1231
1232 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 1226 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1233 if (!ax) 1227 if (!ax)
1234 return -ENOMEM; 1228 return -ENOMEM;