diff options
-rw-r--r-- | include/linux/audit.h | 24 | ||||
-rw-r--r-- | kernel/auditsc.c | 14 |
2 files changed, 25 insertions, 13 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index da5f521be04b..4b62743b2e6d 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -301,11 +301,16 @@ extern void audit_syscall_entry(int arch, | |||
301 | int major, unsigned long a0, unsigned long a1, | 301 | int major, unsigned long a0, unsigned long a1, |
302 | unsigned long a2, unsigned long a3); | 302 | unsigned long a2, unsigned long a3); |
303 | extern void audit_syscall_exit(int failed, long return_code); | 303 | extern void audit_syscall_exit(int failed, long return_code); |
304 | extern void audit_getname(const char *name); | 304 | extern void __audit_getname(const char *name); |
305 | extern void audit_putname(const char *name); | 305 | extern void audit_putname(const char *name); |
306 | extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); | 306 | extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); |
307 | extern void __audit_inode_child(const char *dname, const struct inode *inode, | 307 | extern void __audit_inode_child(const char *dname, const struct inode *inode, |
308 | unsigned long pino); | 308 | unsigned long pino); |
309 | static inline void audit_getname(const char *name) | ||
310 | { | ||
311 | if (unlikely(current->audit_context)) | ||
312 | __audit_getname(name); | ||
313 | } | ||
309 | static inline void audit_inode(const char *name, const struct inode *inode, | 314 | static inline void audit_inode(const char *name, const struct inode *inode, |
310 | unsigned flags) { | 315 | unsigned flags) { |
311 | if (unlikely(current->audit_context)) | 316 | if (unlikely(current->audit_context)) |
@@ -324,13 +329,26 @@ extern void auditsc_get_stamp(struct audit_context *ctx, | |||
324 | struct timespec *t, unsigned int *serial); | 329 | struct timespec *t, unsigned int *serial); |
325 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); | 330 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); |
326 | extern uid_t audit_get_loginuid(struct audit_context *ctx); | 331 | extern uid_t audit_get_loginuid(struct audit_context *ctx); |
327 | extern int audit_ipc_obj(struct kern_ipc_perm *ipcp); | 332 | extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); |
328 | extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); | 333 | extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); |
329 | extern int audit_bprm(struct linux_binprm *bprm); | 334 | extern int audit_bprm(struct linux_binprm *bprm); |
330 | extern int audit_socketcall(int nargs, unsigned long *args); | 335 | extern int audit_socketcall(int nargs, unsigned long *args); |
331 | extern int audit_sockaddr(int len, void *addr); | 336 | extern int audit_sockaddr(int len, void *addr); |
332 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); | 337 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); |
333 | extern int audit_set_macxattr(const char *name); | 338 | extern int audit_set_macxattr(const char *name); |
339 | |||
340 | static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp) | ||
341 | { | ||
342 | if (unlikely(current->audit_context)) | ||
343 | return __audit_ipc_obj(ipcp); | ||
344 | return 0; | ||
345 | } | ||
346 | static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) | ||
347 | { | ||
348 | if (unlikely(current->audit_context)) | ||
349 | return __audit_ipc_set_perm(qbytes, uid, gid, mode); | ||
350 | return 0; | ||
351 | } | ||
334 | #else | 352 | #else |
335 | #define audit_alloc(t) ({ 0; }) | 353 | #define audit_alloc(t) ({ 0; }) |
336 | #define audit_free(t) do { ; } while (0) | 354 | #define audit_free(t) do { ; } while (0) |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index fa4bf9625456..05d31ee4f3dd 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -922,11 +922,11 @@ void audit_syscall_exit(int valid, long return_code) | |||
922 | * Add a name to the list of audit names for this context. | 922 | * Add a name to the list of audit names for this context. |
923 | * Called from fs/namei.c:getname(). | 923 | * Called from fs/namei.c:getname(). |
924 | */ | 924 | */ |
925 | void audit_getname(const char *name) | 925 | void __audit_getname(const char *name) |
926 | { | 926 | { |
927 | struct audit_context *context = current->audit_context; | 927 | struct audit_context *context = current->audit_context; |
928 | 928 | ||
929 | if (!context || IS_ERR(name) || !name) | 929 | if (IS_ERR(name) || !name) |
930 | return; | 930 | return; |
931 | 931 | ||
932 | if (!context->in_syscall) { | 932 | if (!context->in_syscall) { |
@@ -1189,14 +1189,11 @@ uid_t audit_get_loginuid(struct audit_context *ctx) | |||
1189 | * | 1189 | * |
1190 | * Returns 0 for success or NULL context or < 0 on error. | 1190 | * Returns 0 for success or NULL context or < 0 on error. |
1191 | */ | 1191 | */ |
1192 | int audit_ipc_obj(struct kern_ipc_perm *ipcp) | 1192 | int __audit_ipc_obj(struct kern_ipc_perm *ipcp) |
1193 | { | 1193 | { |
1194 | struct audit_aux_data_ipcctl *ax; | 1194 | struct audit_aux_data_ipcctl *ax; |
1195 | struct audit_context *context = current->audit_context; | 1195 | struct audit_context *context = current->audit_context; |
1196 | 1196 | ||
1197 | if (likely(!context)) | ||
1198 | return 0; | ||
1199 | |||
1200 | ax = kmalloc(sizeof(*ax), GFP_ATOMIC); | 1197 | ax = kmalloc(sizeof(*ax), GFP_ATOMIC); |
1201 | if (!ax) | 1198 | if (!ax) |
1202 | return -ENOMEM; | 1199 | return -ENOMEM; |
@@ -1221,14 +1218,11 @@ int audit_ipc_obj(struct kern_ipc_perm *ipcp) | |||
1221 | * | 1218 | * |
1222 | * Returns 0 for success or NULL context or < 0 on error. | 1219 | * Returns 0 for success or NULL context or < 0 on error. |
1223 | */ | 1220 | */ |
1224 | int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) | 1221 | int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) |
1225 | { | 1222 | { |
1226 | struct audit_aux_data_ipcctl *ax; | 1223 | struct audit_aux_data_ipcctl *ax; |
1227 | struct audit_context *context = current->audit_context; | 1224 | struct audit_context *context = current->audit_context; |
1228 | 1225 | ||
1229 | if (likely(!context)) | ||
1230 | return 0; | ||
1231 | |||
1232 | ax = kmalloc(sizeof(*ax), GFP_ATOMIC); | 1226 | ax = kmalloc(sizeof(*ax), GFP_ATOMIC); |
1233 | if (!ax) | 1227 | if (!ax) |
1234 | return -ENOMEM; | 1228 | return -ENOMEM; |