3 files changed, 21 insertions, 36 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index bd59cd1e3219..7ddcb6a29eb1 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -457,7 +457,7 @@ extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
 extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
                                  const struct cred *new,
                                  const struct cred *old);
-extern int __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
+extern void __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
 static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
 {
@@ -504,12 +504,11 @@ static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
        return 0;
 }
-static inline int audit_log_capset(pid_t pid, const struct cred *new,
+static inline void audit_log_capset(pid_t pid, const struct cred *new,
                                   const struct cred *old)
 {
        if (unlikely(!audit_dummy_context()))
-                return __audit_log_capset(pid, new, old);
+                __audit_log_capset(pid, new, old);
-        return 0;
 }
 extern int audit_n_rules;
@@ -544,7 +543,7 @@ extern int audit_signals;
 #define audit_mq_notify(d,n) ((void)0)
 #define audit_mq_getsetattr(d,s) ((void)0)
 #define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
-#define audit_log_capset(pid, ncr, ocr) ({ 0; })
+#define audit_log_capset(pid, ncr, ocr) ((void)0)
 #define audit_ptrace(t) ((void)0)
 #define audit_n_rules 0
 #define audit_signals 0
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 327e65d50674..c76a58215f54 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -235,6 +235,10 @@ struct audit_context {
                        mode_t                  mode;
                        struct mq_attr          attr;
                } mq_open;
+                struct {
+                        pid_t                   pid;
+                        struct audit_cap_data   cap;
+                } capset;
        };
        int fds[2];
@@ -1291,6 +1295,12 @@ static void show_special(struct audit_context *context, int *call_panic)
                        attr->mq_flags, attr->mq_maxmsg,
                        attr->mq_msgsize, attr->mq_curmsgs);
                break; }
+        case AUDIT_CAPSET: {
+                audit_log_format(ab, "pid=%d", context->capset.pid);
+                audit_log_cap(ab, "cap_pi", &context->capset.cap.inheritable);
+                audit_log_cap(ab, "cap_pp", &context->capset.cap.permitted);
+                audit_log_cap(ab, "cap_pe", &context->capset.cap.effective);
+                break; }
        }
        audit_log_end(ab);
 }
@@ -1392,14 +1402,6 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
                        audit_log_cap(ab, "new_pe", &axs->new_pcap.effective);
                        break; }
-                case AUDIT_CAPSET: {
-                        struct audit_aux_data_capset *axs = (void *)aux;
-                        audit_log_format(ab, "pid=%d", axs->pid);
-                        audit_log_cap(ab, "cap_pi", &axs->cap.inheritable);
-                        audit_log_cap(ab, "cap_pp", &axs->cap.permitted);
-                        audit_log_cap(ab, "cap_pe", &axs->cap.effective);
-                        break; }
                }
                audit_log_end(ab);
        }
@@ -2456,29 +2458,15 @@ int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
 * Record the aguments userspace sent to sys_capset for later printing by the
 * audit system if applicable
 */
-int __audit_log_capset(pid_t pid,
+void __audit_log_capset(pid_t pid,
                       const struct cred *new, const struct cred *old)
 {
-        struct audit_aux_data_capset *ax;
        struct audit_context *context = current->audit_context;
+        context->capset.pid = pid;
-        if (likely(!audit_enabled || !context || context->dummy))
+        context->capset.cap.effective   = new->cap_effective;
-                return 0;
+        context->capset.cap.inheritable = new->cap_effective;
+        context->capset.cap.permitted   = new->cap_permitted;
-        ax = kmalloc(sizeof(*ax), GFP_KERNEL);
+        context->type = AUDIT_CAPSET;
-        if (!ax)
-                return -ENOMEM;
-        ax->d.type = AUDIT_CAPSET;
-        ax->d.next = context->aux;
-        context->aux = (void *)ax;
-        ax->pid = pid;
-        ax->cap.effective   = new->cap_effective;
-        ax->cap.inheritable = new->cap_effective;
-        ax->cap.permitted   = new->cap_permitted;
-        return 0;
 }
 /**
diff --git a/kernel/capability.c b/kernel/capability.c
index 36b4b4daebec..c598d9d5be4f 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -280,9 +280,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
        if (ret < 0)
                goto error;
-        ret = audit_log_capset(pid, new, current_cred());
+        audit_log_capset(pid, new, current_cred());
-        if (ret < 0)
-                return ret;
        return commit_creds(new);

diff --git a/include/linux/audit.h b/include/linux/audit.h index bd59cd1e3219..7ddcb6a29eb1 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -457,7 +457,7 @@ extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
457	extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,	457	extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
458	const struct cred *new,	458	const struct cred *new,
459	const struct cred *old);	459	const struct cred *old);
460	extern int __audit_log_capset(pid_t pid, const struct cred new, const struct cred old);	460	extern void __audit_log_capset(pid_t pid, const struct cred new, const struct cred old);
461		461
462	static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)	462	static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
463	{	463	{
@@ -504,12 +504,11 @@ static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
504	return 0;	504	return 0;
505	}	505	}
506		506
507	static inline int audit_log_capset(pid_t pid, const struct cred *new,	507	static inline void audit_log_capset(pid_t pid, const struct cred *new,
508	const struct cred *old)	508	const struct cred *old)
509	{	509	{
510	if (unlikely(!audit_dummy_context()))	510	if (unlikely(!audit_dummy_context()))
511	return __audit_log_capset(pid, new, old);	511	__audit_log_capset(pid, new, old);
512	return 0;
513	}	512	}
514		513
515	extern int audit_n_rules;	514	extern int audit_n_rules;
@@ -544,7 +543,7 @@ extern int audit_signals;
544	#define audit_mq_notify(d,n) ((void)0)	543	#define audit_mq_notify(d,n) ((void)0)
545	#define audit_mq_getsetattr(d,s) ((void)0)	544	#define audit_mq_getsetattr(d,s) ((void)0)
546	#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })	545	#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
547	#define audit_log_capset(pid, ncr, ocr) ({ 0; })	546	#define audit_log_capset(pid, ncr, ocr) ((void)0)
548	#define audit_ptrace(t) ((void)0)	547	#define audit_ptrace(t) ((void)0)
549	#define audit_n_rules 0	548	#define audit_n_rules 0
550	#define audit_signals 0	549	#define audit_signals 0


diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 327e65d50674..c76a58215f54 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c
@@ -235,6 +235,10 @@ struct audit_context {
235	mode_t mode;	235	mode_t mode;
236	struct mq_attr attr;	236	struct mq_attr attr;
237	} mq_open;	237	} mq_open;
		238	struct {
		239	pid_t pid;
		240	struct audit_cap_data cap;
		241	} capset;
238	};	242	};
239	int fds[2];	243	int fds[2];
240		244
@@ -1291,6 +1295,12 @@ static void show_special(struct audit_context context, int call_panic)
1291	attr->mq_flags, attr->mq_maxmsg,	1295	attr->mq_flags, attr->mq_maxmsg,
1292	attr->mq_msgsize, attr->mq_curmsgs);	1296	attr->mq_msgsize, attr->mq_curmsgs);
1293	break; }	1297	break; }
		1298	case AUDIT_CAPSET: {
		1299	audit_log_format(ab, "pid=%d", context->capset.pid);
		1300	audit_log_cap(ab, "cap_pi", &context->capset.cap.inheritable);
		1301	audit_log_cap(ab, "cap_pp", &context->capset.cap.permitted);
		1302	audit_log_cap(ab, "cap_pe", &context->capset.cap.effective);
		1303	break; }
1294	}	1304	}
1295	audit_log_end(ab);	1305	audit_log_end(ab);
1296	}	1306	}
@@ -1392,14 +1402,6 @@ static void audit_log_exit(struct audit_context context, struct task_struct ts
1392	audit_log_cap(ab, "new_pe", &axs->new_pcap.effective);	1402	audit_log_cap(ab, "new_pe", &axs->new_pcap.effective);
1393	break; }	1403	break; }
1394		1404
1395	case AUDIT_CAPSET: {
1396	struct audit_aux_data_capset axs = (void )aux;
1397	audit_log_format(ab, "pid=%d", axs->pid);
1398	audit_log_cap(ab, "cap_pi", &axs->cap.inheritable);
1399	audit_log_cap(ab, "cap_pp", &axs->cap.permitted);
1400	audit_log_cap(ab, "cap_pe", &axs->cap.effective);
1401	break; }
1402
1403	}	1405	}
1404	audit_log_end(ab);	1406	audit_log_end(ab);
1405	}	1407	}
@@ -2456,29 +2458,15 @@ int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
2456	* Record the aguments userspace sent to sys_capset for later printing by the	2458	* Record the aguments userspace sent to sys_capset for later printing by the
2457	* audit system if applicable	2459	* audit system if applicable
2458	*/	2460	*/
2459	int __audit_log_capset(pid_t pid,	2461	void __audit_log_capset(pid_t pid,
2460	const struct cred new, const struct cred old)	2462	const struct cred new, const struct cred old)
2461	{	2463	{
2462	struct audit_aux_data_capset *ax;
2463	struct audit_context *context = current->audit_context;	2464	struct audit_context *context = current->audit_context;
2464		2465	context->capset.pid = pid;
2465	if (likely(!audit_enabled \|\| !context \|\| context->dummy))	2466	context->capset.cap.effective = new->cap_effective;
2466	return 0;	2467	context->capset.cap.inheritable = new->cap_effective;
2467		2468	context->capset.cap.permitted = new->cap_permitted;
2468	ax = kmalloc(sizeof(*ax), GFP_KERNEL);	2469	context->type = AUDIT_CAPSET;
2469	if (!ax)
2470	return -ENOMEM;
2471
2472	ax->d.type = AUDIT_CAPSET;
2473	ax->d.next = context->aux;
2474	context->aux = (void *)ax;
2475
2476	ax->pid = pid;
2477	ax->cap.effective = new->cap_effective;
2478	ax->cap.inheritable = new->cap_effective;
2479	ax->cap.permitted = new->cap_permitted;
2480
2481	return 0;
2482	}	2470	}
2483		2471
2484	/**	2472	/**


diff --git a/kernel/capability.c b/kernel/capability.c index 36b4b4daebec..c598d9d5be4f 100644 --- a/kernel/capability.c +++ b/kernel/capability.c
@@ -280,9 +280,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
280	if (ret < 0)	280	if (ret < 0)
281	goto error;	281	goto error;
282		282
283	ret = audit_log_capset(pid, new, current_cred());	283	audit_log_capset(pid, new, current_cred());
284	if (ret < 0)
285	return ret;
286		284
287	return commit_creds(new);	285	return commit_creds(new);
288		286