diff options
| -rw-r--r-- | kernel/auditsc.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 105147631753..b61c0191f3da 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -278,8 +278,11 @@ static int audit_filter_rules(struct task_struct *tsk, | |||
| 278 | result = audit_comparator(tsk->pid, f->op, f->val); | 278 | result = audit_comparator(tsk->pid, f->op, f->val); |
| 279 | break; | 279 | break; |
| 280 | case AUDIT_PPID: | 280 | case AUDIT_PPID: |
| 281 | if (ctx) | 281 | if (ctx) { |
| 282 | if (!ctx->ppid) | ||
| 283 | ctx->ppid = sys_getppid(); | ||
| 282 | result = audit_comparator(ctx->ppid, f->op, f->val); | 284 | result = audit_comparator(ctx->ppid, f->op, f->val); |
| 285 | } | ||
| 283 | break; | 286 | break; |
| 284 | case AUDIT_UID: | 287 | case AUDIT_UID: |
| 285 | result = audit_comparator(tsk->uid, f->op, f->val); | 288 | result = audit_comparator(tsk->uid, f->op, f->val); |
| @@ -795,7 +798,8 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
| 795 | 798 | ||
| 796 | /* tsk == current */ | 799 | /* tsk == current */ |
| 797 | context->pid = tsk->pid; | 800 | context->pid = tsk->pid; |
| 798 | context->ppid = sys_getppid(); /* sic. tsk == current in all cases */ | 801 | if (!context->ppid) |
| 802 | context->ppid = sys_getppid(); | ||
| 799 | context->uid = tsk->uid; | 803 | context->uid = tsk->uid; |
| 800 | context->gid = tsk->gid; | 804 | context->gid = tsk->gid; |
| 801 | context->euid = tsk->euid; | 805 | context->euid = tsk->euid; |
| @@ -1137,6 +1141,7 @@ void audit_syscall_entry(int arch, int major, | |||
| 1137 | context->ctime = CURRENT_TIME; | 1141 | context->ctime = CURRENT_TIME; |
| 1138 | context->in_syscall = 1; | 1142 | context->in_syscall = 1; |
| 1139 | context->auditable = !!(state == AUDIT_RECORD_CONTEXT); | 1143 | context->auditable = !!(state == AUDIT_RECORD_CONTEXT); |
| 1144 | context->ppid = 0; | ||
| 1140 | } | 1145 | } |
| 1141 | 1146 | ||
| 1142 | /** | 1147 | /** |