diff options
| -rw-r--r-- | drivers/char/tty_audit.c | 3 | ||||
| -rw-r--r-- | fs/proc/base.c | 2 | ||||
| -rw-r--r-- | include/linux/audit.h | 4 | ||||
| -rw-r--r-- | kernel/auditsc.c | 5 | ||||
| -rw-r--r-- | net/core/dev.c | 2 | ||||
| -rw-r--r-- | net/key/af_key.c | 14 | ||||
| -rw-r--r-- | net/netlink/af_netlink.c | 2 | ||||
| -rw-r--r-- | net/xfrm/xfrm_state.c | 2 | ||||
| -rw-r--r-- | security/selinux/selinuxfs.c | 6 | ||||
| -rw-r--r-- | security/selinux/ss/services.c | 2 |
10 files changed, 21 insertions, 21 deletions
diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c index d222012c1b0c..c590fc45b2fd 100644 --- a/drivers/char/tty_audit.c +++ b/drivers/char/tty_audit.c | |||
| @@ -105,8 +105,7 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid, | |||
| 105 | */ | 105 | */ |
| 106 | static void tty_audit_buf_push_current(struct tty_audit_buf *buf) | 106 | static void tty_audit_buf_push_current(struct tty_audit_buf *buf) |
| 107 | { | 107 | { |
| 108 | tty_audit_buf_push(current, audit_get_loginuid(current->audit_context), | 108 | tty_audit_buf_push(current, audit_get_loginuid(current), buf); |
| 109 | buf); | ||
| 110 | } | 109 | } |
| 111 | 110 | ||
| 112 | /** | 111 | /** |
diff --git a/fs/proc/base.c b/fs/proc/base.c index 9fa9708cc715..33537487f5ab 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c | |||
| @@ -984,7 +984,7 @@ static ssize_t proc_loginuid_read(struct file * file, char __user * buf, | |||
| 984 | if (!task) | 984 | if (!task) |
| 985 | return -ESRCH; | 985 | return -ESRCH; |
| 986 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", | 986 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", |
| 987 | audit_get_loginuid(task->audit_context)); | 987 | audit_get_loginuid(task)); |
| 988 | put_task_struct(task); | 988 | put_task_struct(task); |
| 989 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 989 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
| 990 | } | 990 | } |
diff --git a/include/linux/audit.h b/include/linux/audit.h index bdd6f5de5fc4..f63117fab305 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -409,7 +409,7 @@ extern unsigned int audit_serial(void); | |||
| 409 | extern void auditsc_get_stamp(struct audit_context *ctx, | 409 | extern void auditsc_get_stamp(struct audit_context *ctx, |
| 410 | struct timespec *t, unsigned int *serial); | 410 | struct timespec *t, unsigned int *serial); |
| 411 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); | 411 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); |
| 412 | extern uid_t audit_get_loginuid(struct audit_context *ctx); | 412 | extern uid_t audit_get_loginuid(struct task_struct *task); |
| 413 | extern void audit_log_task_context(struct audit_buffer *ab); | 413 | extern void audit_log_task_context(struct audit_buffer *ab); |
| 414 | extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); | 414 | extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); |
| 415 | extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); | 415 | extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); |
| @@ -488,7 +488,7 @@ extern int audit_signals; | |||
| 488 | #define audit_inode_child(d,i,p) do { ; } while (0) | 488 | #define audit_inode_child(d,i,p) do { ; } while (0) |
| 489 | #define audit_core_dumps(i) do { ; } while (0) | 489 | #define audit_core_dumps(i) do { ; } while (0) |
| 490 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) | 490 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) |
| 491 | #define audit_get_loginuid(c) ({ -1; }) | 491 | #define audit_get_loginuid(t) (-1) |
| 492 | #define audit_log_task_context(b) do { ; } while (0) | 492 | #define audit_log_task_context(b) do { ; } while (0) |
| 493 | #define audit_ipc_obj(i) ({ 0; }) | 493 | #define audit_ipc_obj(i) ({ 0; }) |
| 494 | #define audit_ipc_set_perm(q,u,g,m) ({ 0; }) | 494 | #define audit_ipc_set_perm(q,u,g,m) ({ 0; }) |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index bce9ecdb7712..bd4e0a2443fb 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -1804,8 +1804,9 @@ int audit_set_loginuid(struct task_struct *task, uid_t loginuid) | |||
| 1804 | * | 1804 | * |
| 1805 | * Returns the context's loginuid or -1 if @ctx is NULL. | 1805 | * Returns the context's loginuid or -1 if @ctx is NULL. |
| 1806 | */ | 1806 | */ |
| 1807 | uid_t audit_get_loginuid(struct audit_context *ctx) | 1807 | uid_t audit_get_loginuid(struct task_struct *task) |
| 1808 | { | 1808 | { |
| 1809 | struct audit_context *ctx = task->audit_context; | ||
| 1809 | return ctx ? ctx->loginuid : -1; | 1810 | return ctx ? ctx->loginuid : -1; |
| 1810 | } | 1811 | } |
| 1811 | 1812 | ||
| @@ -2273,7 +2274,7 @@ void audit_core_dumps(long signr) | |||
| 2273 | 2274 | ||
| 2274 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND); | 2275 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND); |
| 2275 | audit_log_format(ab, "auid=%u uid=%u gid=%u", | 2276 | audit_log_format(ab, "auid=%u uid=%u gid=%u", |
| 2276 | audit_get_loginuid(current->audit_context), | 2277 | audit_get_loginuid(current), |
| 2277 | current->uid, current->gid); | 2278 | current->uid, current->gid); |
| 2278 | selinux_get_task_sid(current, &sid); | 2279 | selinux_get_task_sid(current, &sid); |
| 2279 | if (sid) { | 2280 | if (sid) { |
diff --git a/net/core/dev.c b/net/core/dev.c index edaff2720e10..c0b69b3bb041 100644 --- a/net/core/dev.c +++ b/net/core/dev.c | |||
| @@ -2757,7 +2757,7 @@ static void __dev_set_promiscuity(struct net_device *dev, int inc) | |||
| 2757 | "dev=%s prom=%d old_prom=%d auid=%u", | 2757 | "dev=%s prom=%d old_prom=%d auid=%u", |
| 2758 | dev->name, (dev->flags & IFF_PROMISC), | 2758 | dev->name, (dev->flags & IFF_PROMISC), |
| 2759 | (old_flags & IFF_PROMISC), | 2759 | (old_flags & IFF_PROMISC), |
| 2760 | audit_get_loginuid(current->audit_context)); | 2760 | audit_get_loginuid(current)); |
| 2761 | 2761 | ||
| 2762 | if (dev->change_rx_flags) | 2762 | if (dev->change_rx_flags) |
| 2763 | dev->change_rx_flags(dev, IFF_PROMISC); | 2763 | dev->change_rx_flags(dev, IFF_PROMISC); |
diff --git a/net/key/af_key.c b/net/key/af_key.c index 16b72b5570c3..45c3c27d279a 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c | |||
| @@ -1466,7 +1466,7 @@ static int pfkey_add(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, | |||
| 1466 | err = xfrm_state_update(x); | 1466 | err = xfrm_state_update(x); |
| 1467 | 1467 | ||
| 1468 | xfrm_audit_state_add(x, err ? 0 : 1, | 1468 | xfrm_audit_state_add(x, err ? 0 : 1, |
| 1469 | audit_get_loginuid(current->audit_context), 0); | 1469 | audit_get_loginuid(current), 0); |
| 1470 | 1470 | ||
| 1471 | if (err < 0) { | 1471 | if (err < 0) { |
| 1472 | x->km.state = XFRM_STATE_DEAD; | 1472 | x->km.state = XFRM_STATE_DEAD; |
| @@ -1520,7 +1520,7 @@ static int pfkey_delete(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h | |||
| 1520 | km_state_notify(x, &c); | 1520 | km_state_notify(x, &c); |
| 1521 | out: | 1521 | out: |
| 1522 | xfrm_audit_state_delete(x, err ? 0 : 1, | 1522 | xfrm_audit_state_delete(x, err ? 0 : 1, |
| 1523 | audit_get_loginuid(current->audit_context), 0); | 1523 | audit_get_loginuid(current), 0); |
| 1524 | xfrm_state_put(x); | 1524 | xfrm_state_put(x); |
| 1525 | 1525 | ||
| 1526 | return err; | 1526 | return err; |
| @@ -1695,7 +1695,7 @@ static int pfkey_flush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hd | |||
| 1695 | if (proto == 0) | 1695 | if (proto == 0) |
| 1696 | return -EINVAL; | 1696 | return -EINVAL; |
| 1697 | 1697 | ||
| 1698 | audit_info.loginuid = audit_get_loginuid(current->audit_context); | 1698 | audit_info.loginuid = audit_get_loginuid(current); |
| 1699 | audit_info.secid = 0; | 1699 | audit_info.secid = 0; |
| 1700 | err = xfrm_state_flush(proto, &audit_info); | 1700 | err = xfrm_state_flush(proto, &audit_info); |
| 1701 | if (err) | 1701 | if (err) |
| @@ -2273,7 +2273,7 @@ static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h | |||
| 2273 | hdr->sadb_msg_type != SADB_X_SPDUPDATE); | 2273 | hdr->sadb_msg_type != SADB_X_SPDUPDATE); |
| 2274 | 2274 | ||
| 2275 | xfrm_audit_policy_add(xp, err ? 0 : 1, | 2275 | xfrm_audit_policy_add(xp, err ? 0 : 1, |
| 2276 | audit_get_loginuid(current->audit_context), 0); | 2276 | audit_get_loginuid(current), 0); |
| 2277 | 2277 | ||
| 2278 | if (err) | 2278 | if (err) |
| 2279 | goto out; | 2279 | goto out; |
| @@ -2356,7 +2356,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg | |||
| 2356 | return -ENOENT; | 2356 | return -ENOENT; |
| 2357 | 2357 | ||
| 2358 | xfrm_audit_policy_delete(xp, err ? 0 : 1, | 2358 | xfrm_audit_policy_delete(xp, err ? 0 : 1, |
| 2359 | audit_get_loginuid(current->audit_context), 0); | 2359 | audit_get_loginuid(current), 0); |
| 2360 | 2360 | ||
| 2361 | if (err) | 2361 | if (err) |
| 2362 | goto out; | 2362 | goto out; |
| @@ -2617,7 +2617,7 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h | |||
| 2617 | 2617 | ||
| 2618 | if (delete) { | 2618 | if (delete) { |
| 2619 | xfrm_audit_policy_delete(xp, err ? 0 : 1, | 2619 | xfrm_audit_policy_delete(xp, err ? 0 : 1, |
| 2620 | audit_get_loginuid(current->audit_context), 0); | 2620 | audit_get_loginuid(current), 0); |
| 2621 | 2621 | ||
| 2622 | if (err) | 2622 | if (err) |
| 2623 | goto out; | 2623 | goto out; |
| @@ -2694,7 +2694,7 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg | |||
| 2694 | struct xfrm_audit audit_info; | 2694 | struct xfrm_audit audit_info; |
| 2695 | int err; | 2695 | int err; |
| 2696 | 2696 | ||
| 2697 | audit_info.loginuid = audit_get_loginuid(current->audit_context); | 2697 | audit_info.loginuid = audit_get_loginuid(current); |
| 2698 | audit_info.secid = 0; | 2698 | audit_info.secid = 0; |
| 2699 | err = xfrm_policy_flush(XFRM_POLICY_TYPE_MAIN, &audit_info); | 2699 | err = xfrm_policy_flush(XFRM_POLICY_TYPE_MAIN, &audit_info); |
| 2700 | if (err) | 2700 | if (err) |
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index ff9fb6ba0c5c..1ab0da2632e1 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c | |||
| @@ -1238,7 +1238,7 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock, | |||
| 1238 | 1238 | ||
| 1239 | NETLINK_CB(skb).pid = nlk->pid; | 1239 | NETLINK_CB(skb).pid = nlk->pid; |
| 1240 | NETLINK_CB(skb).dst_group = dst_group; | 1240 | NETLINK_CB(skb).dst_group = dst_group; |
| 1241 | NETLINK_CB(skb).loginuid = audit_get_loginuid(current->audit_context); | 1241 | NETLINK_CB(skb).loginuid = audit_get_loginuid(current); |
| 1242 | selinux_get_task_sid(current, &(NETLINK_CB(skb).sid)); | 1242 | selinux_get_task_sid(current, &(NETLINK_CB(skb).sid)); |
| 1243 | memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred)); | 1243 | memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred)); |
| 1244 | 1244 | ||
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 3ff76e84d548..7ba65e82941c 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c | |||
| @@ -493,7 +493,7 @@ expired: | |||
| 493 | km_state_expired(x, 1, 0); | 493 | km_state_expired(x, 1, 0); |
| 494 | 494 | ||
| 495 | xfrm_audit_state_delete(x, err ? 0 : 1, | 495 | xfrm_audit_state_delete(x, err ? 0 : 1, |
| 496 | audit_get_loginuid(current->audit_context), 0); | 496 | audit_get_loginuid(current), 0); |
| 497 | 497 | ||
| 498 | out: | 498 | out: |
| 499 | spin_unlock(&x->lock); | 499 | spin_unlock(&x->lock); |
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index a85740530afc..bee969432979 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c | |||
| @@ -174,7 +174,7 @@ static ssize_t sel_write_enforce(struct file * file, const char __user * buf, | |||
| 174 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, | 174 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, |
| 175 | "enforcing=%d old_enforcing=%d auid=%u", new_value, | 175 | "enforcing=%d old_enforcing=%d auid=%u", new_value, |
| 176 | selinux_enforcing, | 176 | selinux_enforcing, |
| 177 | audit_get_loginuid(current->audit_context)); | 177 | audit_get_loginuid(current)); |
| 178 | selinux_enforcing = new_value; | 178 | selinux_enforcing = new_value; |
| 179 | if (selinux_enforcing) | 179 | if (selinux_enforcing) |
| 180 | avc_ss_reset(0); | 180 | avc_ss_reset(0); |
| @@ -244,7 +244,7 @@ static ssize_t sel_write_disable(struct file * file, const char __user * buf, | |||
| 244 | goto out; | 244 | goto out; |
| 245 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, | 245 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, |
| 246 | "selinux=0 auid=%u", | 246 | "selinux=0 auid=%u", |
| 247 | audit_get_loginuid(current->audit_context)); | 247 | audit_get_loginuid(current)); |
| 248 | } | 248 | } |
| 249 | 249 | ||
| 250 | length = count; | 250 | length = count; |
| @@ -357,7 +357,7 @@ out1: | |||
| 357 | 357 | ||
| 358 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, | 358 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, |
| 359 | "policy loaded auid=%u", | 359 | "policy loaded auid=%u", |
| 360 | audit_get_loginuid(current->audit_context)); | 360 | audit_get_loginuid(current)); |
| 361 | out: | 361 | out: |
| 362 | mutex_unlock(&sel_mutex); | 362 | mutex_unlock(&sel_mutex); |
| 363 | vfree(data); | 363 | vfree(data); |
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 880d455aa659..819a6f91e801 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
| @@ -1909,7 +1909,7 @@ int security_set_bools(int len, int *values) | |||
| 1909 | policydb.p_bool_val_to_name[i], | 1909 | policydb.p_bool_val_to_name[i], |
| 1910 | !!values[i], | 1910 | !!values[i], |
| 1911 | policydb.bool_val_to_struct[i]->state, | 1911 | policydb.bool_val_to_struct[i]->state, |
| 1912 | audit_get_loginuid(current->audit_context)); | 1912 | audit_get_loginuid(current)); |
| 1913 | } | 1913 | } |
| 1914 | if (values[i]) { | 1914 | if (values[i]) { |
| 1915 | policydb.bool_val_to_struct[i]->state = 1; | 1915 | policydb.bool_val_to_struct[i]->state = 1; |