5 files changed, 52 insertions, 83 deletions
diff --git a/drivers/tty/tty_audit.c b/drivers/tty/tty_audit.c
index 6953dc82850c..1e4e9f30ea09 100644
--- a/drivers/tty/tty_audit.c
+++ b/drivers/tty/tty_audit.c
@@ -202,10 +202,12 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
 * reference to the tty audit buffer if available.
 * Flush the buffer or return an appropriate error code.
 */
-int tty_audit_push_task(struct task_struct *tsk, kuid_t loginuid, u32 sessionid)
+int tty_audit_push_task(struct task_struct *tsk)
 {
        struct tty_audit_buf *buf = ERR_PTR(-EPERM);
        unsigned long flags;
+        kuid_t loginuid = audit_get_loginuid(tsk);
+        u32 sessionid = audit_get_sessionid(tsk);
        if (!lock_task_sighand(tsk, &flags))
                return -ESRCH;
diff --git a/include/linux/audit.h b/include/linux/audit.h
index b26d7f121ac5..a3a50cca1efb 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -441,8 +441,7 @@ extern int		    audit_update_lsm_rules(void);
 extern int audit_filter_user(int type);
 extern int audit_filter_type(int type);
 extern int  audit_receive_filter(int type, int pid, int seq,
-                                void *data, size_t datasz, kuid_t loginuid,
+                                void *data, size_t datasz);
-                                u32 sessionid, u32 sid);
 extern int audit_enabled;
 #else /* CONFIG_AUDIT */
 static inline __printf(4, 5)
diff --git a/include/linux/tty.h b/include/linux/tty.h
index 8db1b569c37a..78e378b3971c 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -517,8 +517,7 @@ extern void tty_audit_exit(void);
 extern void tty_audit_fork(struct signal_struct *sig);
 extern void tty_audit_tiocsti(struct tty_struct *tty, char ch);
 extern void tty_audit_push(struct tty_struct *tty);
-extern int tty_audit_push_task(struct task_struct *tsk,
+extern int tty_audit_push_task(struct task_struct *tsk);
-                               kuid_t loginuid, u32 sessionid);
 #else
 static inline void tty_audit_add_data(struct tty_struct *tty,
                unsigned char *data, size_t size, unsigned icanon)
@@ -536,8 +535,7 @@ static inline void tty_audit_fork(struct signal_struct *sig)
 static inline void tty_audit_push(struct tty_struct *tty)
 {
 }
-static inline int tty_audit_push_task(struct task_struct *tsk,
+static inline int tty_audit_push_task(struct task_struct *tsk)
-                                      kuid_t loginuid, u32 sessionid)
 {
        return 0;
 }
diff --git a/kernel/audit.c b/kernel/audit.c
index 274882d308d3..bf1e1330cbb1 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -265,17 +265,22 @@ void audit_log_lost(const char *message)
 }
 static int audit_log_config_change(char *function_name, int new, int old,
-                                   kuid_t loginuid, u32 sessionid, u32 sid,
                                   int allow_changes)
 {
        struct audit_buffer *ab;
        int rc = 0;
+        u32 sessionid = audit_get_sessionid(current);
+        uid_t auid = from_kuid(&init_user_ns, audit_get_loginuid(current));
+        u32 sid;
        ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
        if (unlikely(!ab))
                return rc;
        audit_log_format(ab, "%s=%d old=%d auid=%u ses=%u", function_name, new,
-                         old, from_kuid(&init_user_ns, loginuid), sessionid);
+                         old, auid, sessionid);
+        security_task_getsecid(current, &sid);
        if (sid) {
                char *ctx = NULL;
                u32 len;
@@ -294,9 +299,7 @@ static int audit_log_config_change(char *function_name, int new, int old,
        return rc;
 }
-static int audit_do_config_change(char *function_name, int *to_change,
+static int audit_do_config_change(char *function_name, int *to_change, int new)
-                                  int new, kuid_t loginuid, u32 sessionid,
-                                  u32 sid)
 {
        int allow_changes, rc = 0, old = *to_change;
@@ -307,8 +310,7 @@ static int audit_do_config_change(char *function_name, int *to_change,
                allow_changes = 1;
        if (audit_enabled != AUDIT_OFF) {
-                rc = audit_log_config_change(function_name, new, old, loginuid,
+                rc = audit_log_config_change(function_name, new, old, allow_changes);
-                                             sessionid, sid, allow_changes);
                if (rc)
                        allow_changes = 0;
        }
@@ -322,44 +324,37 @@ static int audit_do_config_change(char *function_name, int *to_change,
        return rc;
 }
-static int audit_set_rate_limit(int limit, kuid_t loginuid, u32 sessionid,
+static int audit_set_rate_limit(int limit)
-                                u32 sid)
 {
-        return audit_do_config_change("audit_rate_limit", &audit_rate_limit,
+        return audit_do_config_change("audit_rate_limit", &audit_rate_limit, limit);
-                                      limit, loginuid, sessionid, sid);
 }
-static int audit_set_backlog_limit(int limit, kuid_t loginuid, u32 sessionid,
+static int audit_set_backlog_limit(int limit)
-                                   u32 sid)
 {
-        return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit,
+        return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit, limit);
-                                      limit, loginuid, sessionid, sid);
 }
-static int audit_set_enabled(int state, kuid_t loginuid, u32 sessionid, u32 sid)
+static int audit_set_enabled(int state)
 {
        int rc;
        if (state < AUDIT_OFF || state > AUDIT_LOCKED)
                return -EINVAL;
-        rc =  audit_do_config_change("audit_enabled", &audit_enabled, state,
+        rc =  audit_do_config_change("audit_enabled", &audit_enabled, state);
-                                     loginuid, sessionid, sid);
        if (!rc)
                audit_ever_enabled |= !!state;
        return rc;
 }
-static int audit_set_failure(int state, kuid_t loginuid, u32 sessionid, u32 sid)
+static int audit_set_failure(int state)
 {
        if (state != AUDIT_FAIL_SILENT
            && state != AUDIT_FAIL_PRINTK
            && state != AUDIT_FAIL_PANIC)
                return -EINVAL;
-        return audit_do_config_change("audit_failure", &audit_failure, state,
+        return audit_do_config_change("audit_failure", &audit_failure, state);
-                                      loginuid, sessionid, sid);
 }
 /*
@@ -627,12 +622,15 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
        return err;
 }
-static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
+static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type)
-                                     kuid_t auid, u32 ses, u32 sid)
 {
        int rc = 0;
        char *ctx = NULL;
        u32 len;
+        u32 sessionid = audit_get_sessionid(current);
+        uid_t uid = from_kuid(&init_user_ns, current_uid());
+        uid_t auid = from_kuid(&init_user_ns, audit_get_loginuid(current));
+        u32 sid;
        if (!audit_enabled) {
                *ab = NULL;
@@ -643,9 +641,8 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
        if (unlikely(!*ab))
                return rc;
        audit_log_format(*ab, "pid=%d uid=%u auid=%u ses=%u",
-                         task_tgid_vnr(current),
+                         task_tgid_vnr(current), uid, auid, sessionid);
-                         from_kuid(&init_user_ns, current_uid()),
+        security_task_getsecid(current, &sid);
-                         from_kuid(&init_user_ns, auid), ses);
        if (sid) {
                rc = security_secid_to_secctx(sid, &ctx, &len);
                if (rc)
@@ -661,14 +658,12 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
 static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
 {
-        u32                     seq, sid;
+        u32                     seq;
        void                    *data;
        struct audit_status     *status_get, status_set;
        int                     err;
        struct audit_buffer     *ab;
        u16                     msg_type = nlh->nlmsg_type;
-        kuid_t                  loginuid; /* loginuid of sender */
-        u32                     sessionid;
        struct audit_sig_info   *sig_data;
        char                    *ctx = NULL;
        u32                     len;
@@ -677,9 +672,6 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
        if (err)
                return err;
-        loginuid = audit_get_loginuid(current);
-        sessionid = audit_get_sessionid(current);
-        security_task_getsecid(current, &sid);
        seq  = nlh->nlmsg_seq;
        data = nlmsg_data(nlh);
@@ -700,14 +692,12 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                        return -EINVAL;
                status_get   = (struct audit_status *)data;
                if (status_get->mask & AUDIT_STATUS_ENABLED) {
-                        err = audit_set_enabled(status_get->enabled,
+                        err = audit_set_enabled(status_get->enabled);
-                                                loginuid, sessionid, sid);
                        if (err < 0)
                                return err;
                }
                if (status_get->mask & AUDIT_STATUS_FAILURE) {
-                        err = audit_set_failure(status_get->failure,
+                        err = audit_set_failure(status_get->failure);
-                                                loginuid, sessionid, sid);
                        if (err < 0)
                                return err;
                }
@@ -715,22 +705,17 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                        int new_pid = status_get->pid;
                        if (audit_enabled != AUDIT_OFF)
-                                audit_log_config_change("audit_pid", new_pid,
+                                audit_log_config_change("audit_pid", new_pid, audit_pid, 1);
-                                                        audit_pid, loginuid,
-                                                        sessionid, sid, 1);
                        audit_pid = new_pid;
                        audit_nlk_portid = NETLINK_CB(skb).portid;
                }
                if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {
-                        err = audit_set_rate_limit(status_get->rate_limit,
+                        err = audit_set_rate_limit(status_get->rate_limit);
-                                                   loginuid, sessionid, sid);
                        if (err < 0)
                                return err;
                }
                if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
-                        err = audit_set_backlog_limit(status_get->backlog_limit,
+                        err = audit_set_backlog_limit(status_get->backlog_limit);
-                                                      loginuid, sessionid, sid);
                break;
        case AUDIT_USER:
        case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:
@@ -742,14 +727,11 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                if (err == 1) {
                        err = 0;
                        if (msg_type == AUDIT_USER_TTY) {
-                                err = tty_audit_push_task(current, loginuid,
+                                err = tty_audit_push_task(current);
-                                                             sessionid);
                                if (err)
                                        break;
                        }
-                        audit_log_common_recv_msg(&ab, msg_type,
+                        audit_log_common_recv_msg(&ab, msg_type);
-                                                  loginuid, sessionid, sid);
                        if (msg_type != AUDIT_USER_TTY)
                                audit_log_format(ab, " msg='%.1024s'",
                                                 (char *)data);
@@ -772,26 +754,19 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                if (nlmsg_len(nlh) < sizeof(struct audit_rule_data))
                        return -EINVAL;
                if (audit_enabled == AUDIT_LOCKED) {
-                        audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
+                        audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
-                                                  loginuid, sessionid, sid);
+                        audit_log_format(ab, " audit_enabled=%d res=0", audit_enabled);
-                        audit_log_format(ab, " audit_enabled=%d res=0",
-                                         audit_enabled);
                        audit_log_end(ab);
                        return -EPERM;
                }
                /* fallthrough */
        case AUDIT_LIST_RULES:
                err = audit_receive_filter(msg_type, NETLINK_CB(skb).portid,
-                                           seq, data, nlmsg_len(nlh),
+                                           seq, data, nlmsg_len(nlh));
-                                           loginuid, sessionid, sid);
                break;
        case AUDIT_TRIM:
                audit_trim_trees();
+                audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
-                audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
-                                          loginuid, sessionid, sid);
                audit_log_format(ab, " op=trim res=1");
                audit_log_end(ab);
                break;
@@ -821,8 +796,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                /* OK, here comes... */
                err = audit_tag_tree(old, new);
-                audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
+                audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
-                                          loginuid, sessionid, sid);
                audit_log_format(ab, " op=make_equiv old=");
                audit_log_untrustedstring(ab, old);
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index ee9af6533327..f952234da2ca 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -980,11 +980,12 @@ static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
 }
 /* Log rule additions and removals */
-static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
+static void audit_log_rule_change(char *action, struct audit_krule *rule, int res)
-                                  char *action, struct audit_krule *rule,
-                                  int res)
 {
        struct audit_buffer *ab;
+        uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(current));
+        u32 sessionid = audit_get_sessionid(current);
+        u32 sid;
        if (!audit_enabled)
                return;
@@ -992,8 +993,8 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
        ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
        if (!ab)
                return;
-        audit_log_format(ab, "auid=%u ses=%u",
+        audit_log_format(ab, "auid=%u ses=%u" ,loginuid, sessionid);
-                         from_kuid(&init_user_ns, loginuid), sessionid);
+        security_task_getsecid(current, &sid);
        if (sid) {
                char *ctx = NULL;
                u32 len;
@@ -1022,8 +1023,7 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
 * @sessionid: sessionid for netlink audit message
 * @sid: SE Linux Security ID of sender
 */
-int audit_receive_filter(int type, int pid, int seq, void *data,
+int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz)
-                         size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid)
 {
        struct task_struct *tsk;
        struct audit_netlink_list *dest;
@@ -1061,9 +1061,7 @@ int audit_receive_filter(int type, int pid, int seq, void *data,
                        return PTR_ERR(entry);
                err = audit_add_rule(entry);
-                audit_log_rule_change(loginuid, sessionid, sid, "add rule",
+                audit_log_rule_change("add rule", &entry->rule, !err);
-                                      &entry->rule, !err);
                if (err)
                        audit_free_rule(entry);
                break;
@@ -1073,9 +1071,7 @@ int audit_receive_filter(int type, int pid, int seq, void *data,
                        return PTR_ERR(entry);
                err = audit_del_rule(entry);
-                audit_log_rule_change(loginuid, sessionid, sid, "remove rule",
+                audit_log_rule_change("remove rule", &entry->rule, !err);
-                                      &entry->rule, !err);
                audit_free_rule(entry);
                break;
        default:

diff --git a/drivers/tty/tty_audit.c b/drivers/tty/tty_audit.c index 6953dc82850c..1e4e9f30ea09 100644 --- a/drivers/tty/tty_audit.c +++ b/drivers/tty/tty_audit.c
@@ -202,10 +202,12 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
202	* reference to the tty audit buffer if available.	202	* reference to the tty audit buffer if available.
203	* Flush the buffer or return an appropriate error code.	203	* Flush the buffer or return an appropriate error code.
204	*/	204	*/
205	int tty_audit_push_task(struct task_struct *tsk, kuid_t loginuid, u32 sessionid)	205	int tty_audit_push_task(struct task_struct *tsk)
206	{	206	{
207	struct tty_audit_buf *buf = ERR_PTR(-EPERM);	207	struct tty_audit_buf *buf = ERR_PTR(-EPERM);
208	unsigned long flags;	208	unsigned long flags;
		209	kuid_t loginuid = audit_get_loginuid(tsk);
		210	u32 sessionid = audit_get_sessionid(tsk);
209		211
210	if (!lock_task_sighand(tsk, &flags))	212	if (!lock_task_sighand(tsk, &flags))
211	return -ESRCH;	213	return -ESRCH;


diff --git a/include/linux/audit.h b/include/linux/audit.h index b26d7f121ac5..a3a50cca1efb 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -441,8 +441,7 @@ extern int audit_update_lsm_rules(void);
441	extern int audit_filter_user(int type);	441	extern int audit_filter_user(int type);
442	extern int audit_filter_type(int type);	442	extern int audit_filter_type(int type);
443	extern int audit_receive_filter(int type, int pid, int seq,	443	extern int audit_receive_filter(int type, int pid, int seq,
444	void *data, size_t datasz, kuid_t loginuid,	444	void *data, size_t datasz);
445	u32 sessionid, u32 sid);
446	extern int audit_enabled;	445	extern int audit_enabled;
447	#else /* CONFIG_AUDIT */	446	#else /* CONFIG_AUDIT */
448	static inline __printf(4, 5)	447	static inline __printf(4, 5)


diff --git a/include/linux/tty.h b/include/linux/tty.h index 8db1b569c37a..78e378b3971c 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h
@@ -517,8 +517,7 @@ extern void tty_audit_exit(void);
517	extern void tty_audit_fork(struct signal_struct *sig);	517	extern void tty_audit_fork(struct signal_struct *sig);
518	extern void tty_audit_tiocsti(struct tty_struct *tty, char ch);	518	extern void tty_audit_tiocsti(struct tty_struct *tty, char ch);
519	extern void tty_audit_push(struct tty_struct *tty);	519	extern void tty_audit_push(struct tty_struct *tty);
520	extern int tty_audit_push_task(struct task_struct *tsk,	520	extern int tty_audit_push_task(struct task_struct *tsk);
521	kuid_t loginuid, u32 sessionid);
522	#else	521	#else
523	static inline void tty_audit_add_data(struct tty_struct *tty,	522	static inline void tty_audit_add_data(struct tty_struct *tty,
524	unsigned char *data, size_t size, unsigned icanon)	523	unsigned char *data, size_t size, unsigned icanon)
@@ -536,8 +535,7 @@ static inline void tty_audit_fork(struct signal_struct *sig)
536	static inline void tty_audit_push(struct tty_struct *tty)	535	static inline void tty_audit_push(struct tty_struct *tty)
537	{	536	{
538	}	537	}
539	static inline int tty_audit_push_task(struct task_struct *tsk,	538	static inline int tty_audit_push_task(struct task_struct *tsk)
540	kuid_t loginuid, u32 sessionid)
541	{	539	{
542	return 0;	540	return 0;
543	}	541	}


diff --git a/kernel/audit.c b/kernel/audit.c index 274882d308d3..bf1e1330cbb1 100644 --- a/kernel/audit.c +++ b/kernel/audit.c
@@ -265,17 +265,22 @@ void audit_log_lost(const char *message)
265	}	265	}
266		266
267	static int audit_log_config_change(char *function_name, int new, int old,	267	static int audit_log_config_change(char *function_name, int new, int old,
268	kuid_t loginuid, u32 sessionid, u32 sid,
269	int allow_changes)	268	int allow_changes)
270	{	269	{
271	struct audit_buffer *ab;	270	struct audit_buffer *ab;
272	int rc = 0;	271	int rc = 0;
		272	u32 sessionid = audit_get_sessionid(current);
		273	uid_t auid = from_kuid(&init_user_ns, audit_get_loginuid(current));
		274	u32 sid;
		275
273		276
274	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);	277	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
275	if (unlikely(!ab))	278	if (unlikely(!ab))
276	return rc;	279	return rc;
277	audit_log_format(ab, "%s=%d old=%d auid=%u ses=%u", function_name, new,	280	audit_log_format(ab, "%s=%d old=%d auid=%u ses=%u", function_name, new,
278	old, from_kuid(&init_user_ns, loginuid), sessionid);	281	old, auid, sessionid);
		282
		283	security_task_getsecid(current, &sid);
279	if (sid) {	284	if (sid) {
280	char *ctx = NULL;	285	char *ctx = NULL;
281	u32 len;	286	u32 len;
@@ -294,9 +299,7 @@ static int audit_log_config_change(char *function_name, int new, int old,
294	return rc;	299	return rc;
295	}	300	}
296		301
297	static int audit_do_config_change(char function_name, int to_change,	302	static int audit_do_config_change(char function_name, int to_change, int new)
298	int new, kuid_t loginuid, u32 sessionid,
299	u32 sid)
300	{	303	{
301	int allow_changes, rc = 0, old = *to_change;	304	int allow_changes, rc = 0, old = *to_change;
302		305
@@ -307,8 +310,7 @@ static int audit_do_config_change(char function_name, int to_change,
307	allow_changes = 1;	310	allow_changes = 1;
308		311
309	if (audit_enabled != AUDIT_OFF) {	312	if (audit_enabled != AUDIT_OFF) {
310	rc = audit_log_config_change(function_name, new, old, loginuid,	313	rc = audit_log_config_change(function_name, new, old, allow_changes);
311	sessionid, sid, allow_changes);
312	if (rc)	314	if (rc)
313	allow_changes = 0;	315	allow_changes = 0;
314	}	316	}
@@ -322,44 +324,37 @@ static int audit_do_config_change(char function_name, int to_change,
322	return rc;	324	return rc;
323	}	325	}
324		326
325	static int audit_set_rate_limit(int limit, kuid_t loginuid, u32 sessionid,	327	static int audit_set_rate_limit(int limit)
326	u32 sid)
327	{	328	{
328	return audit_do_config_change("audit_rate_limit", &audit_rate_limit,	329	return audit_do_config_change("audit_rate_limit", &audit_rate_limit, limit);
329	limit, loginuid, sessionid, sid);
330	}	330	}
331		331
332	static int audit_set_backlog_limit(int limit, kuid_t loginuid, u32 sessionid,	332	static int audit_set_backlog_limit(int limit)
333	u32 sid)
334	{	333	{
335	return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit,	334	return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit, limit);
336	limit, loginuid, sessionid, sid);
337	}	335	}
338		336
339	static int audit_set_enabled(int state, kuid_t loginuid, u32 sessionid, u32 sid)	337	static int audit_set_enabled(int state)
340	{	338	{
341	int rc;	339	int rc;
342	if (state < AUDIT_OFF \|\| state > AUDIT_LOCKED)	340	if (state < AUDIT_OFF \|\| state > AUDIT_LOCKED)
343	return -EINVAL;	341	return -EINVAL;
344		342
345	rc = audit_do_config_change("audit_enabled", &audit_enabled, state,	343	rc = audit_do_config_change("audit_enabled", &audit_enabled, state);
346	loginuid, sessionid, sid);
347
348	if (!rc)	344	if (!rc)
349	audit_ever_enabled \|= !!state;	345	audit_ever_enabled \|= !!state;
350		346
351	return rc;	347	return rc;
352	}	348	}
353		349
354	static int audit_set_failure(int state, kuid_t loginuid, u32 sessionid, u32 sid)	350	static int audit_set_failure(int state)
355	{	351	{
356	if (state != AUDIT_FAIL_SILENT	352	if (state != AUDIT_FAIL_SILENT
357	&& state != AUDIT_FAIL_PRINTK	353	&& state != AUDIT_FAIL_PRINTK
358	&& state != AUDIT_FAIL_PANIC)	354	&& state != AUDIT_FAIL_PANIC)
359	return -EINVAL;	355	return -EINVAL;
360		356
361	return audit_do_config_change("audit_failure", &audit_failure, state,	357	return audit_do_config_change("audit_failure", &audit_failure, state);
362	loginuid, sessionid, sid);
363	}	358	}
364		359
365	/*	360	/*
@@ -627,12 +622,15 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
627	return err;	622	return err;
628	}	623	}
629		624
630	static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,	625	static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type)
631	kuid_t auid, u32 ses, u32 sid)
632	{	626	{
633	int rc = 0;	627	int rc = 0;
634	char *ctx = NULL;	628	char *ctx = NULL;
635	u32 len;	629	u32 len;
		630	u32 sessionid = audit_get_sessionid(current);
		631	uid_t uid = from_kuid(&init_user_ns, current_uid());
		632	uid_t auid = from_kuid(&init_user_ns, audit_get_loginuid(current));
		633	u32 sid;
636		634
637	if (!audit_enabled) {	635	if (!audit_enabled) {
638	*ab = NULL;	636	*ab = NULL;
@@ -643,9 +641,8 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
643	if (unlikely(!*ab))	641	if (unlikely(!*ab))
644	return rc;	642	return rc;
645	audit_log_format(*ab, "pid=%d uid=%u auid=%u ses=%u",	643	audit_log_format(*ab, "pid=%d uid=%u auid=%u ses=%u",
646	task_tgid_vnr(current),	644	task_tgid_vnr(current), uid, auid, sessionid);
647	from_kuid(&init_user_ns, current_uid()),	645	security_task_getsecid(current, &sid);
648	from_kuid(&init_user_ns, auid), ses);
649	if (sid) {	646	if (sid) {
650	rc = security_secid_to_secctx(sid, &ctx, &len);	647	rc = security_secid_to_secctx(sid, &ctx, &len);
651	if (rc)	648	if (rc)
@@ -661,14 +658,12 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
661		658
662	static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)	659	static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
663	{	660	{
664	u32 seq, sid;	661	u32 seq;
665	void *data;	662	void *data;
666	struct audit_status *status_get, status_set;	663	struct audit_status *status_get, status_set;
667	int err;	664	int err;
668	struct audit_buffer *ab;	665	struct audit_buffer *ab;
669	u16 msg_type = nlh->nlmsg_type;	666	u16 msg_type = nlh->nlmsg_type;
670	kuid_t loginuid; /* loginuid of sender */
671	u32 sessionid;
672	struct audit_sig_info *sig_data;	667	struct audit_sig_info *sig_data;
673	char *ctx = NULL;	668	char *ctx = NULL;
674	u32 len;	669	u32 len;
@@ -677,9 +672,6 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
677	if (err)	672	if (err)
678	return err;	673	return err;
679		674
680	loginuid = audit_get_loginuid(current);
681	sessionid = audit_get_sessionid(current);
682	security_task_getsecid(current, &sid);
683	seq = nlh->nlmsg_seq;	675	seq = nlh->nlmsg_seq;
684	data = nlmsg_data(nlh);	676	data = nlmsg_data(nlh);
685		677
@@ -700,14 +692,12 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
700	return -EINVAL;	692	return -EINVAL;
701	status_get = (struct audit_status *)data;	693	status_get = (struct audit_status *)data;
702	if (status_get->mask & AUDIT_STATUS_ENABLED) {	694	if (status_get->mask & AUDIT_STATUS_ENABLED) {
703	err = audit_set_enabled(status_get->enabled,	695	err = audit_set_enabled(status_get->enabled);
704	loginuid, sessionid, sid);
705	if (err < 0)	696	if (err < 0)
706	return err;	697	return err;
707	}	698	}
708	if (status_get->mask & AUDIT_STATUS_FAILURE) {	699	if (status_get->mask & AUDIT_STATUS_FAILURE) {
709	err = audit_set_failure(status_get->failure,	700	err = audit_set_failure(status_get->failure);
710	loginuid, sessionid, sid);
711	if (err < 0)	701	if (err < 0)
712	return err;	702	return err;
713	}	703	}
@@ -715,22 +705,17 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
715	int new_pid = status_get->pid;	705	int new_pid = status_get->pid;
716		706
717	if (audit_enabled != AUDIT_OFF)	707	if (audit_enabled != AUDIT_OFF)
718	audit_log_config_change("audit_pid", new_pid,	708	audit_log_config_change("audit_pid", new_pid, audit_pid, 1);
719	audit_pid, loginuid,
720	sessionid, sid, 1);
721
722	audit_pid = new_pid;	709	audit_pid = new_pid;
723	audit_nlk_portid = NETLINK_CB(skb).portid;	710	audit_nlk_portid = NETLINK_CB(skb).portid;
724	}	711	}
725	if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {	712	if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {
726	err = audit_set_rate_limit(status_get->rate_limit,	713	err = audit_set_rate_limit(status_get->rate_limit);
727	loginuid, sessionid, sid);
728	if (err < 0)	714	if (err < 0)
729	return err;	715	return err;
730	}	716	}
731	if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)	717	if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
732	err = audit_set_backlog_limit(status_get->backlog_limit,	718	err = audit_set_backlog_limit(status_get->backlog_limit);
733	loginuid, sessionid, sid);
734	break;	719	break;
735	case AUDIT_USER:	720	case AUDIT_USER:
736	case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:	721	case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:
@@ -742,14 +727,11 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
742	if (err == 1) {	727	if (err == 1) {
743	err = 0;	728	err = 0;
744	if (msg_type == AUDIT_USER_TTY) {	729	if (msg_type == AUDIT_USER_TTY) {
745	err = tty_audit_push_task(current, loginuid,	730	err = tty_audit_push_task(current);
746	sessionid);
747	if (err)	731	if (err)
748	break;	732	break;
749	}	733	}
750	audit_log_common_recv_msg(&ab, msg_type,	734	audit_log_common_recv_msg(&ab, msg_type);
751	loginuid, sessionid, sid);
752
753	if (msg_type != AUDIT_USER_TTY)	735	if (msg_type != AUDIT_USER_TTY)
754	audit_log_format(ab, " msg='%.1024s'",	736	audit_log_format(ab, " msg='%.1024s'",
755	(char *)data);	737	(char *)data);
@@ -772,26 +754,19 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
772	if (nlmsg_len(nlh) < sizeof(struct audit_rule_data))	754	if (nlmsg_len(nlh) < sizeof(struct audit_rule_data))
773	return -EINVAL;	755	return -EINVAL;
774	if (audit_enabled == AUDIT_LOCKED) {	756	if (audit_enabled == AUDIT_LOCKED) {
775	audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,	757	audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
776	loginuid, sessionid, sid);	758	audit_log_format(ab, " audit_enabled=%d res=0", audit_enabled);
777
778	audit_log_format(ab, " audit_enabled=%d res=0",
779	audit_enabled);
780	audit_log_end(ab);	759	audit_log_end(ab);
781	return -EPERM;	760	return -EPERM;
782	}	761	}
783	/* fallthrough */	762	/* fallthrough */
784	case AUDIT_LIST_RULES:	763	case AUDIT_LIST_RULES:
785	err = audit_receive_filter(msg_type, NETLINK_CB(skb).portid,	764	err = audit_receive_filter(msg_type, NETLINK_CB(skb).portid,
786	seq, data, nlmsg_len(nlh),	765	seq, data, nlmsg_len(nlh));
787	loginuid, sessionid, sid);
788	break;	766	break;
789	case AUDIT_TRIM:	767	case AUDIT_TRIM:
790	audit_trim_trees();	768	audit_trim_trees();
791		769	audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
792	audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
793	loginuid, sessionid, sid);
794
795	audit_log_format(ab, " op=trim res=1");	770	audit_log_format(ab, " op=trim res=1");
796	audit_log_end(ab);	771	audit_log_end(ab);
797	break;	772	break;
@@ -821,8 +796,7 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
821	/* OK, here comes... */	796	/* OK, here comes... */
822	err = audit_tag_tree(old, new);	797	err = audit_tag_tree(old, new);
823		798
824	audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,	799	audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
825	loginuid, sessionid, sid);
826		800
827	audit_log_format(ab, " op=make_equiv old=");	801	audit_log_format(ab, " op=make_equiv old=");
828	audit_log_untrustedstring(ab, old);	802	audit_log_untrustedstring(ab, old);


diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index ee9af6533327..f952234da2ca 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c
@@ -980,11 +980,12 @@ static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
980	}	980	}
981		981
982	/* Log rule additions and removals */	982	/* Log rule additions and removals */
983	static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,	983	static void audit_log_rule_change(char action, struct audit_krule rule, int res)
984	char action, struct audit_krule rule,
985	int res)
986	{	984	{
987	struct audit_buffer *ab;	985	struct audit_buffer *ab;
		986	uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(current));
		987	u32 sessionid = audit_get_sessionid(current);
		988	u32 sid;
988		989
989	if (!audit_enabled)	990	if (!audit_enabled)
990	return;	991	return;
@@ -992,8 +993,8 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
992	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);	993	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
993	if (!ab)	994	if (!ab)
994	return;	995	return;
995	audit_log_format(ab, "auid=%u ses=%u",	996	audit_log_format(ab, "auid=%u ses=%u" ,loginuid, sessionid);
996	from_kuid(&init_user_ns, loginuid), sessionid);	997	security_task_getsecid(current, &sid);
997	if (sid) {	998	if (sid) {
998	char *ctx = NULL;	999	char *ctx = NULL;
999	u32 len;	1000	u32 len;
@@ -1022,8 +1023,7 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
1022	* @sessionid: sessionid for netlink audit message	1023	* @sessionid: sessionid for netlink audit message
1023	* @sid: SE Linux Security ID of sender	1024	* @sid: SE Linux Security ID of sender
1024	*/	1025	*/
1025	int audit_receive_filter(int type, int pid, int seq, void *data,	1026	int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz)
1026	size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid)
1027	{	1027	{
1028	struct task_struct *tsk;	1028	struct task_struct *tsk;
1029	struct audit_netlink_list *dest;	1029	struct audit_netlink_list *dest;
@@ -1061,9 +1061,7 @@ int audit_receive_filter(int type, int pid, int seq, void *data,
1061	return PTR_ERR(entry);	1061	return PTR_ERR(entry);
1062		1062
1063	err = audit_add_rule(entry);	1063	err = audit_add_rule(entry);
1064	audit_log_rule_change(loginuid, sessionid, sid, "add rule",	1064	audit_log_rule_change("add rule", &entry->rule, !err);
1065	&entry->rule, !err);
1066
1067	if (err)	1065	if (err)
1068	audit_free_rule(entry);	1066	audit_free_rule(entry);
1069	break;	1067	break;
@@ -1073,9 +1071,7 @@ int audit_receive_filter(int type, int pid, int seq, void *data,
1073	return PTR_ERR(entry);	1071	return PTR_ERR(entry);
1074		1072
1075	err = audit_del_rule(entry);	1073	err = audit_del_rule(entry);
1076	audit_log_rule_change(loginuid, sessionid, sid, "remove rule",	1074	audit_log_rule_change("remove rule", &entry->rule, !err);
1077	&entry->rule, !err);
1078
1079	audit_free_rule(entry);	1075	audit_free_rule(entry);
1080	break;	1076	break;
1081	default:	1077	default: