diff options
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/mqueue.c | 22 | ||||
| -rw-r--r-- | ipc/msg.c | 9 | ||||
| -rw-r--r-- | ipc/sem.c | 8 | ||||
| -rw-r--r-- | ipc/shm.c | 2 |
4 files changed, 33 insertions, 8 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 41ecbd440fed..1511714a9585 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c | |||
| @@ -8,6 +8,8 @@ | |||
| 8 | * Lockless receive & send, fd based notify: | 8 | * Lockless receive & send, fd based notify: |
| 9 | * Manfred Spraul (manfred@colorfullife.com) | 9 | * Manfred Spraul (manfred@colorfullife.com) |
| 10 | * | 10 | * |
| 11 | * Audit: George Wilson (ltcgcw@us.ibm.com) | ||
| 12 | * | ||
| 11 | * This file is released under the GPL. | 13 | * This file is released under the GPL. |
| 12 | */ | 14 | */ |
| 13 | 15 | ||
| @@ -24,6 +26,7 @@ | |||
| 24 | #include <linux/skbuff.h> | 26 | #include <linux/skbuff.h> |
| 25 | #include <linux/netlink.h> | 27 | #include <linux/netlink.h> |
| 26 | #include <linux/syscalls.h> | 28 | #include <linux/syscalls.h> |
| 29 | #include <linux/audit.h> | ||
| 27 | #include <linux/signal.h> | 30 | #include <linux/signal.h> |
| 28 | #include <linux/mutex.h> | 31 | #include <linux/mutex.h> |
| 29 | 32 | ||
| @@ -657,6 +660,10 @@ asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode, | |||
| 657 | char *name; | 660 | char *name; |
| 658 | int fd, error; | 661 | int fd, error; |
| 659 | 662 | ||
| 663 | error = audit_mq_open(oflag, mode, u_attr); | ||
| 664 | if (error != 0) | ||
| 665 | return error; | ||
| 666 | |||
| 660 | if (IS_ERR(name = getname(u_name))) | 667 | if (IS_ERR(name = getname(u_name))) |
| 661 | return PTR_ERR(name); | 668 | return PTR_ERR(name); |
| 662 | 669 | ||
| @@ -814,6 +821,10 @@ asmlinkage long sys_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr, | |||
| 814 | long timeout; | 821 | long timeout; |
| 815 | int ret; | 822 | int ret; |
| 816 | 823 | ||
| 824 | ret = audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout); | ||
| 825 | if (ret != 0) | ||
| 826 | return ret; | ||
| 827 | |||
| 817 | if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX)) | 828 | if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX)) |
| 818 | return -EINVAL; | 829 | return -EINVAL; |
| 819 | 830 | ||
| @@ -896,6 +907,10 @@ asmlinkage ssize_t sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr, | |||
| 896 | struct mqueue_inode_info *info; | 907 | struct mqueue_inode_info *info; |
| 897 | struct ext_wait_queue wait; | 908 | struct ext_wait_queue wait; |
| 898 | 909 | ||
| 910 | ret = audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout); | ||
| 911 | if (ret != 0) | ||
| 912 | return ret; | ||
| 913 | |||
| 899 | timeout = prepare_timeout(u_abs_timeout); | 914 | timeout = prepare_timeout(u_abs_timeout); |
| 900 | 915 | ||
| 901 | ret = -EBADF; | 916 | ret = -EBADF; |
| @@ -975,6 +990,10 @@ asmlinkage long sys_mq_notify(mqd_t mqdes, | |||
| 975 | struct mqueue_inode_info *info; | 990 | struct mqueue_inode_info *info; |
| 976 | struct sk_buff *nc; | 991 | struct sk_buff *nc; |
| 977 | 992 | ||
| 993 | ret = audit_mq_notify(mqdes, u_notification); | ||
| 994 | if (ret != 0) | ||
| 995 | return ret; | ||
| 996 | |||
| 978 | nc = NULL; | 997 | nc = NULL; |
| 979 | sock = NULL; | 998 | sock = NULL; |
| 980 | if (u_notification != NULL) { | 999 | if (u_notification != NULL) { |
| @@ -1115,6 +1134,9 @@ asmlinkage long sys_mq_getsetattr(mqd_t mqdes, | |||
| 1115 | omqstat = info->attr; | 1134 | omqstat = info->attr; |
| 1116 | omqstat.mq_flags = filp->f_flags & O_NONBLOCK; | 1135 | omqstat.mq_flags = filp->f_flags & O_NONBLOCK; |
| 1117 | if (u_mqstat) { | 1136 | if (u_mqstat) { |
| 1137 | ret = audit_mq_getsetattr(mqdes, &mqstat); | ||
| 1138 | if (ret != 0) | ||
| 1139 | goto out; | ||
| 1118 | if (mqstat.mq_flags & O_NONBLOCK) | 1140 | if (mqstat.mq_flags & O_NONBLOCK) |
| 1119 | filp->f_flags |= O_NONBLOCK; | 1141 | filp->f_flags |= O_NONBLOCK; |
| 1120 | else | 1142 | else |
| @@ -454,6 +454,11 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 454 | err = audit_ipc_obj(ipcp); | 454 | err = audit_ipc_obj(ipcp); |
| 455 | if (err) | 455 | if (err) |
| 456 | goto out_unlock_up; | 456 | goto out_unlock_up; |
| 457 | if (cmd==IPC_SET) { | ||
| 458 | err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode); | ||
| 459 | if (err) | ||
| 460 | goto out_unlock_up; | ||
| 461 | } | ||
| 457 | 462 | ||
| 458 | err = -EPERM; | 463 | err = -EPERM; |
| 459 | if (current->euid != ipcp->cuid && | 464 | if (current->euid != ipcp->cuid && |
| @@ -468,10 +473,6 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 468 | switch (cmd) { | 473 | switch (cmd) { |
| 469 | case IPC_SET: | 474 | case IPC_SET: |
| 470 | { | 475 | { |
| 471 | err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode, ipcp); | ||
| 472 | if (err) | ||
| 473 | goto out_unlock_up; | ||
| 474 | |||
| 475 | err = -EPERM; | 476 | err = -EPERM; |
| 476 | if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE)) | 477 | if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE)) |
| 477 | goto out_unlock_up; | 478 | goto out_unlock_up; |
| @@ -828,6 +828,11 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun | |||
| 828 | if (err) | 828 | if (err) |
| 829 | goto out_unlock; | 829 | goto out_unlock; |
| 830 | 830 | ||
| 831 | if (cmd == IPC_SET) { | ||
| 832 | err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode); | ||
| 833 | if (err) | ||
| 834 | goto out_unlock; | ||
| 835 | } | ||
| 831 | if (current->euid != ipcp->cuid && | 836 | if (current->euid != ipcp->cuid && |
| 832 | current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { | 837 | current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { |
| 833 | err=-EPERM; | 838 | err=-EPERM; |
| @@ -844,9 +849,6 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun | |||
| 844 | err = 0; | 849 | err = 0; |
| 845 | break; | 850 | break; |
| 846 | case IPC_SET: | 851 | case IPC_SET: |
| 847 | err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode, ipcp); | ||
| 848 | if (err) | ||
| 849 | goto out_unlock; | ||
| 850 | ipcp->uid = setbuf.uid; | 852 | ipcp->uid = setbuf.uid; |
| 851 | ipcp->gid = setbuf.gid; | 853 | ipcp->gid = setbuf.gid; |
| 852 | ipcp->mode = (ipcp->mode & ~S_IRWXUGO) | 854 | ipcp->mode = (ipcp->mode & ~S_IRWXUGO) |
| @@ -643,7 +643,7 @@ asmlinkage long sys_shmctl (int shmid, int cmd, struct shmid_ds __user *buf) | |||
| 643 | err = audit_ipc_obj(&(shp->shm_perm)); | 643 | err = audit_ipc_obj(&(shp->shm_perm)); |
| 644 | if (err) | 644 | if (err) |
| 645 | goto out_unlock_up; | 645 | goto out_unlock_up; |
| 646 | err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode, &(shp->shm_perm)); | 646 | err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode); |
| 647 | if (err) | 647 | if (err) |
| 648 | goto out_unlock_up; | 648 | goto out_unlock_up; |
| 649 | err=-EPERM; | 649 | err=-EPERM; |