diff options
Diffstat (limited to 'kernel/audit.c')
-rw-r--r-- | kernel/audit.c | 71 |
1 files changed, 48 insertions, 23 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index e6d88635032c..dae3570b3a3b 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
@@ -692,7 +692,8 @@ static void audit_log_vformat(struct audit_buffer *ab, const char *fmt, | |||
692 | goto out; | 692 | goto out; |
693 | len = vsnprintf(skb->tail, avail, fmt, args2); | 693 | len = vsnprintf(skb->tail, avail, fmt, args2); |
694 | } | 694 | } |
695 | skb_put(skb, (len < avail) ? len : avail); | 695 | if (len > 0) |
696 | skb_put(skb, len); | ||
696 | out: | 697 | out: |
697 | return; | 698 | return; |
698 | } | 699 | } |
@@ -710,20 +711,47 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) | |||
710 | va_end(args); | 711 | va_end(args); |
711 | } | 712 | } |
712 | 713 | ||
713 | void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, size_t len) | 714 | /* This function will take the passed buf and convert it into a string of |
715 | * ascii hex digits. The new string is placed onto the skb. */ | ||
716 | void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, | ||
717 | size_t len) | ||
714 | { | 718 | { |
715 | int i; | 719 | int i, avail, new_len; |
720 | unsigned char *ptr; | ||
721 | struct sk_buff *skb; | ||
722 | static const unsigned char *hex = "0123456789ABCDEF"; | ||
723 | |||
724 | BUG_ON(!ab->skb); | ||
725 | skb = ab->skb; | ||
726 | avail = skb_tailroom(skb); | ||
727 | new_len = len<<1; | ||
728 | if (new_len >= avail) { | ||
729 | /* Round the buffer request up to the next multiple */ | ||
730 | new_len = AUDIT_BUFSIZ*(((new_len-avail)/AUDIT_BUFSIZ) + 1); | ||
731 | avail = audit_expand(ab, new_len); | ||
732 | if (!avail) | ||
733 | return; | ||
734 | } | ||
716 | 735 | ||
717 | for (i=0; i<len; i++) | 736 | ptr = skb->tail; |
718 | audit_log_format(ab, "%02x", buf[i]); | 737 | for (i=0; i<len; i++) { |
738 | *ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */ | ||
739 | *ptr++ = hex[buf[i] & 0x0F]; /* Lower nibble */ | ||
740 | } | ||
741 | *ptr = 0; | ||
742 | skb_put(skb, len << 1); /* new string is twice the old string */ | ||
719 | } | 743 | } |
720 | 744 | ||
745 | /* This code will escape a string that is passed to it if the string | ||
746 | * contains a control character, unprintable character, double quote mark, | ||
747 | * or a space. Unescaped strings will start and end with a double quote mark. | ||
748 | * Strings that are escaped are printed in hex (2 digits per char). */ | ||
721 | void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) | 749 | void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) |
722 | { | 750 | { |
723 | const unsigned char *p = string; | 751 | const unsigned char *p = string; |
724 | 752 | ||
725 | while (*p) { | 753 | while (*p) { |
726 | if (*p == '"' || *p == ' ' || *p < 0x20 || *p > 0x7f) { | 754 | if (*p == '"' || *p < 0x21 || *p > 0x7f) { |
727 | audit_log_hex(ab, string, strlen(string)); | 755 | audit_log_hex(ab, string, strlen(string)); |
728 | return; | 756 | return; |
729 | } | 757 | } |
@@ -732,31 +760,28 @@ void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) | |||
732 | audit_log_format(ab, "\"%s\"", string); | 760 | audit_log_format(ab, "\"%s\"", string); |
733 | } | 761 | } |
734 | 762 | ||
735 | 763 | /* This is a helper-function to print the escaped d_path */ | |
736 | /* This is a helper-function to print the d_path without using a static | ||
737 | * buffer or allocating another buffer in addition to the one in | ||
738 | * audit_buffer. */ | ||
739 | void audit_log_d_path(struct audit_buffer *ab, const char *prefix, | 764 | void audit_log_d_path(struct audit_buffer *ab, const char *prefix, |
740 | struct dentry *dentry, struct vfsmount *vfsmnt) | 765 | struct dentry *dentry, struct vfsmount *vfsmnt) |
741 | { | 766 | { |
742 | char *p; | 767 | char *p, *path; |
743 | struct sk_buff *skb = ab->skb; | ||
744 | int len, avail; | ||
745 | 768 | ||
746 | if (prefix) | 769 | if (prefix) |
747 | audit_log_format(ab, " %s", prefix); | 770 | audit_log_format(ab, " %s", prefix); |
748 | 771 | ||
749 | avail = skb_tailroom(skb); | 772 | /* We will allow 11 spaces for ' (deleted)' to be appended */ |
750 | p = d_path(dentry, vfsmnt, skb->tail, avail); | 773 | path = kmalloc(PATH_MAX+11, GFP_KERNEL); |
751 | if (IS_ERR(p)) { | 774 | if (!path) { |
752 | /* FIXME: can we save some information here? */ | 775 | audit_log_format(ab, "<no memory>"); |
753 | audit_log_format(ab, "<toolong>"); | 776 | return; |
754 | } else { | ||
755 | /* path isn't at start of buffer */ | ||
756 | len = ((char *)skb->tail + avail - 1) - p; | ||
757 | memmove(skb->tail, p, len); | ||
758 | skb_put(skb, len); | ||
759 | } | 777 | } |
778 | p = d_path(dentry, vfsmnt, path, PATH_MAX+11); | ||
779 | if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */ | ||
780 | /* FIXME: can we save some information here? */ | ||
781 | audit_log_format(ab, "<too long>"); | ||
782 | } else | ||
783 | audit_log_untrustedstring(ab, p); | ||
784 | kfree(path); | ||
760 | } | 785 | } |
761 | 786 | ||
762 | /* Remove queued messages from the audit_txlist and send them to user space. */ | 787 | /* Remove queued messages from the audit_txlist and send them to user space. */ |