diff options
Diffstat (limited to 'kernel/audit.c')
| -rw-r--r-- | kernel/audit.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 10c4930c2bbf..b782b046543d 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -78,9 +78,13 @@ static int audit_default; | |||
| 78 | /* If auditing cannot proceed, audit_failure selects what happens. */ | 78 | /* If auditing cannot proceed, audit_failure selects what happens. */ |
| 79 | static int audit_failure = AUDIT_FAIL_PRINTK; | 79 | static int audit_failure = AUDIT_FAIL_PRINTK; |
| 80 | 80 | ||
| 81 | /* If audit records are to be written to the netlink socket, audit_pid | 81 | /* |
| 82 | * contains the (non-zero) pid. */ | 82 | * If audit records are to be written to the netlink socket, audit_pid |
| 83 | * contains the pid of the auditd process and audit_nlk_pid contains | ||
| 84 | * the pid to use to send netlink messages to that process. | ||
| 85 | */ | ||
| 83 | int audit_pid; | 86 | int audit_pid; |
| 87 | static int audit_nlk_pid; | ||
| 84 | 88 | ||
| 85 | /* If audit_rate_limit is non-zero, limit the rate of sending audit records | 89 | /* If audit_rate_limit is non-zero, limit the rate of sending audit records |
| 86 | * to that number per second. This prevents DoS attacks, but results in | 90 | * to that number per second. This prevents DoS attacks, but results in |
| @@ -350,7 +354,7 @@ static int kauditd_thread(void *dummy) | |||
| 350 | wake_up(&audit_backlog_wait); | 354 | wake_up(&audit_backlog_wait); |
| 351 | if (skb) { | 355 | if (skb) { |
| 352 | if (audit_pid) { | 356 | if (audit_pid) { |
| 353 | int err = netlink_unicast(audit_sock, skb, audit_pid, 0); | 357 | int err = netlink_unicast(audit_sock, skb, audit_nlk_pid, 0); |
| 354 | if (err < 0) { | 358 | if (err < 0) { |
| 355 | BUG_ON(err != -ECONNREFUSED); /* Shoudn't happen */ | 359 | BUG_ON(err != -ECONNREFUSED); /* Shoudn't happen */ |
| 356 | printk(KERN_ERR "audit: *NO* daemon at audit_pid=%d\n", audit_pid); | 360 | printk(KERN_ERR "audit: *NO* daemon at audit_pid=%d\n", audit_pid); |
| @@ -626,6 +630,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) | |||
| 626 | sid, 1); | 630 | sid, 1); |
| 627 | 631 | ||
| 628 | audit_pid = new_pid; | 632 | audit_pid = new_pid; |
| 633 | audit_nlk_pid = NETLINK_CB(skb).pid; | ||
| 629 | } | 634 | } |
| 630 | if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) | 635 | if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) |
| 631 | err = audit_set_rate_limit(status_get->rate_limit, | 636 | err = audit_set_rate_limit(status_get->rate_limit, |
| @@ -1264,8 +1269,8 @@ static void audit_log_n_string(struct audit_buffer *ab, size_t slen, | |||
| 1264 | 1269 | ||
| 1265 | /** | 1270 | /** |
| 1266 | * audit_string_contains_control - does a string need to be logged in hex | 1271 | * audit_string_contains_control - does a string need to be logged in hex |
| 1267 | * @string - string to be checked | 1272 | * @string: string to be checked |
| 1268 | * @len - max length of the string to check | 1273 | * @len: max length of the string to check |
| 1269 | */ | 1274 | */ |
| 1270 | int audit_string_contains_control(const char *string, size_t len) | 1275 | int audit_string_contains_control(const char *string, size_t len) |
| 1271 | { | 1276 | { |
| @@ -1280,7 +1285,7 @@ int audit_string_contains_control(const char *string, size_t len) | |||
| 1280 | /** | 1285 | /** |
| 1281 | * audit_log_n_untrustedstring - log a string that may contain random characters | 1286 | * audit_log_n_untrustedstring - log a string that may contain random characters |
| 1282 | * @ab: audit_buffer | 1287 | * @ab: audit_buffer |
| 1283 | * @len: lenth of string (not including trailing null) | 1288 | * @len: length of string (not including trailing null) |
| 1284 | * @string: string to be logged | 1289 | * @string: string to be logged |
| 1285 | * | 1290 | * |
| 1286 | * This code will escape a string that is passed to it if the string | 1291 | * This code will escape a string that is passed to it if the string |