diff options
Diffstat (limited to 'kernel/audit.c')
| -rw-r--r-- | kernel/audit.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 09fae2677a45..bb0eb5bb9a0a 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -601,13 +601,13 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type) | |||
| 601 | case AUDIT_TTY_SET: | 601 | case AUDIT_TTY_SET: |
| 602 | case AUDIT_TRIM: | 602 | case AUDIT_TRIM: |
| 603 | case AUDIT_MAKE_EQUIV: | 603 | case AUDIT_MAKE_EQUIV: |
| 604 | if (security_netlink_recv(skb, CAP_AUDIT_CONTROL)) | 604 | if (!capable(CAP_AUDIT_CONTROL)) |
| 605 | err = -EPERM; | 605 | err = -EPERM; |
| 606 | break; | 606 | break; |
| 607 | case AUDIT_USER: | 607 | case AUDIT_USER: |
| 608 | case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG: | 608 | case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG: |
| 609 | case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2: | 609 | case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2: |
| 610 | if (security_netlink_recv(skb, CAP_AUDIT_WRITE)) | 610 | if (!capable(CAP_AUDIT_WRITE)) |
| 611 | err = -EPERM; | 611 | err = -EPERM; |
| 612 | break; | 612 | break; |
| 613 | default: /* bad msg */ | 613 | default: /* bad msg */ |
| @@ -631,7 +631,7 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type, | |||
| 631 | } | 631 | } |
| 632 | 632 | ||
| 633 | *ab = audit_log_start(NULL, GFP_KERNEL, msg_type); | 633 | *ab = audit_log_start(NULL, GFP_KERNEL, msg_type); |
| 634 | audit_log_format(*ab, "user pid=%d uid=%u auid=%u ses=%u", | 634 | audit_log_format(*ab, "pid=%d uid=%u auid=%u ses=%u", |
| 635 | pid, uid, auid, ses); | 635 | pid, uid, auid, ses); |
| 636 | if (sid) { | 636 | if (sid) { |
| 637 | rc = security_secid_to_secctx(sid, &ctx, &len); | 637 | rc = security_secid_to_secctx(sid, &ctx, &len); |
| @@ -1260,12 +1260,13 @@ static void audit_log_vformat(struct audit_buffer *ab, const char *fmt, | |||
| 1260 | avail = audit_expand(ab, | 1260 | avail = audit_expand(ab, |
| 1261 | max_t(unsigned, AUDIT_BUFSIZ, 1+len-avail)); | 1261 | max_t(unsigned, AUDIT_BUFSIZ, 1+len-avail)); |
| 1262 | if (!avail) | 1262 | if (!avail) |
| 1263 | goto out; | 1263 | goto out_va_end; |
| 1264 | len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args2); | 1264 | len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args2); |
| 1265 | } | 1265 | } |
| 1266 | va_end(args2); | ||
| 1267 | if (len > 0) | 1266 | if (len > 0) |
| 1268 | skb_put(skb, len); | 1267 | skb_put(skb, len); |
| 1268 | out_va_end: | ||
| 1269 | va_end(args2); | ||
| 1269 | out: | 1270 | out: |
| 1270 | return; | 1271 | return; |
| 1271 | } | 1272 | } |
| @@ -1422,7 +1423,7 @@ void audit_log_d_path(struct audit_buffer *ab, const char *prefix, | |||
| 1422 | char *p, *pathname; | 1423 | char *p, *pathname; |
| 1423 | 1424 | ||
| 1424 | if (prefix) | 1425 | if (prefix) |
| 1425 | audit_log_format(ab, " %s", prefix); | 1426 | audit_log_format(ab, "%s", prefix); |
| 1426 | 1427 | ||
| 1427 | /* We will allow 11 spaces for ' (deleted)' to be appended */ | 1428 | /* We will allow 11 spaces for ' (deleted)' to be appended */ |
| 1428 | pathname = kmalloc(PATH_MAX+11, ab->gfp_mask); | 1429 | pathname = kmalloc(PATH_MAX+11, ab->gfp_mask); |