diff options
Diffstat (limited to 'net/xfrm/xfrm_state.c')
| -rw-r--r-- | net/xfrm/xfrm_state.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 5dcc10b93c86..c3f5f70934ec 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c | |||
| @@ -496,7 +496,8 @@ expired: | |||
| 496 | km_state_expired(x, 1, 0); | 496 | km_state_expired(x, 1, 0); |
| 497 | 497 | ||
| 498 | xfrm_audit_state_delete(x, err ? 0 : 1, | 498 | xfrm_audit_state_delete(x, err ? 0 : 1, |
| 499 | audit_get_loginuid(current), 0); | 499 | audit_get_loginuid(current), |
| 500 | audit_get_sessionid(current), 0); | ||
| 500 | 501 | ||
| 501 | out: | 502 | out: |
| 502 | spin_unlock(&x->lock); | 503 | spin_unlock(&x->lock); |
| @@ -603,6 +604,7 @@ xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info) | |||
| 603 | (err = security_xfrm_state_delete(x)) != 0) { | 604 | (err = security_xfrm_state_delete(x)) != 0) { |
| 604 | xfrm_audit_state_delete(x, 0, | 605 | xfrm_audit_state_delete(x, 0, |
| 605 | audit_info->loginuid, | 606 | audit_info->loginuid, |
| 607 | audit_info->sessionid, | ||
| 606 | audit_info->secid); | 608 | audit_info->secid); |
| 607 | return err; | 609 | return err; |
| 608 | } | 610 | } |
| @@ -641,6 +643,7 @@ restart: | |||
| 641 | err = xfrm_state_delete(x); | 643 | err = xfrm_state_delete(x); |
| 642 | xfrm_audit_state_delete(x, err ? 0 : 1, | 644 | xfrm_audit_state_delete(x, err ? 0 : 1, |
| 643 | audit_info->loginuid, | 645 | audit_info->loginuid, |
| 646 | audit_info->sessionid, | ||
| 644 | audit_info->secid); | 647 | audit_info->secid); |
| 645 | xfrm_state_put(x); | 648 | xfrm_state_put(x); |
| 646 | 649 | ||
| @@ -2123,14 +2126,14 @@ static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family, | |||
| 2123 | } | 2126 | } |
| 2124 | 2127 | ||
| 2125 | void xfrm_audit_state_add(struct xfrm_state *x, int result, | 2128 | void xfrm_audit_state_add(struct xfrm_state *x, int result, |
| 2126 | u32 auid, u32 secid) | 2129 | uid_t auid, u32 sessionid, u32 secid) |
| 2127 | { | 2130 | { |
| 2128 | struct audit_buffer *audit_buf; | 2131 | struct audit_buffer *audit_buf; |
| 2129 | 2132 | ||
| 2130 | audit_buf = xfrm_audit_start("SAD-add"); | 2133 | audit_buf = xfrm_audit_start("SAD-add"); |
| 2131 | if (audit_buf == NULL) | 2134 | if (audit_buf == NULL) |
| 2132 | return; | 2135 | return; |
| 2133 | xfrm_audit_helper_usrinfo(auid, secid, audit_buf); | 2136 | xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf); |
| 2134 | xfrm_audit_helper_sainfo(x, audit_buf); | 2137 | xfrm_audit_helper_sainfo(x, audit_buf); |
| 2135 | audit_log_format(audit_buf, " res=%u", result); | 2138 | audit_log_format(audit_buf, " res=%u", result); |
| 2136 | audit_log_end(audit_buf); | 2139 | audit_log_end(audit_buf); |
| @@ -2138,14 +2141,14 @@ void xfrm_audit_state_add(struct xfrm_state *x, int result, | |||
| 2138 | EXPORT_SYMBOL_GPL(xfrm_audit_state_add); | 2141 | EXPORT_SYMBOL_GPL(xfrm_audit_state_add); |
| 2139 | 2142 | ||
| 2140 | void xfrm_audit_state_delete(struct xfrm_state *x, int result, | 2143 | void xfrm_audit_state_delete(struct xfrm_state *x, int result, |
| 2141 | u32 auid, u32 secid) | 2144 | uid_t auid, u32 sessionid, u32 secid) |
| 2142 | { | 2145 | { |
| 2143 | struct audit_buffer *audit_buf; | 2146 | struct audit_buffer *audit_buf; |
| 2144 | 2147 | ||
| 2145 | audit_buf = xfrm_audit_start("SAD-delete"); | 2148 | audit_buf = xfrm_audit_start("SAD-delete"); |
| 2146 | if (audit_buf == NULL) | 2149 | if (audit_buf == NULL) |
| 2147 | return; | 2150 | return; |
| 2148 | xfrm_audit_helper_usrinfo(auid, secid, audit_buf); | 2151 | xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf); |
| 2149 | xfrm_audit_helper_sainfo(x, audit_buf); | 2152 | xfrm_audit_helper_sainfo(x, audit_buf); |
| 2150 | audit_log_format(audit_buf, " res=%u", result); | 2153 | audit_log_format(audit_buf, " res=%u", result); |
| 2151 | audit_log_end(audit_buf); | 2154 | audit_log_end(audit_buf); |