From e23eb920b0f3978687c497de2ac3eb9e281dab32 Mon Sep 17 00:00:00 2001 From: Peter Moody Date: Thu, 14 Jun 2012 10:04:35 -0700 Subject: audit: export audit_log_task_info At the suggestion of eparis@redhat.com, move this chunk of task logging from audit_log_exit to audit_log_task_info and export this function so it's usuable elsewhere in the kernel. This patch is against git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity#next-ima-appraisal Changelog v2: - add empty audit_log_task_info if CONFIG_AUDITSYSCALL isn't set. Changelog v1: - Initial post. Signed-off-by: Peter Moody Signed-off-by: Mimi Zohar --- include/linux/audit.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux/audit.h') diff --git a/include/linux/audit.h b/include/linux/audit.h index 36abf2aa7e68..2a5073cf548a 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -529,6 +529,7 @@ extern int audit_set_loginuid(uid_t loginuid); #define audit_get_loginuid(t) ((t)->loginuid) #define audit_get_sessionid(t) ((t)->sessionid) extern void audit_log_task_context(struct audit_buffer *ab); +extern void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk); extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp); extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode); extern int __audit_bprm(struct linux_binprm *bprm); @@ -640,6 +641,7 @@ extern int audit_signals; #define audit_get_loginuid(t) (-1) #define audit_get_sessionid(t) (-1) #define audit_log_task_context(b) do { ; } while (0) +#define audit_log_task_info(b, t) do { ; } while (0) #define audit_ipc_obj(i) ((void)0) #define audit_ipc_set_perm(q,u,g,m) ((void)0) #define audit_bprm(p) ({ 0; }) -- cgit v1.2.2 From 02276bda4a2bf094fcde89fb5db4d9e86347ebf4 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 10 Sep 2012 23:10:16 -0700 Subject: audit: Use current instead of NETLINK_CREDS() in audit_filter Get caller process uid and gid and pid values from the current task instead of the NETLINK_CB. This is simpler than passing NETLINK_CREDS from from audit_receive_msg to audit_filter_user_rules and avoid the chance of being hit by the occassional bugs in netlink uid/gid credential passing. This is a safe changes because all netlink requests are processed in the task of the sending process. Cc: Al Viro Cc: Eric Paris Signed-off-by: "Eric W. Biederman" --- include/linux/audit.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/linux/audit.h') diff --git a/include/linux/audit.h b/include/linux/audit.h index 36abf2aa7e68..9c9af0e95f93 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -700,7 +700,7 @@ extern void audit_log_secctx(struct audit_buffer *ab, u32 secid); extern int audit_update_lsm_rules(void); /* Private API (for audit.c only) */ -extern int audit_filter_user(struct netlink_skb_parms *cb); +extern int audit_filter_user(void); extern int audit_filter_type(int type); extern int audit_receive_filter(int type, int pid, int uid, int seq, void *data, size_t datasz, uid_t loginuid, -- cgit v1.2.2 From 017143fecb3364e5fed8107d206799899f5dd684 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Tue, 11 Sep 2012 00:19:06 -0700 Subject: audit: Remove the unused uid parameter from audit_receive_filter Cc: Al Viro Cc: Eric Paris Signed-off-by: "Eric W. Biederman" --- include/linux/audit.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/linux/audit.h') diff --git a/include/linux/audit.h b/include/linux/audit.h index 9c9af0e95f93..b9c5b22e34a5 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -702,7 +702,7 @@ extern int audit_update_lsm_rules(void); /* Private API (for audit.c only) */ extern int audit_filter_user(void); extern int audit_filter_type(int type); -extern int audit_receive_filter(int type, int pid, int uid, int seq, +extern int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz, uid_t loginuid, u32 sessionid, u32 sid); extern int audit_enabled; -- cgit v1.2.2 From ca57ec0f00c3f139c41bf6b0a5b9bcc95bbb2ad7 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Tue, 11 Sep 2012 02:18:08 -0700 Subject: audit: Add typespecific uid and gid comparators The audit filter code guarantees that uid are always compared with uids and gids are always compared with gids, as the comparason operations are type specific. Take advantage of this proper to define audit_uid_comparator and audit_gid_comparator which use the type safe comparasons from uidgid.h. Build on audit_uid_comparator and audit_gid_comparator and replace audit_compare_id with audit_compare_uid and audit_compare_gid. This is one of those odd cases where being type safe and duplicating code leads to simpler shorter and more concise code. Don't allow bitmask operations in uid and gid comparisons in audit_data_to_entry. Bitmask operations are already denined in audit_rule_to_entry. Convert constants in audit_rule_to_entry and audit_data_to_entry into kuids and kgids when appropriate. Convert the uid and gid field in struct audit_names to be of type kuid_t and kgid_t respectively, so that the new uid and gid comparators can be applied in a type safe manner. Cc: Al Viro Cc: Eric Paris Signed-off-by: "Eric W. Biederman" --- include/linux/audit.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux/audit.h') diff --git a/include/linux/audit.h b/include/linux/audit.h index b9c5b22e34a5..ca019bb74da3 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -442,6 +442,8 @@ struct audit_krule { struct audit_field { u32 type; u32 val; + kuid_t uid; + kgid_t gid; u32 op; char *lsm_str; void *lsm_rule; -- cgit v1.2.2 From e1760bd5ffae8cb98cffb030ee8e631eba28f3d8 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 10 Sep 2012 22:39:43 -0700 Subject: userns: Convert the audit loginuid to be a kuid Always store audit loginuids in type kuid_t. Print loginuids by converting them into uids in the appropriate user namespace, and then printing the resulting uid. Modify audit_get_loginuid to return a kuid_t. Modify audit_set_loginuid to take a kuid_t. Modify /proc//loginuid on read to convert the loginuid into the user namespace of the opener of the file. Modify /proc//loginud on write to convert the loginuid rom the user namespace of the opener of the file. Cc: Al Viro Cc: Eric Paris Cc: Paul Moore ? Cc: David Miller Signed-off-by: Eric W. Biederman --- include/linux/audit.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include/linux/audit.h') diff --git a/include/linux/audit.h b/include/linux/audit.h index ca019bb74da3..12367cbadfe1 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -527,7 +527,7 @@ static inline void audit_ptrace(struct task_struct *t) extern unsigned int audit_serial(void); extern int auditsc_get_stamp(struct audit_context *ctx, struct timespec *t, unsigned int *serial); -extern int audit_set_loginuid(uid_t loginuid); +extern int audit_set_loginuid(kuid_t loginuid); #define audit_get_loginuid(t) ((t)->loginuid) #define audit_get_sessionid(t) ((t)->sessionid) extern void audit_log_task_context(struct audit_buffer *ab); @@ -639,7 +639,7 @@ extern int audit_signals; #define audit_core_dumps(i) do { ; } while (0) #define audit_seccomp(i,s,c) do { ; } while (0) #define auditsc_get_stamp(c,t,s) (0) -#define audit_get_loginuid(t) (-1) +#define audit_get_loginuid(t) (INVALID_UID) #define audit_get_sessionid(t) (-1) #define audit_log_task_context(b) do { ; } while (0) #define audit_ipc_obj(i) ((void)0) @@ -705,7 +705,7 @@ extern int audit_update_lsm_rules(void); extern int audit_filter_user(void); extern int audit_filter_type(int type); extern int audit_receive_filter(int type, int pid, int seq, - void *data, size_t datasz, uid_t loginuid, + void *data, size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid); extern int audit_enabled; #else -- cgit v1.2.2 From 9321d526dd731588f09508af48de50041785a26a Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 4 Oct 2012 17:11:11 -0700 Subject: audit.h: replace defines with C stubs Replace the #defines used when CONFIG_AUDIT or CONFIG_AUDIT_SYSCALLS are disabled so we get type checking during those builds. Suggested-by: Andrew Morton Signed-off-by: Kees Cook Cc: Al Viro Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- include/linux/audit.h | 206 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 153 insertions(+), 53 deletions(-) (limited to 'include/linux/audit.h') diff --git a/include/linux/audit.h b/include/linux/audit.h index e7c836d961ea..2c83e5f7edb1 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -527,9 +527,18 @@ static inline void audit_ptrace(struct task_struct *t) extern unsigned int audit_serial(void); extern int auditsc_get_stamp(struct audit_context *ctx, struct timespec *t, unsigned int *serial); -extern int audit_set_loginuid(kuid_t loginuid); -#define audit_get_loginuid(t) ((t)->loginuid) -#define audit_get_sessionid(t) ((t)->sessionid) +extern int audit_set_loginuid(kuid_t loginuid); + +static inline kuid_t audit_get_loginuid(struct task_struct *tsk) +{ + return tsk->loginuid; +} + +static inline int audit_get_sessionid(struct task_struct *tsk) +{ + return tsk->sessionid; +} + extern void audit_log_task_context(struct audit_buffer *ab); extern void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk); extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp); @@ -626,38 +635,101 @@ static inline void audit_mmap_fd(int fd, int flags) extern int audit_n_rules; extern int audit_signals; #else /* CONFIG_AUDITSYSCALL */ -#define audit_alloc(t) ({ 0; }) -#define audit_free(t) do { ; } while (0) -#define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0) -#define audit_syscall_exit(r) do { ; } while (0) -#define audit_dummy_context() 1 -#define audit_getname(n) do { ; } while (0) -#define audit_putname(n) do { ; } while (0) -#define __audit_inode(n,d) do { ; } while (0) -#define __audit_inode_child(i,p) do { ; } while (0) -#define audit_inode(n,d) do { (void)(d); } while (0) -#define audit_inode_child(i,p) do { ; } while (0) -#define audit_core_dumps(i) do { ; } while (0) -#define audit_seccomp(i,s,c) do { ; } while (0) -#define auditsc_get_stamp(c,t,s) (0) -#define audit_get_loginuid(t) (INVALID_UID) -#define audit_get_sessionid(t) (-1) -#define audit_log_task_context(b) do { ; } while (0) -#define audit_log_task_info(b, t) do { ; } while (0) -#define audit_ipc_obj(i) ((void)0) -#define audit_ipc_set_perm(q,u,g,m) ((void)0) -#define audit_bprm(p) ({ 0; }) -#define audit_socketcall(n,a) ((void)0) -#define audit_fd_pair(n,a) ((void)0) -#define audit_sockaddr(len, addr) ({ 0; }) -#define audit_mq_open(o,m,a) ((void)0) -#define audit_mq_sendrecv(d,l,p,t) ((void)0) -#define audit_mq_notify(d,n) ((void)0) -#define audit_mq_getsetattr(d,s) ((void)0) -#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; }) -#define audit_log_capset(pid, ncr, ocr) ((void)0) -#define audit_mmap_fd(fd, flags) ((void)0) -#define audit_ptrace(t) ((void)0) +static inline int audit_alloc(struct task_struct *task) +{ + return 0; +} +static inline void audit_free(struct task_struct *task) +{ } +static inline void audit_syscall_entry(int arch, int major, unsigned long a0, + unsigned long a1, unsigned long a2, + unsigned long a3) +{ } +static inline void audit_syscall_exit(void *pt_regs) +{ } +static inline int audit_dummy_context(void) +{ + return 1; +} +static inline void audit_getname(const char *name) +{ } +static inline void audit_putname(const char *name) +{ } +static inline void __audit_inode(const char *name, const struct dentry *dentry) +{ } +static inline void __audit_inode_child(const struct dentry *dentry, + const struct inode *parent) +{ } +static inline void audit_inode(const char *name, const struct dentry *dentry) +{ } +static inline void audit_inode_child(const struct dentry *dentry, + const struct inode *parent) +{ } +static inline void audit_core_dumps(long signr) +{ } +static inline void __audit_seccomp(unsigned long syscall, long signr, int code) +{ } +static inline void audit_seccomp(unsigned long syscall, long signr, int code) +{ } +static inline int auditsc_get_stamp(struct audit_context *ctx, + struct timespec *t, unsigned int *serial) +{ + return 0; +} +static inline kuid_t audit_get_loginuid(struct task_struct *tsk) +{ + return INVALID_UID; +} +static inline int audit_get_sessionid(struct task_struct *tsk) +{ + return -1; +} +static inline void audit_log_task_context(struct audit_buffer *ab) +{ } +static inline void audit_log_task_info(struct audit_buffer *ab, + struct task_struct *tsk) +{ } +static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) +{ } +static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, + gid_t gid, umode_t mode) +{ } +static inline int audit_bprm(struct linux_binprm *bprm) +{ + return 0; +} +static inline void audit_socketcall(int nargs, unsigned long *args) +{ } +static inline void audit_fd_pair(int fd1, int fd2) +{ } +static inline int audit_sockaddr(int len, void *addr) +{ + return 0; +} +static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) +{ } +static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, + unsigned int msg_prio, + const struct timespec *abs_timeout) +{ } +static inline void audit_mq_notify(mqd_t mqdes, + const struct sigevent *notification) +{ } +static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) +{ } +static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm, + const struct cred *new, + const struct cred *old) +{ + return 0; +} +static inline void audit_log_capset(pid_t pid, const struct cred *new, + const struct cred *old) +{ } +static inline void audit_mmap_fd(int fd, int flags) +{ } +static inline void audit_ptrace(struct task_struct *t) +{ } #define audit_n_rules 0 #define audit_signals 0 #endif /* CONFIG_AUDITSYSCALL */ @@ -681,7 +753,6 @@ extern void audit_log_n_hex(struct audit_buffer *ab, extern void audit_log_n_string(struct audit_buffer *ab, const char *buf, size_t n); -#define audit_log_string(a,b) audit_log_n_string(a, b, strlen(b)); extern void audit_log_n_untrustedstring(struct audit_buffer *ab, const char *string, size_t n); @@ -698,7 +769,8 @@ extern void audit_log_lost(const char *message); #ifdef CONFIG_SECURITY extern void audit_log_secctx(struct audit_buffer *ab, u32 secid); #else -#define audit_log_secctx(b,s) do { ; } while (0) +static inline void audit_log_secctx(struct audit_buffer *ab, u32 secid) +{ } #endif extern int audit_update_lsm_rules(void); @@ -710,22 +782,50 @@ extern int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid); extern int audit_enabled; -#else -#define audit_log(c,g,t,f,...) do { ; } while (0) -#define audit_log_start(c,g,t) ({ NULL; }) -#define audit_log_vformat(b,f,a) do { ; } while (0) -#define audit_log_format(b,f,...) do { ; } while (0) -#define audit_log_end(b) do { ; } while (0) -#define audit_log_n_hex(a,b,l) do { ; } while (0) -#define audit_log_n_string(a,c,l) do { ; } while (0) -#define audit_log_string(a,c) do { ; } while (0) -#define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) -#define audit_log_untrustedstring(a,s) do { ; } while (0) -#define audit_log_d_path(b, p, d) do { ; } while (0) -#define audit_log_key(b, k) do { ; } while (0) -#define audit_log_link_denied(o, l) do { ; } while (0) -#define audit_log_secctx(b,s) do { ; } while (0) +#else /* CONFIG_AUDIT */ +static inline __printf(4, 5) +void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type, + const char *fmt, ...) +{ } +static inline struct audit_buffer *audit_log_start(struct audit_context *ctx, + gfp_t gfp_mask, int type) +{ + return NULL; +} +static inline __printf(2, 3) +void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) +{ } +static inline void audit_log_end(struct audit_buffer *ab) +{ } +static inline void audit_log_n_hex(struct audit_buffer *ab, + const unsigned char *buf, size_t len) +{ } +static inline void audit_log_n_string(struct audit_buffer *ab, + const char *buf, size_t n) +{ } +static inline void audit_log_n_untrustedstring(struct audit_buffer *ab, + const char *string, size_t n) +{ } +static inline void audit_log_untrustedstring(struct audit_buffer *ab, + const char *string) +{ } +static inline void audit_log_d_path(struct audit_buffer *ab, + const char *prefix, + const struct path *path) +{ } +static inline void audit_log_key(struct audit_buffer *ab, char *key) +{ } +static inline void audit_log_link_denied(const char *string, + const struct path *link) +{ } +static inline void audit_log_secctx(struct audit_buffer *ab, u32 secid) +{ } #define audit_enabled 0 -#endif +#endif /* CONFIG_AUDIT */ +static inline void audit_log_string(struct audit_buffer *ab, const char *buf) +{ + audit_log_n_string(ab, buf, strlen(buf)); +} + #endif #endif -- cgit v1.2.2