Commit 1b9a3917 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current 

* 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)
  [PATCH] fix audit_init failure path
  [PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format
  [PATCH] sem2mutex: audit_netlink_sem
  [PATCH] simplify audit_free() locking
  [PATCH] Fix audit operators
  [PATCH] promiscuous mode
  [PATCH] Add tty to syscall audit records
  [PATCH] add/remove rule update
  [PATCH] audit string fields interface + consumer
  [PATCH] SE Linux audit events
  [PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c
  [PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
  [PATCH] Fix IA64 success/failure indication in syscall auditing.
  [PATCH] Miscellaneous bug and warning fixes
  [PATCH] Capture selinux subject/object context information.
  [PATCH] Exclude messages by message type
  [PATCH] Collect more inode information during syscall processing.
  [PATCH] Pass dentry, not just name, in fsnotify creation hooks.
  [PATCH] Define new range of userspace messages.
  [PATCH] Filter rule comparators
  ...

Fixed trivial conflict in security/selinux/hooks.c
parents 3661f00e 71e1c784

arch/i386/kernel/vm86.c

+10 −2
Original line number Diff line number Diff line
@@ -43,6 +43,7 @@ 
#include <linux/smp_lock.h>

#include <linux/highmem.h>

#include <linux/ptrace.h>

#include <linux/audit.h>



#include <asm/uaccess.h>

#include <asm/io.h>
@@ -252,6 +253,7 @@ out: 
static void do_sys_vm86(struct kernel_vm86_struct *info, struct task_struct *tsk)

{

	struct tss_struct *tss;

	long eax;

/*

 * make sure the vm86() system call doesn't try to do anything silly

 */
@@ -305,13 +307,19 @@ static void do_sys_vm86(struct kernel_vm86_struct *info, struct task_struct *tsk 
	tsk->thread.screen_bitmap = info->screen_bitmap;

	if (info->flags & VM86_SCREEN_BITMAP)

		mark_screen_rdonly(tsk->mm);

	__asm__ __volatile__("xorl %eax,%eax; movl %eax,%fs; movl %eax,%gs\n\t");

	__asm__ __volatile__("movl %%eax, %0\n" :"=r"(eax));



	/*call audit_syscall_exit since we do not exit via the normal paths */

	if (unlikely(current->audit_context))

		audit_syscall_exit(current, AUDITSC_RESULT(eax), eax);



	__asm__ __volatile__(

		"xorl %%eax,%%eax; movl %%eax,%%fs; movl %%eax,%%gs\n\t"

		"movl %0,%%esp\n\t"

		"movl %1,%%ebp\n\t"

		"jmp resume_userspace"

		: /* no outputs */

		:"r" (&info->regs), "r" (task_thread_info(tsk)) : "ax");

		:"r" (&info->regs), "r" (task_thread_info(tsk)));

	/* we never return here */

}

arch/ia64/kernel/ptrace.c

+8 −2
Original line number Diff line number Diff line
@@ -1656,8 +1656,14 @@ syscall_trace_leave (long arg0, long arg1, long arg2, long arg3, 
		     long arg4, long arg5, long arg6, long arg7,

		     struct pt_regs regs)

{

	if (unlikely(current->audit_context))

		audit_syscall_exit(current, AUDITSC_RESULT(regs.r10), regs.r8);

	if (unlikely(current->audit_context)) {

		int success = AUDITSC_RESULT(regs.r10);

		long result = regs.r8;



		if (success != AUDITSC_SUCCESS)

			result = -result;

		audit_syscall_exit(current, success, result);

	}



	if (test_thread_flag(TIF_SYSCALL_TRACE)

	    && (current->ptrace & PT_PTRACED))

fs/namei.c

+6 −5
Original line number Diff line number Diff line
@@ -1353,6 +1353,7 @@ static int may_delete(struct inode *dir,struct dentry *victim,int isdir) 
		return -ENOENT;



	BUG_ON(victim->d_parent->d_inode != dir);

	audit_inode_child(victim->d_name.name, victim->d_inode, dir->i_ino);



	error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);

	if (error)
@@ -1472,7 +1473,7 @@ int vfs_create(struct inode *dir, struct dentry *dentry, int mode, 
	DQUOT_INIT(dir);

	error = dir->i_op->create(dir, dentry, mode, nd);

	if (!error)

		fsnotify_create(dir, dentry->d_name.name);

		fsnotify_create(dir, dentry);

	return error;

}
@@ -1799,7 +1800,7 @@ int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 
	DQUOT_INIT(dir);

	error = dir->i_op->mknod(dir, dentry, mode, dev);

	if (!error)

		fsnotify_create(dir, dentry->d_name.name);

		fsnotify_create(dir, dentry);

	return error;

}
@@ -1876,7 +1877,7 @@ int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) 
	DQUOT_INIT(dir);

	error = dir->i_op->mkdir(dir, dentry, mode);

	if (!error)

		fsnotify_mkdir(dir, dentry->d_name.name);

		fsnotify_mkdir(dir, dentry);

	return error;

}
@@ -2139,7 +2140,7 @@ int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, i 
	DQUOT_INIT(dir);

	error = dir->i_op->symlink(dir, dentry, oldname);

	if (!error)

		fsnotify_create(dir, dentry->d_name.name);

		fsnotify_create(dir, dentry);

	return error;

}
@@ -2216,7 +2217,7 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de 
	error = dir->i_op->link(old_dentry, dir, new_dentry);

	mutex_unlock(&old_dentry->d_inode->i_mutex);

	if (!error)

		fsnotify_create(dir, new_dentry->d_name.name);

		fsnotify_create(dir, new_dentry);

	return error;

}

fs/open.c

+7 −1
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ 
#include <linux/pagemap.h>

#include <linux/syscalls.h>

#include <linux/rcupdate.h>

#include <linux/audit.h>



#include <asm/unistd.h>
@@ -626,6 +627,8 @@ asmlinkage long sys_fchmod(unsigned int fd, mode_t mode) 
	dentry = file->f_dentry;

	inode = dentry->d_inode;



	audit_inode(NULL, inode, 0);



	err = -EROFS;

	if (IS_RDONLY(inode))

		goto out_putf;
@@ -775,7 +778,10 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group) 


	file = fget(fd);

	if (file) {

		error = chown_common(file->f_dentry, user, group);

		struct dentry * dentry;

		dentry = file->f_dentry;

		audit_inode(NULL, dentry->d_inode, 0);

		error = chown_common(dentry, user, group);

		fput(file);

	}

	return error;

fs/xattr.c

+9 −2
Original line number Diff line number Diff line
@@ -17,6 +17,7 @@ 
#include <linux/syscalls.h>

#include <linux/module.h>

#include <linux/fsnotify.h>

#include <linux/audit.h>

#include <asm/uaccess.h>
@@ -234,12 +235,15 @@ sys_fsetxattr(int fd, char __user *name, void __user *value, 
	      size_t size, int flags)

{

	struct file *f;

	struct dentry *dentry;

	int error = -EBADF;



	f = fget(fd);

	if (!f)

		return error;

	error = setxattr(f->f_dentry, name, value, size, flags);

	dentry = f->f_dentry;

	audit_inode(NULL, dentry->d_inode, 0);

	error = setxattr(dentry, name, value, size, flags);

	fput(f);

	return error;

}
@@ -458,12 +462,15 @@ asmlinkage long 
sys_fremovexattr(int fd, char __user *name)

{

	struct file *f;

	struct dentry *dentry;

	int error = -EBADF;



	f = fget(fd);

	if (!f)

		return error;

	error = removexattr(f->f_dentry, name);

	dentry = f->f_dentry;

	audit_inode(NULL, dentry->d_inode, 0);

	error = removexattr(dentry, name);

	fput(f);

	return error;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE