Commit 3eaded86 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge git://git.infradead.org/users/eparis/audit 

Pull audit updates from Eric Paris:
 "Nothing amazing.  Formatting, small bug fixes, couple of fixes where
  we didn't get records due to some old VFS changes, and a change to how
  we collect execve info..."

Fixed conflict in fs/exec.c as per Eric and linux-next.

* git://git.infradead.org/users/eparis/audit: (28 commits)
  audit: fix type of sessionid in audit_set_loginuid()
  audit: call audit_bprm() only once to add AUDIT_EXECVE information
  audit: move audit_aux_data_execve contents into audit_context union
  audit: remove unused envc member of audit_aux_data_execve
  audit: Kill the unused struct audit_aux_data_capset
  audit: do not reject all AUDIT_INODE filter types
  audit: suppress stock memalloc failure warnings since already managed
  audit: log the audit_names record type
  audit: add child record before the create to handle case where create fails
  audit: use given values in tty_audit enable api
  audit: use nlmsg_len() to get message payload length
  audit: use memset instead of trying to initialize field by field
  audit: fix info leak in AUDIT_GET requests
  audit: update AUDIT_INODE filter rule to comparator function
  audit: audit feature to set loginuid immutable
  audit: audit feature to only allow unsetting the loginuid
  audit: allow unsetting the loginuid (with priv)
  audit: remove CONFIG_AUDIT_LOGINUID_IMMUTABLE
  audit: loginuid functions coding style
  selinux: apply selinux checks on new audit message types
  ...
parents 527d1511 9175c9d2

fs/exec.c

+1 −4
Original line number Diff line number Diff line
@@ -1380,10 +1380,6 @@ int search_binary_handler(struct linux_binprm *bprm) 
	if (retval)

		return retval;



	retval = audit_bprm(bprm);

	if (retval)

		return retval;



	retval = -ENOENT;

 retry:

	read_lock(&binfmt_lock);
@@ -1431,6 +1427,7 @@ static int exec_binprm(struct linux_binprm *bprm) 


	ret = search_binary_handler(bprm);

	if (ret >= 0) {

		audit_bprm(bprm);

		trace_sched_process_exec(current, old_pid, bprm);

		ptrace_event(PTRACE_EVENT_EXEC, old_vpid);

		current->did_exec = 1;

fs/namei.c

+1 −0
Original line number Diff line number Diff line
@@ -2435,6 +2435,7 @@ static int may_delete(struct inode *dir, struct dentry *victim, bool isdir) 
 */

static inline int may_create(struct inode *dir, struct dentry *child)

{

	audit_inode_child(dir, child, AUDIT_TYPE_CHILD_CREATE);

	if (child->d_inode)

		return -EEXIST;

	if (IS_DEADDIR(dir))

fs/proc/base.c

+10 −4
Original line number Diff line number Diff line
@@ -1151,11 +1151,17 @@ static ssize_t proc_loginuid_write(struct file * file, const char __user * buf, 
		goto out_free_page;



	}



	/* is userspace tring to explicitly UNSET the loginuid? */

	if (loginuid == AUDIT_UID_UNSET) {

		kloginuid = INVALID_UID;

	} else {

		kloginuid = make_kuid(file->f_cred->user_ns, loginuid);

		if (!uid_valid(kloginuid)) {

			length = -EINVAL;

			goto out_free_page;

		}

	}



	length = audit_set_loginuid(kloginuid);

	if (likely(length == 0))

include/linux/audit.h

+7 −8
Original line number Diff line number Diff line
@@ -73,6 +73,8 @@ struct audit_field { 
	void				*lsm_rule;

};



extern int is_audit_feature_set(int which);



extern int __init audit_register_class(int class, unsigned *list);

extern int audit_classify_syscall(int abi, unsigned syscall);

extern int audit_classify_arch(int arch);
@@ -207,7 +209,7 @@ static inline int audit_get_sessionid(struct task_struct *tsk) 


extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);

extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);

extern int __audit_bprm(struct linux_binprm *bprm);

extern void __audit_bprm(struct linux_binprm *bprm);

extern int __audit_socketcall(int nargs, unsigned long *args);

extern int __audit_sockaddr(int len, void *addr);

extern void __audit_fd_pair(int fd1, int fd2);
@@ -236,11 +238,10 @@ static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid 
	if (unlikely(!audit_dummy_context()))

		__audit_ipc_set_perm(qbytes, uid, gid, mode);

}

static inline int audit_bprm(struct linux_binprm *bprm)

static inline void audit_bprm(struct linux_binprm *bprm)

{

	if (unlikely(!audit_dummy_context()))

		return __audit_bprm(bprm);

	return 0;

		__audit_bprm(bprm);

}

static inline int audit_socketcall(int nargs, unsigned long *args)

{
@@ -367,10 +368,8 @@ static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) 
static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,

					gid_t gid, umode_t mode)

{ }

static inline int audit_bprm(struct linux_binprm *bprm)

{

	return 0;

}

static inline void audit_bprm(struct linux_binprm *bprm)

{ }

static inline int audit_socketcall(int nargs, unsigned long *args)

{

	return 0;

include/uapi/linux/audit.h

+26 −0
Original line number Diff line number Diff line
@@ -68,6 +68,9 @@ 
#define AUDIT_MAKE_EQUIV	1015	/* Append to watched tree */

#define AUDIT_TTY_GET		1016	/* Get TTY auditing status */

#define AUDIT_TTY_SET		1017	/* Set TTY auditing status */

#define AUDIT_SET_FEATURE	1018	/* Turn an audit feature on or off */

#define AUDIT_GET_FEATURE	1019	/* Get which features are enabled */

#define AUDIT_FEATURE_CHANGE	1020	/* audit log listing feature changes */



#define AUDIT_FIRST_USER_MSG	1100	/* Userspace messages mostly uninteresting to kernel */

#define AUDIT_USER_AVC		1107	/* We filter this differently */
@@ -357,6 +360,12 @@ enum { 
#define AUDIT_PERM_READ		4

#define AUDIT_PERM_ATTR		8



/* MAX_AUDIT_MESSAGE_LENGTH is set in audit:lib/libaudit.h as:

 * 8970 // PATH_MAX*2+CONTEXT_SIZE*2+11+256+1

 * max header+body+tailer: 44 + 29 + 32 + 262 + 7 + pad

 */

#define AUDIT_MESSAGE_TEXT_MAX	8560



struct audit_status {

	__u32		mask;		/* Bit mask for valid entries */

	__u32		enabled;	/* 1 = enabled, 0 = disabled */
@@ -368,11 +377,28 @@ struct audit_status { 
	__u32		backlog;	/* messages waiting in queue */

};



struct audit_features {

#define AUDIT_FEATURE_VERSION	1

	__u32	vers;

	__u32	mask;		/* which bits we are dealing with */

	__u32	features;	/* which feature to enable/disable */

	__u32	lock;		/* which features to lock */

};



#define AUDIT_FEATURE_ONLY_UNSET_LOGINUID	0

#define AUDIT_FEATURE_LOGINUID_IMMUTABLE	1

#define AUDIT_LAST_FEATURE			AUDIT_FEATURE_LOGINUID_IMMUTABLE



#define audit_feature_valid(x)		((x) >= 0 && (x) <= AUDIT_LAST_FEATURE)

#define AUDIT_FEATURE_TO_MASK(x)	(1 << ((x) & 31)) /* mask for __u32 */



struct audit_tty_status {

	__u32		enabled;	/* 1 = enabled, 0 = disabled */

	__u32		log_passwd;	/* 1 = enabled, 0 = disabled */

};



#define AUDIT_UID_UNSET (unsigned int)-1



/* audit_rule_data supports filter rules with both integer and string

 * fields.  It corresponds with AUDIT_ADD_RULE, AUDIT_DEL_RULE and

 * AUDIT_LIST_RULES requests.

CRA Git | Maintained and supported by SUSTech CRA and CCSE