audit: Don't pass pid or uid to audit_log_common_recv_msg (860c0aaf) · Commits · 戴 / test

kernel/audit.c

+14 −15

Original line number	Diff line number	Diff line
		@@ -607,8 +607,7 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
		}

		static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
		u32 pid, u32 uid, uid_t auid, u32 ses,
		u32 sid)
		uid_t auid, u32 ses, u32 sid)
		{
		int rc = 0;
		char *ctx = NULL;
		@@ -621,7 +620,9 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,

		*ab = audit_log_start(NULL, GFP_KERNEL, msg_type);
		audit_log_format(*ab, "pid=%d uid=%u auid=%u ses=%u",
		pid, uid, auid, ses);
		task_tgid_vnr(current),
		from_kuid(&init_user_ns, current_uid()),
		auid, ses);
		if (sid) {
		rc = security_secid_to_secctx(sid, &ctx, &len);
		if (rc)
		@@ -637,7 +638,7 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,

		static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
		{
		u32 uid, pid, seq, sid;
		u32 seq, sid;
		void *data;
		struct audit_status *status_get, status_set;
		int err;
		@@ -663,8 +664,6 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
		return err;
		}

		pid = NETLINK_CREDS(skb)->pid;
		uid = NETLINK_CREDS(skb)->uid;
		loginuid = audit_get_loginuid(current);
		sessionid = audit_get_sessionid(current);
		security_task_getsecid(current, &sid);
		@@ -735,7 +734,7 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
		if (err)
		break;
		}
		audit_log_common_recv_msg(&ab, msg_type, pid, uid,
		audit_log_common_recv_msg(&ab, msg_type,
		loginuid, sessionid, sid);

		if (msg_type != AUDIT_USER_TTY)
		@@ -760,8 +759,8 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
		if (nlmsg_len(nlh) < sizeof(struct audit_rule))
		return -EINVAL;
		if (audit_enabled == AUDIT_LOCKED) {
		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
		uid, loginuid, sessionid, sid);
		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
		loginuid, sessionid, sid);

		audit_log_format(ab, " audit_enabled=%d res=0",
		audit_enabled);
		@@ -779,8 +778,8 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
		if (nlmsg_len(nlh) < sizeof(struct audit_rule_data))
		return -EINVAL;
		if (audit_enabled == AUDIT_LOCKED) {
		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
		uid, loginuid, sessionid, sid);
		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
		loginuid, sessionid, sid);

		audit_log_format(ab, " audit_enabled=%d res=0",
		audit_enabled);
		@@ -796,8 +795,8 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
		case AUDIT_TRIM:
		audit_trim_trees();

		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
		uid, loginuid, sessionid, sid);
		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
		loginuid, sessionid, sid);

		audit_log_format(ab, " op=trim res=1");
		audit_log_end(ab);
		@@ -828,8 +827,8 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
		/* OK, here comes... */
		err = audit_tag_tree(old, new);

		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
		uid, loginuid, sessionid, sid);
		audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE,
		loginuid, sessionid, sid);

		audit_log_format(ab, " op=make_equiv old=");
		audit_log_untrustedstring(ab, old);

Admin message