Merge branch 'audit.b46' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current (dd5f5fed) · Commits · 戴 / test

Documentation/filesystems/proc.txt

+0 −7

Original line number	Diff line number	Diff line
		@@ -1134,13 +1134,6 @@ check the amount of free space (value is in seconds). Default settings are: 4,
		resume it if we have a value of 3 or more percent; consider information about
		the amount of free space valid for 30 seconds

		audit_argv_kb
		-------------

		The file contains a single value denoting the limit on the argv array size
		for execve (in KiB). This limit is only applied when system call auditing for
		execve is enabled, otherwise the value is ignored.

		ctrl-alt-del
		------------

drivers/char/tty_audit.c

+13 −6

Original line number	Diff line number	Diff line
		@@ -73,6 +73,7 @@ static void tty_audit_buf_put(struct tty_audit_buf *buf)
		* @tsk with @loginuid. @buf->mutex must be locked.
		*/
		static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
		unsigned int sessionid,
		struct tty_audit_buf *buf)
		{
		struct audit_buffer *ab;
		@@ -85,9 +86,9 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
		if (ab) {
		char name[sizeof(tsk->comm)];

		audit_log_format(ab, "tty pid=%u uid=%u auid=%u major=%d "
		"minor=%d comm=", tsk->pid, tsk->uid,
		loginuid, buf->major, buf->minor);
		audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u "
		"major=%d minor=%d comm=", tsk->pid, tsk->uid,
		loginuid, sessionid, buf->major, buf->minor);
		get_task_comm(name, tsk);
		audit_log_untrustedstring(ab, name);
		audit_log_format(ab, " data=");
		@@ -105,8 +106,9 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
		*/
		static void tty_audit_buf_push_current(struct tty_audit_buf *buf)
		{
		tty_audit_buf_push(current, audit_get_loginuid(current->audit_context),
		buf);
		uid_t auid = audit_get_loginuid(current);
		unsigned int sessionid = audit_get_sessionid(current);
		tty_audit_buf_push(current, auid, sessionid, buf);
		}

		/**
		@@ -152,6 +154,11 @@ void tty_audit_fork(struct signal_struct *sig)
		void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)
		{
		struct tty_audit_buf *buf;
		/* FIXME I think this is correct. Check against netlink once that is
		* I really need to read this code more closely. But that's for
		* another patch.
		*/
		unsigned int sessionid = audit_get_sessionid(tsk);

		spin_lock_irq(&tsk->sighand->siglock);
		buf = tsk->signal->tty_audit_buf;
		@@ -162,7 +169,7 @@ void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)
		return;

		mutex_lock(&buf->mutex);
		tty_audit_buf_push(tsk, loginuid, buf);
		tty_audit_buf_push(tsk, loginuid, sessionid, buf);
		mutex_unlock(&buf->mutex);

		tty_audit_buf_put(buf);

fs/proc/base.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -984,7 +984,7 @@ static ssize_t proc_loginuid_read(struct file * file, char __user * buf,
		if (!task)
		return -ESRCH;
		length = scnprintf(tmpbuf, TMPBUFLEN, "%u",
		audit_get_loginuid(task->audit_context));
		audit_get_loginuid(task));
		put_task_struct(task);
		return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
		}

include/linux/audit.h

+9 −4

Original line number	Diff line number	Diff line
		@@ -98,6 +98,7 @@
		#define AUDIT_FD_PAIR 1317 /* audit record for pipe/socketpair */
		#define AUDIT_OBJ_PID 1318 /* ptrace target */
		#define AUDIT_TTY 1319 /* Input on an administrative TTY */
		#define AUDIT_EOE 1320 /* End of multi-record event */

		#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
		#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
		@@ -409,7 +410,8 @@ extern unsigned int audit_serial(void);
		extern void auditsc_get_stamp(struct audit_context *ctx,
		struct timespec t, unsigned int serial);
		extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
		extern uid_t audit_get_loginuid(struct audit_context *ctx);
		#define audit_get_loginuid(t) ((t)->loginuid)
		#define audit_get_sessionid(t) ((t)->sessionid)
		extern void audit_log_task_context(struct audit_buffer *ab);
		extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);
		extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
		@@ -488,7 +490,8 @@ extern int audit_signals;
		#define audit_inode_child(d,i,p) do { ; } while (0)
		#define audit_core_dumps(i) do { ; } while (0)
		#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
		#define audit_get_loginuid(c) ({ -1; })
		#define audit_get_loginuid(t) (-1)
		#define audit_get_sessionid(t) (-1)
		#define audit_log_task_context(b) do { ; } while (0)
		#define audit_ipc_obj(i) ({ 0; })
		#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
		@@ -522,9 +525,11 @@ extern void audit_log_end(struct audit_buffer *ab);
		extern void audit_log_hex(struct audit_buffer *ab,
		const unsigned char *buf,
		size_t len);
		extern const char * audit_log_untrustedstring(struct audit_buffer *ab,
		extern int audit_string_contains_control(const char *string,
		size_t len);
		extern void audit_log_untrustedstring(struct audit_buffer *ab,
		const char *string);
		extern const char * audit_log_n_untrustedstring(struct audit_buffer *ab,
		extern void audit_log_n_untrustedstring(struct audit_buffer *ab,
		size_t n,
		const char *string);
		extern void audit_log_d_path(struct audit_buffer *ab,

include/linux/init_task.h

+8 −0

Original line number	Diff line number	Diff line
		@@ -114,6 +114,13 @@ extern struct group_info init_groups;
		.pid = &init_struct_pid, \
		}

		#ifdef CONFIG_AUDITSYSCALL
		#define INIT_IDS \
		.loginuid = -1, \
		.sessionid = -1,
		#else
		#define INIT_IDS
		#endif
		/*
		* INIT_TASK is used to set up the first task table, touch at
		* your own risk!. Base=0, limit=0x1fffff (=2MB)
		@@ -173,6 +180,7 @@ extern struct group_info init_groups;
		[PIDTYPE_SID] = INIT_PID_LINK(PIDTYPE_SID), \
		}, \
		.dirties = INIT_PROP_LOCAL_SINGLE(dirties), \
		INIT_IDS \
		INIT_TRACE_IRQFLAGS \
		INIT_LOCKDEP \
		}

Admin message