[AUDIT] add session id to audit messages

 *	@tsk with @loginuid.  @buf->mutex must be locked.

 *	@tsk with @loginuid.  @buf->mutex must be locked.

 */

 */

static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,

static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,

			       unsigned int sessionid,

			       struct tty_audit_buf *buf)

			       struct tty_audit_buf *buf)

{

{

	struct audit_buffer *ab;

	struct audit_buffer *ab;

	if (ab) {

	if (ab) {

		char name[sizeof(tsk->comm)];

		char name[sizeof(tsk->comm)];

		audit_log_format(ab, "tty pid=%u uid=%u auid=%u major=%d "

		audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u "

				 "minor=%d comm=", tsk->pid, tsk->uid,

				 "major=%d minor=%d comm=", tsk->pid, tsk->uid,

				 loginuid, buf->major, buf->minor);

				 loginuid, sessionid, buf->major, buf->minor);

		get_task_comm(name, tsk);

		get_task_comm(name, tsk);

		audit_log_untrustedstring(ab, name);

		audit_log_untrustedstring(ab, name);

		audit_log_format(ab, " data=");

		audit_log_format(ab, " data=");

 */

 */

static void tty_audit_buf_push_current(struct tty_audit_buf *buf)

static void tty_audit_buf_push_current(struct tty_audit_buf *buf)

{

{

	tty_audit_buf_push(current, audit_get_loginuid(current), buf);

	uid_t auid = audit_get_loginuid(current);

	unsigned int sessionid = audit_get_sessionid(current);

	tty_audit_buf_push(current, auid, sessionid, buf);

}

}

/**

/**

void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)

void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)

{

{

	struct tty_audit_buf *buf;

	struct tty_audit_buf *buf;

	/* FIXME I think this is correct.  Check against netlink once that is

	 * I really need to read this code more closely.  But that's for

	 * another patch.

	 */

	unsigned int sessionid = audit_get_sessionid(tsk);

	spin_lock_irq(&tsk->sighand->siglock);

	spin_lock_irq(&tsk->sighand->siglock);

	buf = tsk->signal->tty_audit_buf;

	buf = tsk->signal->tty_audit_buf;

		return;

		return;

	mutex_lock(&buf->mutex);

	mutex_lock(&buf->mutex);

	tty_audit_buf_push(tsk, loginuid, buf);

	tty_audit_buf_push(tsk, loginuid, sessionid, buf);

	mutex_unlock(&buf->mutex);

	mutex_unlock(&buf->mutex);

	tty_audit_buf_put(buf);

	tty_audit_buf_put(buf);

			      struct timespec *t, unsigned int *serial);

			      struct timespec *t, unsigned int *serial);

extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);

extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);

#define audit_get_loginuid(t) ((t)->loginuid)

#define audit_get_loginuid(t) ((t)->loginuid)

#define audit_get_sessionid(t) ((t)->sessionid)

extern void audit_log_task_context(struct audit_buffer *ab);

extern void audit_log_task_context(struct audit_buffer *ab);

extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);

extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);

extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);

extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);

#define audit_core_dumps(i) do { ; } while (0)

#define audit_core_dumps(i) do { ; } while (0)

#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)

#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)

#define audit_get_loginuid(t) (-1)

#define audit_get_loginuid(t) (-1)

#define audit_get_sessionid(t) (-1)

#define audit_log_task_context(b) do { ; } while (0)

#define audit_log_task_context(b) do { ; } while (0)

#define audit_ipc_obj(i) ({ 0; })

#define audit_ipc_obj(i) ({ 0; })

#define audit_ipc_set_perm(q,u,g,m) ({ 0; })

#define audit_ipc_set_perm(q,u,g,m) ({ 0; })

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDITSYSCALL

#define INIT_IDS \

#define INIT_IDS \

	.loginuid = -1,

	.loginuid = -1, \

	.sessionid = -1,

#else

#else

#define INIT_IDS

#define INIT_IDS

#endif

#endif

	struct audit_context *audit_context;

	struct audit_context *audit_context;

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDITSYSCALL

	uid_t loginuid;

	uid_t loginuid;

	unsigned int sessionid;

#endif

#endif

	seccomp_t seccomp;

	seccomp_t seccomp;

	pid_t			target_pid[AUDIT_AUX_PIDS];

	pid_t			target_pid[AUDIT_AUX_PIDS];

	uid_t			target_auid[AUDIT_AUX_PIDS];

	uid_t			target_auid[AUDIT_AUX_PIDS];

	uid_t			target_uid[AUDIT_AUX_PIDS];

	uid_t			target_uid[AUDIT_AUX_PIDS];

	unsigned int		target_sessionid[AUDIT_AUX_PIDS];

	u32			target_sid[AUDIT_AUX_PIDS];

	u32			target_sid[AUDIT_AUX_PIDS];

	char 			target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN];

	char 			target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN];

	int			pid_count;

	int			pid_count;

	pid_t		    target_pid;

	pid_t		    target_pid;

	uid_t		    target_auid;

	uid_t		    target_auid;

	uid_t		    target_uid;

	uid_t		    target_uid;

	unsigned int	    target_sessionid;

	u32		    target_sid;

	u32		    target_sid;

	char		    target_comm[TASK_COMM_LEN];

	char		    target_comm[TASK_COMM_LEN];

}

}

static int audit_log_pid_context(struct audit_context *context, pid_t pid,

static int audit_log_pid_context(struct audit_context *context, pid_t pid,

				 uid_t auid, uid_t uid, u32 sid, char *comm)

				 uid_t auid, uid_t uid, unsigned int sessionid,

				 u32 sid, char *comm)

{

{

	struct audit_buffer *ab;

	struct audit_buffer *ab;

	char *s = NULL;

	char *s = NULL;

	if (!ab)

	if (!ab)

		return 1;

		return 1;

	audit_log_format(ab, "opid=%d oauid=%d ouid=%d", pid, auid, uid);

	audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, auid,

			 uid, sessionid);

	if (selinux_sid_to_string(sid, &s, &len)) {

	if (selinux_sid_to_string(sid, &s, &len)) {

		audit_log_format(ab, " obj=(none)");

		audit_log_format(ab, " obj=(none)");

		rc = 1;

		rc = 1;

		  " a0=%lx a1=%lx a2=%lx a3=%lx items=%d"

		  " a0=%lx a1=%lx a2=%lx a3=%lx items=%d"

		  " ppid=%d pid=%d auid=%u uid=%u gid=%u"

		  " ppid=%d pid=%d auid=%u uid=%u gid=%u"

		  " euid=%u suid=%u fsuid=%u"

		  " euid=%u suid=%u fsuid=%u"

		  " egid=%u sgid=%u fsgid=%u tty=%s",

		  " egid=%u sgid=%u fsgid=%u tty=%s ses=%u",

		  context->argv[0],

		  context->argv[0],

		  context->argv[1],

		  context->argv[1],

		  context->argv[2],

		  context->argv[2],

		  context->uid,

		  context->uid,

		  context->gid,

		  context->gid,

		  context->euid, context->suid, context->fsuid,

		  context->euid, context->suid, context->fsuid,

		  context->egid, context->sgid, context->fsgid, tty);

		  context->egid, context->sgid, context->fsgid, tty,

		  tsk->sessionid);

	mutex_unlock(&tty_mutex);

	mutex_unlock(&tty_mutex);

			if (audit_log_pid_context(context, axs->target_pid[i],

			if (audit_log_pid_context(context, axs->target_pid[i],

						  axs->target_auid[i],

						  axs->target_auid[i],

						  axs->target_uid[i],

						  axs->target_uid[i],

						  axs->target_sessionid[i],

						  axs->target_sid[i],

						  axs->target_sid[i],

						  axs->target_comm[i]))

						  axs->target_comm[i]))

				call_panic = 1;

				call_panic = 1;

	if (context->target_pid &&

	if (context->target_pid &&

	    audit_log_pid_context(context, context->target_pid,

	    audit_log_pid_context(context, context->target_pid,

				  context->target_auid, context->target_uid,

				  context->target_auid, context->target_uid,

				  context->target_sessionid,

				  context->target_sid, context->target_comm))

				  context->target_sid, context->target_comm))

			call_panic = 1;

			call_panic = 1;

	ctx->auditable = 1;

	ctx->auditable = 1;

}

}

/* global counter which is incremented every time something logs in */

static atomic_t session_id = ATOMIC_INIT(0);

/**

/**

 * audit_set_loginuid - set a task's audit_context loginuid

 * audit_set_loginuid - set a task's audit_context loginuid

 * @task: task whose audit context is being modified

 * @task: task whose audit context is being modified

 */

 */

int audit_set_loginuid(struct task_struct *task, uid_t loginuid)

int audit_set_loginuid(struct task_struct *task, uid_t loginuid)

{

{

	unsigned int sessionid = atomic_inc_return(&session_id);

	struct audit_context *context = task->audit_context;

	struct audit_context *context = task->audit_context;

	if (context && context->in_syscall) {

	if (context && context->in_syscall) {

		ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);

		ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);

		if (ab) {

		if (ab) {

			audit_log_format(ab, "login pid=%d uid=%u "

			audit_log_format(ab, "login pid=%d uid=%u "

				"old auid=%u new auid=%u",

				"old auid=%u new auid=%u"

				" old ses=%u new ses=%u",

				task->pid, task->uid,

				task->pid, task->uid,

				task->loginuid, loginuid);

				task->loginuid, loginuid,

				task->sessionid, sessionid);

			audit_log_end(ab);

			audit_log_end(ab);

		}

		}

	}

	}

	task->sessionid = sessionid;

	task->loginuid = loginuid;

	task->loginuid = loginuid;

	return 0;

	return 0;

}

}

	context->target_pid = t->pid;

	context->target_pid = t->pid;

	context->target_auid = audit_get_loginuid(t);

	context->target_auid = audit_get_loginuid(t);

	context->target_uid = t->uid;

	context->target_uid = t->uid;

	context->target_sessionid = audit_get_sessionid(t);

	selinux_get_task_sid(t, &context->target_sid);

	selinux_get_task_sid(t, &context->target_sid);

	memcpy(context->target_comm, t->comm, TASK_COMM_LEN);

	memcpy(context->target_comm, t->comm, TASK_COMM_LEN);

}

}

		ctx->target_pid = t->tgid;

		ctx->target_pid = t->tgid;

		ctx->target_auid = audit_get_loginuid(t);

		ctx->target_auid = audit_get_loginuid(t);

		ctx->target_uid = t->uid;

		ctx->target_uid = t->uid;

		ctx->target_sessionid = audit_get_sessionid(t);

		selinux_get_task_sid(t, &ctx->target_sid);

		selinux_get_task_sid(t, &ctx->target_sid);

		memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);

		memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);

		return 0;

		return 0;

	axp->target_pid[axp->pid_count] = t->tgid;

	axp->target_pid[axp->pid_count] = t->tgid;

	axp->target_auid[axp->pid_count] = audit_get_loginuid(t);

	axp->target_auid[axp->pid_count] = audit_get_loginuid(t);

	axp->target_uid[axp->pid_count] = t->uid;

	axp->target_uid[axp->pid_count] = t->uid;

	axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t);

	selinux_get_task_sid(t, &axp->target_sid[axp->pid_count]);

	selinux_get_task_sid(t, &axp->target_sid[axp->pid_count]);

	memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN);

	memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN);

	axp->pid_count++;

	axp->pid_count++;

{

{

	struct audit_buffer *ab;

	struct audit_buffer *ab;

	u32 sid;

	u32 sid;

	uid_t auid = audit_get_loginuid(current);

	unsigned int sessionid = audit_get_sessionid(current);

	if (!audit_enabled)

	if (!audit_enabled)

		return;

		return;

		return;

		return;

	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND);

	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND);

	audit_log_format(ab, "auid=%u uid=%u gid=%u",

	audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u",

			audit_get_loginuid(current),

			auid, current->uid, current->gid, sessionid);

			current->uid, current->gid);

	selinux_get_task_sid(current, &sid);

	selinux_get_task_sid(current, &sid);

	if (sid) {

	if (sid) {

		char *ctx = NULL;

		char *ctx = NULL;