Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dd5f5fed authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'audit.b46' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current 

* 'audit.b46' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
  [AUDIT] Add uid, gid fields to ANOM_PROMISCUOUS message
  [AUDIT] ratelimit printk messages audit
  [patch 2/2] audit: complement va_copy with va_end()
  [patch 1/2] kernel/audit.c: warning fix
  [AUDIT] create context if auditing was ever enabled
  [AUDIT] clean up audit_receive_msg()
  [AUDIT] make audit=0 really stop audit messages
  [AUDIT] break large execve argument logging into smaller messages
  [AUDIT] include audit type in audit message when using printk
  [AUDIT] do not panic on exclude messages in audit_log_pid_context()
  [AUDIT] Add End of Event record
  [AUDIT] add session id to audit messages
  [AUDIT] collect uid, loginuid, and comm in OBJ_PID records
  [AUDIT] return EINTR not ERESTART*
  [PATCH] get rid of loginuid races
  [PATCH] switch audit_get_loginuid() to task_struct *
parents 3e01dfce 7759db82

Documentation/filesystems/proc.txt

+0 −7
Original line number Diff line number Diff line
@@ -1134,13 +1134,6 @@ check the amount of free space (value is in seconds). Default settings are: 4, 
resume it  if we have a value of 3 or more percent; consider information about

the amount of free space valid for 30 seconds



audit_argv_kb

-------------



The file contains a single value denoting the limit on the argv array size

for execve (in KiB). This limit is only applied when system call auditing for

execve is enabled, otherwise the value is ignored.



ctrl-alt-del

------------

drivers/char/tty_audit.c

+13 −6
Original line number Diff line number Diff line
@@ -73,6 +73,7 @@ static void tty_audit_buf_put(struct tty_audit_buf *buf) 
 *	@tsk with @loginuid.  @buf->mutex must be locked.

 */

static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,

			       unsigned int sessionid,

			       struct tty_audit_buf *buf)

{

	struct audit_buffer *ab;
@@ -85,9 +86,9 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid, 
	if (ab) {

		char name[sizeof(tsk->comm)];



		audit_log_format(ab, "tty pid=%u uid=%u auid=%u major=%d "

				 "minor=%d comm=", tsk->pid, tsk->uid,

				 loginuid, buf->major, buf->minor);

		audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u "

				 "major=%d minor=%d comm=", tsk->pid, tsk->uid,

				 loginuid, sessionid, buf->major, buf->minor);

		get_task_comm(name, tsk);

		audit_log_untrustedstring(ab, name);

		audit_log_format(ab, " data=");
@@ -105,8 +106,9 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid, 
 */

static void tty_audit_buf_push_current(struct tty_audit_buf *buf)

{

	tty_audit_buf_push(current, audit_get_loginuid(current->audit_context),

			   buf);

	uid_t auid = audit_get_loginuid(current);

	unsigned int sessionid = audit_get_sessionid(current);

	tty_audit_buf_push(current, auid, sessionid, buf);

}



/**
@@ -152,6 +154,11 @@ void tty_audit_fork(struct signal_struct *sig) 
void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)

{

	struct tty_audit_buf *buf;

	/* FIXME I think this is correct.  Check against netlink once that is

	 * I really need to read this code more closely.  But that's for

	 * another patch.

	 */

	unsigned int sessionid = audit_get_sessionid(tsk);



	spin_lock_irq(&tsk->sighand->siglock);

	buf = tsk->signal->tty_audit_buf;
@@ -162,7 +169,7 @@ void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid) 
		return;



	mutex_lock(&buf->mutex);

	tty_audit_buf_push(tsk, loginuid, buf);

	tty_audit_buf_push(tsk, loginuid, sessionid, buf);

	mutex_unlock(&buf->mutex);



	tty_audit_buf_put(buf);

fs/proc/base.c

+1 −1
Original line number Diff line number Diff line
@@ -984,7 +984,7 @@ static ssize_t proc_loginuid_read(struct file * file, char __user * buf, 
	if (!task)

		return -ESRCH;

	length = scnprintf(tmpbuf, TMPBUFLEN, "%u",

				audit_get_loginuid(task->audit_context));

				audit_get_loginuid(task));

	put_task_struct(task);

	return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);

}

include/linux/audit.h

+9 −4
Original line number Diff line number Diff line
@@ -98,6 +98,7 @@ 
#define AUDIT_FD_PAIR		1317    /* audit record for pipe/socketpair */

#define AUDIT_OBJ_PID		1318	/* ptrace target */

#define AUDIT_TTY		1319	/* Input on an administrative TTY */

#define AUDIT_EOE		1320	/* End of multi-record event */



#define AUDIT_AVC		1400	/* SE Linux avc denial or grant */

#define AUDIT_SELINUX_ERR	1401	/* Internal SE Linux Errors */
@@ -409,7 +410,8 @@ extern unsigned int audit_serial(void); 
extern void auditsc_get_stamp(struct audit_context *ctx,

			      struct timespec *t, unsigned int *serial);

extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);

extern uid_t audit_get_loginuid(struct audit_context *ctx);

#define audit_get_loginuid(t) ((t)->loginuid)

#define audit_get_sessionid(t) ((t)->sessionid)

extern void audit_log_task_context(struct audit_buffer *ab);

extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);

extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
@@ -488,7 +490,8 @@ extern int audit_signals; 
#define audit_inode_child(d,i,p) do { ; } while (0)

#define audit_core_dumps(i) do { ; } while (0)

#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)

#define audit_get_loginuid(c) ({ -1; })

#define audit_get_loginuid(t) (-1)

#define audit_get_sessionid(t) (-1)

#define audit_log_task_context(b) do { ; } while (0)

#define audit_ipc_obj(i) ({ 0; })

#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
@@ -522,9 +525,11 @@ extern void audit_log_end(struct audit_buffer *ab); 
extern void		    audit_log_hex(struct audit_buffer *ab,

					  const unsigned char *buf,

					  size_t len);

extern const char *	    audit_log_untrustedstring(struct audit_buffer *ab,

extern int		    audit_string_contains_control(const char *string,

							  size_t len);

extern void		    audit_log_untrustedstring(struct audit_buffer *ab,

						      const char *string);

extern const char *	    audit_log_n_untrustedstring(struct audit_buffer *ab,

extern void		    audit_log_n_untrustedstring(struct audit_buffer *ab,

							size_t n,

							const char *string);

extern void		    audit_log_d_path(struct audit_buffer *ab,

include/linux/init_task.h

+8 −0
Original line number Diff line number Diff line
@@ -114,6 +114,13 @@ extern struct group_info init_groups; 
	.pid = &init_struct_pid,				\

}



#ifdef CONFIG_AUDITSYSCALL

#define INIT_IDS \

	.loginuid = -1, \

	.sessionid = -1,

#else

#define INIT_IDS

#endif

/*

 *  INIT_TASK is used to set up the first task table, touch at

 * your own risk!. Base=0, limit=0x1fffff (=2MB)
@@ -173,6 +180,7 @@ extern struct group_info init_groups; 
		[PIDTYPE_SID]  = INIT_PID_LINK(PIDTYPE_SID),		\

	},								\

	.dirties = INIT_PROP_LOCAL_SINGLE(dirties),			\

	INIT_IDS							\

	INIT_TRACE_IRQFLAGS						\

	INIT_LOCKDEP							\

}