audit: fix netlink portid naming and types (f9441639) · Commits · e / devices / android_kernel_oneplus_sm7250

include/linux/audit.h

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -461,7 +461,7 @@ extern int audit_update_lsm_rules(void);
	/* Private API (for audit.c only) */		/* Private API (for audit.c only) */
	extern int audit_filter_user(int type);		extern int audit_filter_user(int type);
	extern int audit_filter_type(int type);		extern int audit_filter_type(int type);
	extern int audit_receive_filter(int type, int pid, int seq,		extern int audit_receive_filter(int type, __u32 portid, int seq,
	void *data, size_t datasz);		void *data, size_t datasz);
	extern int audit_enabled;		extern int audit_enabled;
	#else /* CONFIG_AUDIT */		#else /* CONFIG_AUDIT */

kernel/audit.c

+16 −16

Original line number	Original line	Diff line number	Diff line
	@@ -93,7 +93,7 @@ static int audit_failure = AUDIT_FAIL_PRINTK;
	* the portid to use to send netlink messages to that process.		* the portid to use to send netlink messages to that process.
	*/		*/
	int audit_pid;		int audit_pid;
	static int audit_nlk_portid;		static __u32 audit_nlk_portid;

	/* If audit_rate_limit is non-zero, limit the rate of sending audit records		/* If audit_rate_limit is non-zero, limit the rate of sending audit records
	* to that number per second. This prevents DoS attacks, but results in		* to that number per second. This prevents DoS attacks, but results in
	@@ -175,15 +175,15 @@ struct audit_buffer {
	};		};

	struct audit_reply {		struct audit_reply {
	int pid;		__u32 portid;
	struct sk_buff *skb;		struct sk_buff *skb;
	};		};

	static void audit_set_pid(struct audit_buffer *ab, pid_t pid)		static void audit_set_portid(struct audit_buffer *ab, __u32 portid)
	{		{
	if (ab) {		if (ab) {
	struct nlmsghdr *nlh = nlmsg_hdr(ab->skb);		struct nlmsghdr *nlh = nlmsg_hdr(ab->skb);
	nlh->nlmsg_pid = pid;		nlh->nlmsg_pid = portid;
	}		}
	}		}

	@@ -482,7 +482,7 @@ static int kauditd_thread(void *dummy)
	int audit_send_list(void *_dest)		int audit_send_list(void *_dest)
	{		{
	struct audit_netlink_list *dest = _dest;		struct audit_netlink_list *dest = _dest;
	int pid = dest->pid;		__u32 portid = dest->portid;
	struct sk_buff *skb;		struct sk_buff *skb;

	/* wait for parent to finish and send an ACK */		/* wait for parent to finish and send an ACK */
	@@ -490,14 +490,14 @@ int audit_send_list(void *_dest)
	mutex_unlock(&audit_cmd_mutex);		mutex_unlock(&audit_cmd_mutex);

	while ((skb = __skb_dequeue(&dest->q)) != NULL)		while ((skb = __skb_dequeue(&dest->q)) != NULL)
	netlink_unicast(audit_sock, skb, pid, 0);		netlink_unicast(audit_sock, skb, portid, 0);

	kfree(dest);		kfree(dest);

	return 0;		return 0;
	}		}

	struct sk_buff *audit_make_reply(int pid, int seq, int type, int done,		struct sk_buff *audit_make_reply(__u32 portid, int seq, int type, int done,
	int multi, const void *payload, int size)		int multi, const void *payload, int size)
	{		{
	struct sk_buff *skb;		struct sk_buff *skb;
	@@ -510,7 +510,7 @@ struct sk_buff *audit_make_reply(int pid, int seq, int type, int done,
	if (!skb)		if (!skb)
	return NULL;		return NULL;

	nlh = nlmsg_put(skb, pid, seq, t, size, flags);		nlh = nlmsg_put(skb, portid, seq, t, size, flags);
	if (!nlh)		if (!nlh)
	goto out_kfree_skb;		goto out_kfree_skb;
	data = nlmsg_data(nlh);		data = nlmsg_data(nlh);
	@@ -531,13 +531,13 @@ static int audit_send_reply_thread(void *arg)

	/* Ignore failure. It'll only happen if the sender goes away,		/* Ignore failure. It'll only happen if the sender goes away,
	because our timeout is set to infinite. */		because our timeout is set to infinite. */
	netlink_unicast(audit_sock, reply->skb, reply->pid, 0);		netlink_unicast(audit_sock, reply->skb, reply->portid, 0);
	kfree(reply);		kfree(reply);
	return 0;		return 0;
	}		}
	/**		/**
	* audit_send_reply - send an audit reply message via netlink		* audit_send_reply - send an audit reply message via netlink
	* @pid: process id to send reply to		* @portid: netlink port to which to send reply
	* @seq: sequence number		* @seq: sequence number
	* @type: audit message type		* @type: audit message type
	* @done: done (last) flag		* @done: done (last) flag
	@@ -545,11 +545,11 @@ static int audit_send_reply_thread(void *arg)
	* @payload: payload data		* @payload: payload data
	* @size: payload size		* @size: payload size
	*		*
	* Allocates an skb, builds the netlink message, and sends it to the pid.		* Allocates an skb, builds the netlink message, and sends it to the port id.
	* No failure notifications.		* No failure notifications.
	*/		*/
	static void audit_send_reply(int pid, int seq, int type, int done, int multi,		static void audit_send_reply(__u32 portid, int seq, int type, int done,
	const void *payload, int size)		int multi, const void *payload, int size)
	{		{
	struct sk_buff *skb;		struct sk_buff *skb;
	struct task_struct *tsk;		struct task_struct *tsk;
	@@ -559,11 +559,11 @@ static void audit_send_reply(int pid, int seq, int type, int done, int multi,
	if (!reply)		if (!reply)
	return;		return;

	skb = audit_make_reply(pid, seq, type, done, multi, payload, size);		skb = audit_make_reply(portid, seq, type, done, multi, payload, size);
	if (!skb)		if (!skb)
	goto out;		goto out;

	reply->pid = pid;		reply->portid = portid;
	reply->skb = skb;		reply->skb = skb;

	tsk = kthread_run(audit_send_reply_thread, reply, "audit_send_reply");		tsk = kthread_run(audit_send_reply_thread, reply, "audit_send_reply");
	@@ -839,7 +839,7 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
	size--;		size--;
	audit_log_n_untrustedstring(ab, data, size);		audit_log_n_untrustedstring(ab, data, size);
	}		}
	audit_set_pid(ab, NETLINK_CB(skb).portid);		audit_set_portid(ab, NETLINK_CB(skb).portid);
	audit_log_end(ab);		audit_log_end(ab);
	}		}
	break;		break;

kernel/audit.h

+4 −4

Original line number	Original line	Diff line number	Diff line
	@@ -240,13 +240,13 @@ extern int audit_uid_comparator(kuid_t left, u32 op, kuid_t right);
	extern int audit_gid_comparator(kgid_t left, u32 op, kgid_t right);		extern int audit_gid_comparator(kgid_t left, u32 op, kgid_t right);
	extern int parent_len(const char *path);		extern int parent_len(const char *path);
	extern int audit_compare_dname_path(const char dname, const char path, int plen);		extern int audit_compare_dname_path(const char dname, const char path, int plen);
	extern struct sk_buff * audit_make_reply(int pid, int seq, int type,		extern struct sk_buff *audit_make_reply(__u32 portid, int seq, int type,
	int done, int multi,		int done, int multi,
	const void *payload, int size);		const void *payload, int size);
	extern void audit_panic(const char *message);		extern void audit_panic(const char *message);

	struct audit_netlink_list {		struct audit_netlink_list {
	int pid;		__u32 portid;
	struct sk_buff_head q;		struct sk_buff_head q;
	};		};

kernel/auditfilter.c

+10 −8

Original line number	Original line	Diff line number	Diff line
	@@ -972,7 +972,7 @@ static inline int audit_del_rule(struct audit_entry *entry)
	}		}

	/* List rules using struct audit_rule_data. */		/* List rules using struct audit_rule_data. */
	static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)		static void audit_list_rules(__u32 portid, int seq, struct sk_buff_head *q)
	{		{
	struct sk_buff *skb;		struct sk_buff *skb;
	struct audit_krule *r;		struct audit_krule *r;
	@@ -987,14 +987,15 @@ static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
	data = audit_krule_to_data(r);		data = audit_krule_to_data(r);
	if (unlikely(!data))		if (unlikely(!data))
	break;		break;
	skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 0, 1,		skb = audit_make_reply(portid, seq, AUDIT_LIST_RULES,
	data, sizeof(*data) + data->buflen);		0, 1, data,
			sizeof(*data) + data->buflen);
	if (skb)		if (skb)
	skb_queue_tail(q, skb);		skb_queue_tail(q, skb);
	kfree(data);		kfree(data);
	}		}
	}		}
	skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 1, 1, NULL, 0);		skb = audit_make_reply(portid, seq, AUDIT_LIST_RULES, 1, 1, NULL, 0);
	if (skb)		if (skb)
	skb_queue_tail(q, skb);		skb_queue_tail(q, skb);
	}		}
	@@ -1024,12 +1025,13 @@ static void audit_log_rule_change(char action, struct audit_krule rule, int re
	/**		/**
	* audit_receive_filter - apply all rules to the specified message type		* audit_receive_filter - apply all rules to the specified message type
	* @type: audit message type		* @type: audit message type
	* @pid: target pid for netlink audit messages		* @portid: target port id for netlink audit messages
	* @seq: netlink audit message sequence (serial) number		* @seq: netlink audit message sequence (serial) number
	* @data: payload data		* @data: payload data
	* @datasz: size of payload data		* @datasz: size of payload data
	*/		*/
	int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz)		int audit_receive_filter(int type, __u32 portid, int seq, void *data,
			size_t datasz)
	{		{
	struct task_struct *tsk;		struct task_struct *tsk;
	struct audit_netlink_list *dest;		struct audit_netlink_list *dest;
	@@ -1047,11 +1049,11 @@ int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz)
	dest = kmalloc(sizeof(struct audit_netlink_list), GFP_KERNEL);		dest = kmalloc(sizeof(struct audit_netlink_list), GFP_KERNEL);
	if (!dest)		if (!dest)
	return -ENOMEM;		return -ENOMEM;
	dest->pid = pid;		dest->portid = portid;
	skb_queue_head_init(&dest->q);		skb_queue_head_init(&dest->q);

	mutex_lock(&audit_filter_mutex);		mutex_lock(&audit_filter_mutex);
	audit_list_rules(pid, seq, &dest->q);		audit_list_rules(portid, seq, &dest->q);
	mutex_unlock(&audit_filter_mutex);		mutex_unlock(&audit_filter_mutex);

	tsk = kthread_run(audit_send_list, dest, "audit_send_list");		tsk = kthread_run(audit_send_list, dest, "audit_send_list");