Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2532386f authored Apr 18, 2008 by Eric Paris Committed by Al Viro Apr 28, 2008

Audit: collect sessionid in netlink messages



Previously I added sessionid output to all audit messages where it was
available but we still didn't know the sessionid of the sender of
netlink messages.  This patch adds that information to netlink messages
so we can audit who sent netlink messages.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

parent 436c405c

drivers/char/tty_audit.c

+1 −6

Original line number	Original line	Diff line number	Diff line
	@@ -151,14 +151,9 @@ void tty_audit_fork(struct signal_struct *sig)
	/**		/**
	* tty_audit_push_task - Flush task's pending audit data		* tty_audit_push_task - Flush task's pending audit data
	*/		*/
	void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)		void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
	{		{
	struct tty_audit_buf *buf;		struct tty_audit_buf *buf;
	/* FIXME I think this is correct. Check against netlink once that is
	* I really need to read this code more closely. But that's for
	* another patch.
	*/
	unsigned int sessionid = audit_get_sessionid(tsk);

	spin_lock_irq(&tsk->sighand->siglock);		spin_lock_irq(&tsk->sighand->siglock);
	buf = tsk->signal->tty_audit_buf;		buf = tsk->signal->tty_audit_buf;

include/linux/audit.h

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -569,7 +569,8 @@ extern int audit_update_lsm_rules(void);
	extern int audit_filter_user(struct netlink_skb_parms *cb, int type);		extern int audit_filter_user(struct netlink_skb_parms *cb, int type);
	extern int audit_filter_type(int type);		extern int audit_filter_type(int type);
	extern int audit_receive_filter(int type, int pid, int uid, int seq,		extern int audit_receive_filter(int type, int pid, int uid, int seq,
	void *data, size_t datasz, uid_t loginuid, u32 sid);		void *data, size_t datasz, uid_t loginuid,
			u32 sessionid, u32 sid);
	extern int audit_enabled;		extern int audit_enabled;
	#else		#else
	#define audit_log(c,g,t,f,...) do { ; } while (0)		#define audit_log(c,g,t,f,...) do { ; } while (0)

include/linux/netlink.h

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -166,6 +166,7 @@ struct netlink_skb_parms
	__u32 dst_group;		__u32 dst_group;
	kernel_cap_t eff_cap;		kernel_cap_t eff_cap;
	__u32 loginuid; /* Login (audit) uid */		__u32 loginuid; /* Login (audit) uid */
			__u32 sessionid; /* Session id (audit) */
	__u32 sid; /* SELinux security id */		__u32 sid; /* SELinux security id */
	};		};

include/linux/tty.h

+2 −2

Original line number	Original line	Diff line number	Diff line
	@@ -351,7 +351,7 @@ extern void tty_audit_add_data(struct tty_struct tty, unsigned char data,
	extern void tty_audit_exit(void);		extern void tty_audit_exit(void);
	extern void tty_audit_fork(struct signal_struct *sig);		extern void tty_audit_fork(struct signal_struct *sig);
	extern void tty_audit_push(struct tty_struct *tty);		extern void tty_audit_push(struct tty_struct *tty);
	extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid);		extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid);
	extern void tty_audit_opening(void);		extern void tty_audit_opening(void);
	#else		#else
	static inline void tty_audit_add_data(struct tty_struct *tty,		static inline void tty_audit_add_data(struct tty_struct *tty,
	@@ -367,7 +367,7 @@ static inline void tty_audit_fork(struct signal_struct *sig)
	static inline void tty_audit_push(struct tty_struct *tty)		static inline void tty_audit_push(struct tty_struct *tty)
	{		{
	}		}
	static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)		static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
	{		{
	}		}
	static inline void tty_audit_opening(void)		static inline void tty_audit_opening(void)

include/net/netlabel.h

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -103,6 +103,7 @@ struct cipso_v4_doi;
	struct netlbl_audit {		struct netlbl_audit {
	u32 secid;		u32 secid;
	uid_t loginuid;		uid_t loginuid;
			u32 sessionid;
	};		};

	/*		/*