Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c53fa1ed authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller
Browse files

netlink: kill loginuid/sessionid/sid members from struct netlink_skb_parms



Netlink message processing in the kernel is synchronous these days, the
session information can be collected when needed.

Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 06dc94b1
Loading
Loading
Loading
Loading
+0 −3
Original line number Diff line number Diff line
@@ -161,9 +161,6 @@ struct netlink_skb_parms {
	__u32			pid;
	__u32			dst_group;
	kernel_cap_t		eff_cap;
	__u32			loginuid;	/* Login (audit) uid */
	__u32			sessionid;	/* Session id (audit) */
	__u32			sid;		/* SELinux security id */
};

#define NETLINK_CB(skb)		(*(struct netlink_skb_parms*)&((skb)->cb))
+3 −3
Original line number Diff line number Diff line
@@ -673,9 +673,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)

	pid  = NETLINK_CREDS(skb)->pid;
	uid  = NETLINK_CREDS(skb)->uid;
	loginuid = NETLINK_CB(skb).loginuid;
	sessionid = NETLINK_CB(skb).sessionid;
	sid  = NETLINK_CB(skb).sid;
	loginuid = audit_get_loginuid(current);
	sessionid = audit_get_sessionid(current);
	security_task_getsecid(current, &sid);
	seq  = nlh->nlmsg_seq;
	data = NLMSG_DATA(nlh);

+7 −3
Original line number Diff line number Diff line
@@ -1238,6 +1238,7 @@ static int audit_filter_user_rules(struct netlink_skb_parms *cb,
	for (i = 0; i < rule->field_count; i++) {
		struct audit_field *f = &rule->fields[i];
		int result = 0;
		u32 sid;

		switch (f->type) {
		case AUDIT_PID:
@@ -1250,19 +1251,22 @@ static int audit_filter_user_rules(struct netlink_skb_parms *cb,
			result = audit_comparator(cb->creds.gid, f->op, f->val);
			break;
		case AUDIT_LOGINUID:
			result = audit_comparator(cb->loginuid, f->op, f->val);
			result = audit_comparator(audit_get_loginuid(current),
						  f->op, f->val);
			break;
		case AUDIT_SUBJ_USER:
		case AUDIT_SUBJ_ROLE:
		case AUDIT_SUBJ_TYPE:
		case AUDIT_SUBJ_SEN:
		case AUDIT_SUBJ_CLR:
			if (f->lsm_rule)
				result = security_audit_rule_match(cb->sid,
			if (f->lsm_rule) {
				security_task_getsecid(current, &sid);
				result = security_audit_rule_match(sid,
								   f->type,
								   f->op,
								   f->lsm_rule,
								   NULL);
			}
			break;
		}

+3 −3
Original line number Diff line number Diff line
@@ -49,9 +49,9 @@
static inline void netlbl_netlink_auditinfo(struct sk_buff *skb,
					    struct netlbl_audit *audit_info)
{
	audit_info->secid = NETLINK_CB(skb).sid;
	audit_info->loginuid = NETLINK_CB(skb).loginuid;
	audit_info->sessionid = NETLINK_CB(skb).sessionid;
	security_task_getsecid(current, &audit_info->secid);
	audit_info->loginuid = audit_get_loginuid(current);
	audit_info->sessionid = audit_get_sessionid(current);
}

/* NetLabel NETLINK I/O functions */
+0 −3
Original line number Diff line number Diff line
@@ -1362,9 +1362,6 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,

	NETLINK_CB(skb).pid	= nlk->pid;
	NETLINK_CB(skb).dst_group = dst_group;
	NETLINK_CB(skb).loginuid = audit_get_loginuid(current);
	NETLINK_CB(skb).sessionid = audit_get_sessionid(current);
	security_task_getsecid(current, &(NETLINK_CB(skb).sid));
	memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred));

	/* What can I do? Netlink is asynchronous, so that
Loading