[PATCH] AUDIT_FD_PAIR (db349509) · Commits · e / devices / android_kernel_teracube_emerald

fs/pipe.c

+7 −0

Original line number	Original line	Diff line number	Diff line
	@@ -16,6 +16,7 @@
	#include <linux/uio.h>		#include <linux/uio.h>
	#include <linux/highmem.h>		#include <linux/highmem.h>
	#include <linux/pagemap.h>		#include <linux/pagemap.h>
			#include <linux/audit.h>

	#include <asm/uaccess.h>		#include <asm/uaccess.h>
	#include <asm/ioctls.h>		#include <asm/ioctls.h>
	@@ -985,6 +986,10 @@ int do_pipe(int *fd)
	goto err_fdr;		goto err_fdr;
	fdw = error;		fdw = error;

			error = audit_fd_pair(fdr, fdw);
			if (error < 0)
			goto err_fdw;

	fd_install(fdr, fr);		fd_install(fdr, fr);
	fd_install(fdw, fw);		fd_install(fdw, fw);
	fd[0] = fdr;		fd[0] = fdr;
	@@ -992,6 +997,8 @@ int do_pipe(int *fd)

	return 0;		return 0;

			err_fdw:
			put_unused_fd(fdw);
	err_fdr:		err_fdr:
	put_unused_fd(fdr);		put_unused_fd(fdr);
	err_read_pipe:		err_read_pipe:

include/linux/audit.h

+9 −0

Original line number	Original line	Diff line number	Diff line
	@@ -89,6 +89,7 @@
	#define AUDIT_MQ_NOTIFY 1314 /* POSIX MQ notify record type */		#define AUDIT_MQ_NOTIFY 1314 /* POSIX MQ notify record type */
	#define AUDIT_MQ_GETSETATTR 1315 /* POSIX MQ get/set attribute record type */		#define AUDIT_MQ_GETSETATTR 1315 /* POSIX MQ get/set attribute record type */
	#define AUDIT_KERNEL_OTHER 1316 /* For use by 3rd party modules */		#define AUDIT_KERNEL_OTHER 1316 /* For use by 3rd party modules */
			#define AUDIT_FD_PAIR 1317 /* audit record for pipe/socketpair */

	#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */		#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
	#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */		#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
	@@ -387,6 +388,7 @@ extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode
	extern int audit_bprm(struct linux_binprm *bprm);		extern int audit_bprm(struct linux_binprm *bprm);
	extern int audit_socketcall(int nargs, unsigned long *args);		extern int audit_socketcall(int nargs, unsigned long *args);
	extern int audit_sockaddr(int len, void *addr);		extern int audit_sockaddr(int len, void *addr);
			extern int __audit_fd_pair(int fd1, int fd2);
	extern int audit_avc_path(struct dentry dentry, struct vfsmount mnt);		extern int audit_avc_path(struct dentry dentry, struct vfsmount mnt);
	extern int audit_set_macxattr(const char *name);		extern int audit_set_macxattr(const char *name);
	extern int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr);		extern int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr);
	@@ -401,6 +403,12 @@ static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp)
	return __audit_ipc_obj(ipcp);		return __audit_ipc_obj(ipcp);
	return 0;		return 0;
	}		}
			static inline int audit_fd_pair(int fd1, int fd2)
			{
			if (unlikely(!audit_dummy_context()))
			return __audit_fd_pair(fd1, fd2);
			return 0;
			}
	static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)		static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
	{		{
	if (unlikely(!audit_dummy_context()))		if (unlikely(!audit_dummy_context()))
	@@ -459,6 +467,7 @@ extern int audit_n_rules;
	#define audit_ipc_set_perm(q,u,g,m) ({ 0; })		#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
	#define audit_bprm(p) ({ 0; })		#define audit_bprm(p) ({ 0; })
	#define audit_socketcall(n,a) ({ 0; })		#define audit_socketcall(n,a) ({ 0; })
			#define audit_fd_pair(n,a) ({ 0; })
	#define audit_sockaddr(len, addr) ({ 0; })		#define audit_sockaddr(len, addr) ({ 0; })
	#define audit_avc_path(dentry, mnt) ({ 0; })		#define audit_avc_path(dentry, mnt) ({ 0; })
	#define audit_set_macxattr(n) do { ; } while (0)		#define audit_set_macxattr(n) do { ; } while (0)

kernel/auditsc.c

+40 −0

Original line number	Original line	Diff line number	Diff line
	@@ -170,6 +170,11 @@ struct audit_aux_data_sockaddr {
	char a[0];		char a[0];
	};		};

			struct audit_aux_data_fd_pair {
			struct audit_aux_data d;
			int fd[2];
			};

	struct audit_aux_data_path {		struct audit_aux_data_path {
	struct audit_aux_data d;		struct audit_aux_data d;
	struct dentry *dentry;		struct dentry *dentry;
	@@ -961,6 +966,11 @@ static void audit_log_exit(struct audit_context context, struct task_struct ts
	audit_log_d_path(ab, "path=", axi->dentry, axi->mnt);		audit_log_d_path(ab, "path=", axi->dentry, axi->mnt);
	break; }		break; }

			case AUDIT_FD_PAIR: {
			struct audit_aux_data_fd_pair axs = (void )aux;
			audit_log_format(ab, "fd0=%d fd1=%d", axs->fd[0], axs->fd[1]);
			break; }

	}		}
	audit_log_end(ab);		audit_log_end(ab);
	}		}
	@@ -1814,6 +1824,36 @@ int audit_socketcall(int nargs, unsigned long *args)
	return 0;		return 0;
	}		}

			/**
			* __audit_fd_pair - record audit data for pipe and socketpair
			* @fd1: the first file descriptor
			* @fd2: the second file descriptor
			*
			* Returns 0 for success or NULL context or < 0 on error.
			*/
			int __audit_fd_pair(int fd1, int fd2)
			{
			struct audit_context *context = current->audit_context;
			struct audit_aux_data_fd_pair *ax;

			if (likely(!context)) {
			return 0;
			}

			ax = kmalloc(sizeof(*ax), GFP_KERNEL);
			if (!ax) {
			return -ENOMEM;
			}

			ax->fd[0] = fd1;
			ax->fd[1] = fd2;

			ax->d.type = AUDIT_FD_PAIR;
			ax->d.next = context->aux;
			context->aux = (void *)ax;
			return 0;
			}

	/**		/**
	* audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto		* audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto
	* @len: data length in user space		* @len: data length in user space

net/socket.c

+39 −13

Original line number	Original line	Diff line number	Diff line
	@@ -1194,6 +1194,7 @@ asmlinkage long sys_socketpair(int family, int type, int protocol,
	{		{
	struct socket sock1, sock2;		struct socket sock1, sock2;
	int fd1, fd2, err;		int fd1, fd2, err;
			struct file newfile1, newfile2;

	/*		/*
	* Obtain the first socket and check if the underlying protocol		* Obtain the first socket and check if the underlying protocol
	@@ -1212,18 +1213,37 @@ asmlinkage long sys_socketpair(int family, int type, int protocol,
	if (err < 0)		if (err < 0)
	goto out_release_both;		goto out_release_both;

	fd1 = fd2 = -1;		fd1 = sock_alloc_fd(&newfile1);
			if (unlikely(fd1 < 0))
			goto out_release_both;

	err = sock_map_fd(sock1);		fd2 = sock_alloc_fd(&newfile2);
	if (err < 0)		if (unlikely(fd2 < 0)) {
			put_filp(newfile1);
			put_unused_fd(fd1);
	goto out_release_both;		goto out_release_both;
	fd1 = err;		}

	err = sock_map_fd(sock2);		err = sock_attach_fd(sock1, newfile1);
	if (err < 0)		if (unlikely(err < 0)) {
	goto out_close_1;		goto out_fd2;
	fd2 = err;		}

			err = sock_attach_fd(sock2, newfile2);
			if (unlikely(err < 0)) {
			fput(newfile1);
			goto out_fd1;
			}

			err = audit_fd_pair(fd1, fd2);
			if (err < 0) {
			fput(newfile1);
			fput(newfile2);
			goto out_fd;
			}

			fd_install(fd1, newfile1);
			fd_install(fd2, newfile2);
	/* fd1 and fd2 may be already another descriptors.		/* fd1 and fd2 may be already another descriptors.
	* Not kernel problem.		* Not kernel problem.
	*/		*/
	@@ -1238,17 +1258,23 @@ asmlinkage long sys_socketpair(int family, int type, int protocol,
	sys_close(fd1);		sys_close(fd1);
	return err;		return err;

	out_close_1:
	sock_release(sock2);
	sys_close(fd1);
	return err;

	out_release_both:		out_release_both:
	sock_release(sock2);		sock_release(sock2);
	out_release_1:		out_release_1:
	sock_release(sock1);		sock_release(sock1);
	out:		out:
	return err;		return err;

			out_fd2:
			put_filp(newfile1);
			sock_release(sock1);
			out_fd1:
			put_filp(newfile2);
			sock_release(sock2);
			out_fd:
			put_unused_fd(fd1);
			put_unused_fd(fd2);
			goto out;
	}		}

	/*		/*