Merge branch 'audit.b62' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current (0221c81b) · Commits · e / devices / android_kernel_xiaomi_markw

kernel/audit.c

+6 −3

Original line number	Original line	Diff line number	Diff line
	@@ -766,6 +766,9 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)

	audit_log_format(ab, " msg=");		audit_log_format(ab, " msg=");
	size = nlmsg_len(nlh);		size = nlmsg_len(nlh);
			if (size > 0 &&
			((unsigned char *)data)[size - 1] == '\0')
			size--;
	audit_log_n_untrustedstring(ab, data, size);		audit_log_n_untrustedstring(ab, data, size);
	}		}
	audit_set_pid(ab, pid);		audit_set_pid(ab, pid);
	@@ -1382,7 +1385,7 @@ void audit_log_n_string(struct audit_buffer ab, const char string,
	int audit_string_contains_control(const char *string, size_t len)		int audit_string_contains_control(const char *string, size_t len)
	{		{
	const unsigned char *p;		const unsigned char *p;
	for (p = string; p < (const unsigned char )string + len && p; p++) {		for (p = string; p < (const unsigned char *)string + len; p++) {
	if (p == '"' \|\| p < 0x21 \|\| *p > 0x7e)		if (p == '"' \|\| p < 0x21 \|\| *p > 0x7e)
	return 1;		return 1;
	}		}
	@@ -1437,13 +1440,13 @@ void audit_log_d_path(struct audit_buffer ab, const char prefix,
	/* We will allow 11 spaces for ' (deleted)' to be appended */		/* We will allow 11 spaces for ' (deleted)' to be appended */
	pathname = kmalloc(PATH_MAX+11, ab->gfp_mask);		pathname = kmalloc(PATH_MAX+11, ab->gfp_mask);
	if (!pathname) {		if (!pathname) {
	audit_log_format(ab, "<no memory>");		audit_log_string(ab, "<no_memory>");
	return;		return;
	}		}
	p = d_path(path, pathname, PATH_MAX+11);		p = d_path(path, pathname, PATH_MAX+11);
	if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */		if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */
	/* FIXME: can we save some information here? */		/* FIXME: can we save some information here? */
	audit_log_format(ab, "<too long>");		audit_log_string(ab, "<too_long>");
	} else		} else
	audit_log_untrustedstring(ab, p);		audit_log_untrustedstring(ab, p);
	kfree(pathname);		kfree(pathname);

kernel/audit_tree.c

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -385,6 +385,7 @@ static int tag_chunk(struct inode inode, struct audit_tree tree)
	mutex_lock(&inode->inotify_mutex);		mutex_lock(&inode->inotify_mutex);
	if (inotify_clone_watch(&old->watch, &chunk->watch) < 0) {		if (inotify_clone_watch(&old->watch, &chunk->watch) < 0) {
	mutex_unlock(&inode->inotify_mutex);		mutex_unlock(&inode->inotify_mutex);
			put_inotify_watch(&old->watch);
	free_chunk(chunk);		free_chunk(chunk);
	return -ENOSPC;		return -ENOSPC;
	}		}
	@@ -394,6 +395,7 @@ static int tag_chunk(struct inode inode, struct audit_tree tree)
	chunk->dead = 1;		chunk->dead = 1;
	inotify_evict_watch(&chunk->watch);		inotify_evict_watch(&chunk->watch);
	mutex_unlock(&inode->inotify_mutex);		mutex_unlock(&inode->inotify_mutex);
			put_inotify_watch(&old->watch);
	put_inotify_watch(&chunk->watch);		put_inotify_watch(&chunk->watch);
	return 0;		return 0;
	}		}

kernel/auditfilter.c

+8 −8

Original line number	Original line	Diff line number	Diff line
	@@ -135,18 +135,18 @@ static void audit_remove_watch(struct audit_watch *watch)
	static inline void audit_free_rule(struct audit_entry *e)		static inline void audit_free_rule(struct audit_entry *e)
	{		{
	int i;		int i;
			struct audit_krule *erule = &e->rule;
	/* some rules don't have associated watches */		/* some rules don't have associated watches */
	if (e->rule.watch)		if (erule->watch)
	audit_put_watch(e->rule.watch);		audit_put_watch(erule->watch);
	if (e->rule.fields)		if (erule->fields)
	for (i = 0; i < e->rule.field_count; i++) {		for (i = 0; i < erule->field_count; i++) {
	struct audit_field *f = &e->rule.fields[i];		struct audit_field *f = &erule->fields[i];
	kfree(f->lsm_str);		kfree(f->lsm_str);
	security_audit_rule_free(f->lsm_rule);		security_audit_rule_free(f->lsm_rule);
	}		}
	kfree(e->rule.fields);		kfree(erule->fields);
	kfree(e->rule.filterkey);		kfree(erule->filterkey);
	kfree(e);		kfree(e);
	}		}

kernel/auditsc.c

+16 −17

Original line number	Original line	Diff line number	Diff line
	@@ -329,6 +329,14 @@ static int audit_match_filetype(struct audit_context *ctx, int which)
	*/		*/

	#ifdef CONFIG_AUDIT_TREE		#ifdef CONFIG_AUDIT_TREE
			static void audit_set_auditable(struct audit_context *ctx)
			{
			if (!ctx->prio) {
			ctx->prio = 1;
			ctx->current_state = AUDIT_RECORD_CONTEXT;
			}
			}

	static int put_tree_ref(struct audit_context ctx, struct audit_chunk chunk)		static int put_tree_ref(struct audit_context ctx, struct audit_chunk chunk)
	{		{
	struct audit_tree_refs *p = ctx->trees;		struct audit_tree_refs *p = ctx->trees;
	@@ -742,17 +750,9 @@ void audit_filter_inodes(struct task_struct tsk, struct audit_context ctx)
	rcu_read_unlock();		rcu_read_unlock();
	}		}

	static void audit_set_auditable(struct audit_context *ctx)
	{
	if (!ctx->prio) {
	ctx->prio = 1;
	ctx->current_state = AUDIT_RECORD_CONTEXT;
	}
	}

	static inline struct audit_context audit_get_context(struct task_struct tsk,		static inline struct audit_context audit_get_context(struct task_struct tsk,
	int return_valid,		int return_valid,
	int return_code)		long return_code)
	{		{
	struct audit_context *context = tsk->audit_context;		struct audit_context *context = tsk->audit_context;

	@@ -1024,7 +1024,7 @@ static int audit_log_single_execve_arg(struct audit_context *context,
	{		{
	char arg_num_len_buf[12];		char arg_num_len_buf[12];
	const char __user *tmp_p = p;		const char __user *tmp_p = p;
	/* how many digits are in arg_num? 3 is the length of a=\n */		/* how many digits are in arg_num? 3 is the length of " a=" */
	size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 3;		size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 3;
	size_t len, len_left, to_send;		size_t len, len_left, to_send;
	size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN;		size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN;
	@@ -1138,7 +1138,6 @@ static int audit_log_single_execve_arg(struct audit_context *context,
	audit_log_n_hex(*ab, buf, to_send);		audit_log_n_hex(*ab, buf, to_send);
	else		else
	audit_log_format(*ab, "\"%s\"", buf);		audit_log_format(*ab, "\"%s\"", buf);
	audit_log_format(*ab, "\n");

	p += to_send;		p += to_send;
	len_left -= to_send;		len_left -= to_send;
	@@ -2150,7 +2149,7 @@ int audit_set_loginuid(struct task_struct *task, uid_t loginuid)
	* __audit_mq_open - record audit data for a POSIX MQ open		* __audit_mq_open - record audit data for a POSIX MQ open
	* @oflag: open flag		* @oflag: open flag
	* @mode: mode bits		* @mode: mode bits
	* @u_attr: queue attributes		* @attr: queue attributes
	*		*
	*/		*/
	void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr)		void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr)
	@@ -2197,7 +2196,7 @@ void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
	/**		/**
	* __audit_mq_notify - record audit data for a POSIX MQ notify		* __audit_mq_notify - record audit data for a POSIX MQ notify
	* @mqdes: MQ descriptor		* @mqdes: MQ descriptor
	* @u_notification: Notification event		* @notification: Notification event
	*		*
	*/		*/