Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit 456be6cd90dbbb9b0ea01d56932d56d110d51cf7

Authored by Steve Grubb
Committed by
1 parent 37509e749d
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

[AUDIT] LOGIN message credentials 

Attached is a new patch that solves the issue of getting valid credentials
into the LOGIN message. The current code was assuming that the audit context
had already been copied. This is not always the case for LOGIN messages.

To solve the problem, the patch passes the task struct to the function that
emits the message where it can get valid credentials.

Signed-off-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

Showing 3 changed files with 7 additions and 6 deletions Side-by-side Diff

... ... @@ -820,7 +820,7 @@
820 820 goto out_free_page;
821 821  
822 822 }
823   - length = audit_set_loginuid(task->audit_context, loginuid);
  823 + length = audit_set_loginuid(task, loginuid);
824 824 if (likely(length == 0))
825 825 length = count;
826 826  
include/linux/audit.h
Diff comments   View file @ 456be6c
... ... @@ -187,7 +187,7 @@
187 187 void *data, uid_t loginuid);
188 188 extern void audit_get_stamp(struct audit_context *ctx,
189 189 struct timespec *t, unsigned int *serial);
190   -extern int audit_set_loginuid(struct audit_context *ctx, uid_t loginuid);
  190 +extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
191 191 extern uid_t audit_get_loginuid(struct audit_context *ctx);
192 192 extern int audit_ipc_perms(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
193 193 #else
... ... @@ -1010,20 +1010,21 @@
1010 1010  
1011 1011 extern int audit_set_type(struct audit_buffer *ab, int type);
1012 1012  
1013   -int audit_set_loginuid(struct audit_context *ctx, uid_t loginuid)
  1013 +int audit_set_loginuid(struct task_struct *task, uid_t loginuid)
1014 1014 {
1015   - if (ctx) {
  1015 + if (task->audit_context) {
1016 1016 struct audit_buffer *ab;
1017 1017  
1018 1018 ab = audit_log_start(NULL);
1019 1019 if (ab) {
1020 1020 audit_log_format(ab, "login pid=%d uid=%u "
1021 1021 "old loginuid=%u new loginuid=%u",
1022   - ctx->pid, ctx->uid, ctx->loginuid, loginuid);
  1022 + task->pid, task->uid,
  1023 + task->audit_context->loginuid, loginuid);
1023 1024 audit_set_type(ab, AUDIT_LOGIN);
1024 1025 audit_log_end(ab);
1025 1026 }
1026   - ctx->loginuid = loginuid;
  1027 + task->audit_context->loginuid = loginuid;
1027 1028 }
1028 1029 return 0;
1029 1030 }