Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit 939cbf260c1abce6cad4b95ea4ba9f5132b660b3

Authored by Eric Paris
Committed by Al Viro
1 parent 44e51a1b78
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

Audit: send signal info if selinux is disabled 

Audit will not respond to signal requests if selinux is disabled since it is
unable to translate the 0 sid from the sending process to a context.  This
patch just doesn't send the context info if there isn't any.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Showing 1 changed file with 12 additions and 6 deletions Side-by-side Diff

... ... @@ -855,18 +855,24 @@
855 855 break;
856 856 }
857 857 case AUDIT_SIGNAL_INFO:
858   - err = security_secid_to_secctx(audit_sig_sid, &ctx, &len);
859   - if (err)
860   - return err;
  858 + len = 0;
  859 + if (audit_sig_sid) {
  860 + err = security_secid_to_secctx(audit_sig_sid, &ctx, &len);
  861 + if (err)
  862 + return err;
  863 + }
861 864 sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL);
862 865 if (!sig_data) {
863   - security_release_secctx(ctx, len);
  866 + if (audit_sig_sid)
  867 + security_release_secctx(ctx, len);
864 868 return -ENOMEM;
865 869 }
866 870 sig_data->uid = audit_sig_uid;
867 871 sig_data->pid = audit_sig_pid;
868   - memcpy(sig_data->ctx, ctx, len);
869   - security_release_secctx(ctx, len);
  872 + if (audit_sig_sid) {
  873 + memcpy(sig_data->ctx, ctx, len);
  874 + security_release_secctx(ctx, len);
  875 + }
870 876 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
871 877 0, 0, sig_data, sizeof(*sig_data) + len);
872 878 kfree(sig_data);