Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit 980dfb0db340b95094732d78b55311f2c539c1af

Authored by zhangxiliang
Committed by Al Viro
1 parent 036bbf76ad
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

[PATCH] Fix the kernel panic of audit_filter_task when key field is set 

When calling audit_filter_task(), it calls audit_filter_rules() with audit_context is NULL.
If the key field is set, the result in audit_filter_rules() will be set to 1 and
ctx->filterkey will be set to key.
But the ctx is NULL in this condition, so kernel will panic.

Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Showing 1 changed file with 1 additions and 1 deletions Inline Diff

1 /* auditsc.c -- System-call auditing support 1 /* auditsc.c -- System-call auditing support
2 * Handles all system-call specific auditing features. 2 * Handles all system-call specific auditing features.
3 * 3 *
4 * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina. 4 * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
5 * Copyright 2005 Hewlett-Packard Development Company, L.P. 5 * Copyright 2005 Hewlett-Packard Development Company, L.P.
6 * Copyright (C) 2005, 2006 IBM Corporation 6 * Copyright (C) 2005, 2006 IBM Corporation
7 * All Rights Reserved. 7 * All Rights Reserved.
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify 9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by 10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or 11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version. 12 * (at your option) any later version.
13 * 13 *
14 * This program is distributed in the hope that it will be useful, 14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details. 17 * GNU General Public License for more details.
18 * 18 *
19 * You should have received a copy of the GNU General Public License 19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software 20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 * 22 *
23 * Written by Rickard E. (Rik) Faith <faith@redhat.com> 23 * Written by Rickard E. (Rik) Faith <faith@redhat.com>
24 * 24 *
25 * Many of the ideas implemented here are from Stephen C. Tweedie, 25 * Many of the ideas implemented here are from Stephen C. Tweedie,
26 * especially the idea of avoiding a copy by using getname. 26 * especially the idea of avoiding a copy by using getname.
27 * 27 *
28 * The method for actual interception of syscall entry and exit (not in 28 * The method for actual interception of syscall entry and exit (not in
29 * this file -- see entry.S) is based on a GPL'd patch written by 29 * this file -- see entry.S) is based on a GPL'd patch written by
30 * okir@suse.de and Copyright 2003 SuSE Linux AG. 30 * okir@suse.de and Copyright 2003 SuSE Linux AG.
31 * 31 *
32 * POSIX message queue support added by George Wilson <ltcgcw@us.ibm.com>, 32 * POSIX message queue support added by George Wilson <ltcgcw@us.ibm.com>,
33 * 2006. 33 * 2006.
34 * 34 *
35 * The support of additional filter rules compares (>, <, >=, <=) was 35 * The support of additional filter rules compares (>, <, >=, <=) was
36 * added by Dustin Kirkland <dustin.kirkland@us.ibm.com>, 2005. 36 * added by Dustin Kirkland <dustin.kirkland@us.ibm.com>, 2005.
37 * 37 *
38 * Modified by Amy Griffis <amy.griffis@hp.com> to collect additional 38 * Modified by Amy Griffis <amy.griffis@hp.com> to collect additional
39 * filesystem information. 39 * filesystem information.
40 * 40 *
41 * Subject and object context labeling support added by <danjones@us.ibm.com> 41 * Subject and object context labeling support added by <danjones@us.ibm.com>
42 * and <dustin.kirkland@us.ibm.com> for LSPP certification compliance. 42 * and <dustin.kirkland@us.ibm.com> for LSPP certification compliance.
43 */ 43 */
44 44
45 #include <linux/init.h> 45 #include <linux/init.h>
46 #include <asm/types.h> 46 #include <asm/types.h>
47 #include <asm/atomic.h> 47 #include <asm/atomic.h>
48 #include <linux/fs.h> 48 #include <linux/fs.h>
49 #include <linux/namei.h> 49 #include <linux/namei.h>
50 #include <linux/mm.h> 50 #include <linux/mm.h>
51 #include <linux/module.h> 51 #include <linux/module.h>
52 #include <linux/mount.h> 52 #include <linux/mount.h>
53 #include <linux/socket.h> 53 #include <linux/socket.h>
54 #include <linux/mqueue.h> 54 #include <linux/mqueue.h>
55 #include <linux/audit.h> 55 #include <linux/audit.h>
56 #include <linux/personality.h> 56 #include <linux/personality.h>
57 #include <linux/time.h> 57 #include <linux/time.h>
58 #include <linux/netlink.h> 58 #include <linux/netlink.h>
59 #include <linux/compiler.h> 59 #include <linux/compiler.h>
60 #include <asm/unistd.h> 60 #include <asm/unistd.h>
61 #include <linux/security.h> 61 #include <linux/security.h>
62 #include <linux/list.h> 62 #include <linux/list.h>
63 #include <linux/tty.h> 63 #include <linux/tty.h>
64 #include <linux/binfmts.h> 64 #include <linux/binfmts.h>
65 #include <linux/highmem.h> 65 #include <linux/highmem.h>
66 #include <linux/syscalls.h> 66 #include <linux/syscalls.h>
67 #include <linux/inotify.h> 67 #include <linux/inotify.h>
68 68
69 #include "audit.h" 69 #include "audit.h"
70 70
71 /* AUDIT_NAMES is the number of slots we reserve in the audit_context 71 /* AUDIT_NAMES is the number of slots we reserve in the audit_context
72 * for saving names from getname(). */ 72 * for saving names from getname(). */
73 #define AUDIT_NAMES 20 73 #define AUDIT_NAMES 20
74 74
75 /* Indicates that audit should log the full pathname. */ 75 /* Indicates that audit should log the full pathname. */
76 #define AUDIT_NAME_FULL -1 76 #define AUDIT_NAME_FULL -1
77 77
78 /* no execve audit message should be longer than this (userspace limits) */ 78 /* no execve audit message should be longer than this (userspace limits) */
79 #define MAX_EXECVE_AUDIT_LEN 7500 79 #define MAX_EXECVE_AUDIT_LEN 7500
80 80
81 /* number of audit rules */ 81 /* number of audit rules */
82 int audit_n_rules; 82 int audit_n_rules;
83 83
84 /* determines whether we collect data for signals sent */ 84 /* determines whether we collect data for signals sent */
85 int audit_signals; 85 int audit_signals;
86 86
87 /* When fs/namei.c:getname() is called, we store the pointer in name and 87 /* When fs/namei.c:getname() is called, we store the pointer in name and
88 * we don't let putname() free it (instead we free all of the saved 88 * we don't let putname() free it (instead we free all of the saved
89 * pointers at syscall exit time). 89 * pointers at syscall exit time).
90 * 90 *
91 * Further, in fs/namei.c:path_lookup() we store the inode and device. */ 91 * Further, in fs/namei.c:path_lookup() we store the inode and device. */
92 struct audit_names { 92 struct audit_names {
93 const char *name; 93 const char *name;
94 int name_len; /* number of name's characters to log */ 94 int name_len; /* number of name's characters to log */
95 unsigned name_put; /* call __putname() for this name */ 95 unsigned name_put; /* call __putname() for this name */
96 unsigned long ino; 96 unsigned long ino;
97 dev_t dev; 97 dev_t dev;
98 umode_t mode; 98 umode_t mode;
99 uid_t uid; 99 uid_t uid;
100 gid_t gid; 100 gid_t gid;
101 dev_t rdev; 101 dev_t rdev;
102 u32 osid; 102 u32 osid;
103 }; 103 };
104 104
105 struct audit_aux_data { 105 struct audit_aux_data {
106 struct audit_aux_data *next; 106 struct audit_aux_data *next;
107 int type; 107 int type;
108 }; 108 };
109 109
110 #define AUDIT_AUX_IPCPERM 0 110 #define AUDIT_AUX_IPCPERM 0
111 111
112 /* Number of target pids per aux struct. */ 112 /* Number of target pids per aux struct. */
113 #define AUDIT_AUX_PIDS 16 113 #define AUDIT_AUX_PIDS 16
114 114
115 struct audit_aux_data_mq_open { 115 struct audit_aux_data_mq_open {
116 struct audit_aux_data d; 116 struct audit_aux_data d;
117 int oflag; 117 int oflag;
118 mode_t mode; 118 mode_t mode;
119 struct mq_attr attr; 119 struct mq_attr attr;
120 }; 120 };
121 121
122 struct audit_aux_data_mq_sendrecv { 122 struct audit_aux_data_mq_sendrecv {
123 struct audit_aux_data d; 123 struct audit_aux_data d;
124 mqd_t mqdes; 124 mqd_t mqdes;
125 size_t msg_len; 125 size_t msg_len;
126 unsigned int msg_prio; 126 unsigned int msg_prio;
127 struct timespec abs_timeout; 127 struct timespec abs_timeout;
128 }; 128 };
129 129
130 struct audit_aux_data_mq_notify { 130 struct audit_aux_data_mq_notify {
131 struct audit_aux_data d; 131 struct audit_aux_data d;
132 mqd_t mqdes; 132 mqd_t mqdes;
133 struct sigevent notification; 133 struct sigevent notification;
134 }; 134 };
135 135
136 struct audit_aux_data_mq_getsetattr { 136 struct audit_aux_data_mq_getsetattr {
137 struct audit_aux_data d; 137 struct audit_aux_data d;
138 mqd_t mqdes; 138 mqd_t mqdes;
139 struct mq_attr mqstat; 139 struct mq_attr mqstat;
140 }; 140 };
141 141
142 struct audit_aux_data_ipcctl { 142 struct audit_aux_data_ipcctl {
143 struct audit_aux_data d; 143 struct audit_aux_data d;
144 struct ipc_perm p; 144 struct ipc_perm p;
145 unsigned long qbytes; 145 unsigned long qbytes;
146 uid_t uid; 146 uid_t uid;
147 gid_t gid; 147 gid_t gid;
148 mode_t mode; 148 mode_t mode;
149 u32 osid; 149 u32 osid;
150 }; 150 };
151 151
152 struct audit_aux_data_execve { 152 struct audit_aux_data_execve {
153 struct audit_aux_data d; 153 struct audit_aux_data d;
154 int argc; 154 int argc;
155 int envc; 155 int envc;
156 struct mm_struct *mm; 156 struct mm_struct *mm;
157 }; 157 };
158 158
159 struct audit_aux_data_socketcall { 159 struct audit_aux_data_socketcall {
160 struct audit_aux_data d; 160 struct audit_aux_data d;
161 int nargs; 161 int nargs;
162 unsigned long args[0]; 162 unsigned long args[0];
163 }; 163 };
164 164
165 struct audit_aux_data_sockaddr { 165 struct audit_aux_data_sockaddr {
166 struct audit_aux_data d; 166 struct audit_aux_data d;
167 int len; 167 int len;
168 char a[0]; 168 char a[0];
169 }; 169 };
170 170
171 struct audit_aux_data_fd_pair { 171 struct audit_aux_data_fd_pair {
172 struct audit_aux_data d; 172 struct audit_aux_data d;
173 int fd[2]; 173 int fd[2];
174 }; 174 };
175 175
176 struct audit_aux_data_pids { 176 struct audit_aux_data_pids {
177 struct audit_aux_data d; 177 struct audit_aux_data d;
178 pid_t target_pid[AUDIT_AUX_PIDS]; 178 pid_t target_pid[AUDIT_AUX_PIDS];
179 uid_t target_auid[AUDIT_AUX_PIDS]; 179 uid_t target_auid[AUDIT_AUX_PIDS];
180 uid_t target_uid[AUDIT_AUX_PIDS]; 180 uid_t target_uid[AUDIT_AUX_PIDS];
181 unsigned int target_sessionid[AUDIT_AUX_PIDS]; 181 unsigned int target_sessionid[AUDIT_AUX_PIDS];
182 u32 target_sid[AUDIT_AUX_PIDS]; 182 u32 target_sid[AUDIT_AUX_PIDS];
183 char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; 183 char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN];
184 int pid_count; 184 int pid_count;
185 }; 185 };
186 186
187 struct audit_tree_refs { 187 struct audit_tree_refs {
188 struct audit_tree_refs *next; 188 struct audit_tree_refs *next;
189 struct audit_chunk *c[31]; 189 struct audit_chunk *c[31];
190 }; 190 };
191 191
192 /* The per-task audit context. */ 192 /* The per-task audit context. */
193 struct audit_context { 193 struct audit_context {
194 int dummy; /* must be the first element */ 194 int dummy; /* must be the first element */
195 int in_syscall; /* 1 if task is in a syscall */ 195 int in_syscall; /* 1 if task is in a syscall */
196 enum audit_state state; 196 enum audit_state state;
197 unsigned int serial; /* serial number for record */ 197 unsigned int serial; /* serial number for record */
198 struct timespec ctime; /* time of syscall entry */ 198 struct timespec ctime; /* time of syscall entry */
199 int major; /* syscall number */ 199 int major; /* syscall number */
200 unsigned long argv[4]; /* syscall arguments */ 200 unsigned long argv[4]; /* syscall arguments */
201 int return_valid; /* return code is valid */ 201 int return_valid; /* return code is valid */
202 long return_code;/* syscall return code */ 202 long return_code;/* syscall return code */
203 int auditable; /* 1 if record should be written */ 203 int auditable; /* 1 if record should be written */
204 int name_count; 204 int name_count;
205 struct audit_names names[AUDIT_NAMES]; 205 struct audit_names names[AUDIT_NAMES];
206 char * filterkey; /* key for rule that triggered record */ 206 char * filterkey; /* key for rule that triggered record */
207 struct path pwd; 207 struct path pwd;
208 struct audit_context *previous; /* For nested syscalls */ 208 struct audit_context *previous; /* For nested syscalls */
209 struct audit_aux_data *aux; 209 struct audit_aux_data *aux;
210 struct audit_aux_data *aux_pids; 210 struct audit_aux_data *aux_pids;
211 211
212 /* Save things to print about task_struct */ 212 /* Save things to print about task_struct */
213 pid_t pid, ppid; 213 pid_t pid, ppid;
214 uid_t uid, euid, suid, fsuid; 214 uid_t uid, euid, suid, fsuid;
215 gid_t gid, egid, sgid, fsgid; 215 gid_t gid, egid, sgid, fsgid;
216 unsigned long personality; 216 unsigned long personality;
217 int arch; 217 int arch;
218 218
219 pid_t target_pid; 219 pid_t target_pid;
220 uid_t target_auid; 220 uid_t target_auid;
221 uid_t target_uid; 221 uid_t target_uid;
222 unsigned int target_sessionid; 222 unsigned int target_sessionid;
223 u32 target_sid; 223 u32 target_sid;
224 char target_comm[TASK_COMM_LEN]; 224 char target_comm[TASK_COMM_LEN];
225 225
226 struct audit_tree_refs *trees, *first_trees; 226 struct audit_tree_refs *trees, *first_trees;
227 int tree_count; 227 int tree_count;
228 228
229 #if AUDIT_DEBUG 229 #if AUDIT_DEBUG
230 int put_count; 230 int put_count;
231 int ino_count; 231 int ino_count;
232 #endif 232 #endif
233 }; 233 };
234 234
235 #define ACC_MODE(x) ("\004\002\006\006"[(x)&O_ACCMODE]) 235 #define ACC_MODE(x) ("\004\002\006\006"[(x)&O_ACCMODE])
236 static inline int open_arg(int flags, int mask) 236 static inline int open_arg(int flags, int mask)
237 { 237 {
238 int n = ACC_MODE(flags); 238 int n = ACC_MODE(flags);
239 if (flags & (O_TRUNC | O_CREAT)) 239 if (flags & (O_TRUNC | O_CREAT))
240 n |= AUDIT_PERM_WRITE; 240 n |= AUDIT_PERM_WRITE;
241 return n & mask; 241 return n & mask;
242 } 242 }
243 243
244 static int audit_match_perm(struct audit_context *ctx, int mask) 244 static int audit_match_perm(struct audit_context *ctx, int mask)
245 { 245 {
246 unsigned n = ctx->major; 246 unsigned n = ctx->major;
247 switch (audit_classify_syscall(ctx->arch, n)) { 247 switch (audit_classify_syscall(ctx->arch, n)) {
248 case 0: /* native */ 248 case 0: /* native */
249 if ((mask & AUDIT_PERM_WRITE) && 249 if ((mask & AUDIT_PERM_WRITE) &&
250 audit_match_class(AUDIT_CLASS_WRITE, n)) 250 audit_match_class(AUDIT_CLASS_WRITE, n))
251 return 1; 251 return 1;
252 if ((mask & AUDIT_PERM_READ) && 252 if ((mask & AUDIT_PERM_READ) &&
253 audit_match_class(AUDIT_CLASS_READ, n)) 253 audit_match_class(AUDIT_CLASS_READ, n))
254 return 1; 254 return 1;
255 if ((mask & AUDIT_PERM_ATTR) && 255 if ((mask & AUDIT_PERM_ATTR) &&
256 audit_match_class(AUDIT_CLASS_CHATTR, n)) 256 audit_match_class(AUDIT_CLASS_CHATTR, n))
257 return 1; 257 return 1;
258 return 0; 258 return 0;
259 case 1: /* 32bit on biarch */ 259 case 1: /* 32bit on biarch */
260 if ((mask & AUDIT_PERM_WRITE) && 260 if ((mask & AUDIT_PERM_WRITE) &&
261 audit_match_class(AUDIT_CLASS_WRITE_32, n)) 261 audit_match_class(AUDIT_CLASS_WRITE_32, n))
262 return 1; 262 return 1;
263 if ((mask & AUDIT_PERM_READ) && 263 if ((mask & AUDIT_PERM_READ) &&
264 audit_match_class(AUDIT_CLASS_READ_32, n)) 264 audit_match_class(AUDIT_CLASS_READ_32, n))
265 return 1; 265 return 1;
266 if ((mask & AUDIT_PERM_ATTR) && 266 if ((mask & AUDIT_PERM_ATTR) &&
267 audit_match_class(AUDIT_CLASS_CHATTR_32, n)) 267 audit_match_class(AUDIT_CLASS_CHATTR_32, n))
268 return 1; 268 return 1;
269 return 0; 269 return 0;
270 case 2: /* open */ 270 case 2: /* open */
271 return mask & ACC_MODE(ctx->argv[1]); 271 return mask & ACC_MODE(ctx->argv[1]);
272 case 3: /* openat */ 272 case 3: /* openat */
273 return mask & ACC_MODE(ctx->argv[2]); 273 return mask & ACC_MODE(ctx->argv[2]);
274 case 4: /* socketcall */ 274 case 4: /* socketcall */
275 return ((mask & AUDIT_PERM_WRITE) && ctx->argv[0] == SYS_BIND); 275 return ((mask & AUDIT_PERM_WRITE) && ctx->argv[0] == SYS_BIND);
276 case 5: /* execve */ 276 case 5: /* execve */
277 return mask & AUDIT_PERM_EXEC; 277 return mask & AUDIT_PERM_EXEC;
278 default: 278 default:
279 return 0; 279 return 0;
280 } 280 }
281 } 281 }
282 282
283 static int audit_match_filetype(struct audit_context *ctx, int which) 283 static int audit_match_filetype(struct audit_context *ctx, int which)
284 { 284 {
285 unsigned index = which & ~S_IFMT; 285 unsigned index = which & ~S_IFMT;
286 mode_t mode = which & S_IFMT; 286 mode_t mode = which & S_IFMT;
287 if (index >= ctx->name_count) 287 if (index >= ctx->name_count)
288 return 0; 288 return 0;
289 if (ctx->names[index].ino == -1) 289 if (ctx->names[index].ino == -1)
290 return 0; 290 return 0;
291 if ((ctx->names[index].mode ^ mode) & S_IFMT) 291 if ((ctx->names[index].mode ^ mode) & S_IFMT)
292 return 0; 292 return 0;
293 return 1; 293 return 1;
294 } 294 }
295 295
296 /* 296 /*
297 * We keep a linked list of fixed-sized (31 pointer) arrays of audit_chunk *; 297 * We keep a linked list of fixed-sized (31 pointer) arrays of audit_chunk *;
298 * ->first_trees points to its beginning, ->trees - to the current end of data. 298 * ->first_trees points to its beginning, ->trees - to the current end of data.
299 * ->tree_count is the number of free entries in array pointed to by ->trees. 299 * ->tree_count is the number of free entries in array pointed to by ->trees.
300 * Original condition is (NULL, NULL, 0); as soon as it grows we never revert to NULL, 300 * Original condition is (NULL, NULL, 0); as soon as it grows we never revert to NULL,
301 * "empty" becomes (p, p, 31) afterwards. We don't shrink the list (and seriously, 301 * "empty" becomes (p, p, 31) afterwards. We don't shrink the list (and seriously,
302 * it's going to remain 1-element for almost any setup) until we free context itself. 302 * it's going to remain 1-element for almost any setup) until we free context itself.
303 * References in it _are_ dropped - at the same time we free/drop aux stuff. 303 * References in it _are_ dropped - at the same time we free/drop aux stuff.
304 */ 304 */
305 305
306 #ifdef CONFIG_AUDIT_TREE 306 #ifdef CONFIG_AUDIT_TREE
307 static int put_tree_ref(struct audit_context *ctx, struct audit_chunk *chunk) 307 static int put_tree_ref(struct audit_context *ctx, struct audit_chunk *chunk)
308 { 308 {
309 struct audit_tree_refs *p = ctx->trees; 309 struct audit_tree_refs *p = ctx->trees;
310 int left = ctx->tree_count; 310 int left = ctx->tree_count;
311 if (likely(left)) { 311 if (likely(left)) {
312 p->c[--left] = chunk; 312 p->c[--left] = chunk;
313 ctx->tree_count = left; 313 ctx->tree_count = left;
314 return 1; 314 return 1;
315 } 315 }
316 if (!p) 316 if (!p)
317 return 0; 317 return 0;
318 p = p->next; 318 p = p->next;
319 if (p) { 319 if (p) {
320 p->c[30] = chunk; 320 p->c[30] = chunk;
321 ctx->trees = p; 321 ctx->trees = p;
322 ctx->tree_count = 30; 322 ctx->tree_count = 30;
323 return 1; 323 return 1;
324 } 324 }
325 return 0; 325 return 0;
326 } 326 }
327 327
328 static int grow_tree_refs(struct audit_context *ctx) 328 static int grow_tree_refs(struct audit_context *ctx)
329 { 329 {
330 struct audit_tree_refs *p = ctx->trees; 330 struct audit_tree_refs *p = ctx->trees;
331 ctx->trees = kzalloc(sizeof(struct audit_tree_refs), GFP_KERNEL); 331 ctx->trees = kzalloc(sizeof(struct audit_tree_refs), GFP_KERNEL);
332 if (!ctx->trees) { 332 if (!ctx->trees) {
333 ctx->trees = p; 333 ctx->trees = p;
334 return 0; 334 return 0;
335 } 335 }
336 if (p) 336 if (p)
337 p->next = ctx->trees; 337 p->next = ctx->trees;
338 else 338 else
339 ctx->first_trees = ctx->trees; 339 ctx->first_trees = ctx->trees;
340 ctx->tree_count = 31; 340 ctx->tree_count = 31;
341 return 1; 341 return 1;
342 } 342 }
343 #endif 343 #endif
344 344
345 static void unroll_tree_refs(struct audit_context *ctx, 345 static void unroll_tree_refs(struct audit_context *ctx,
346 struct audit_tree_refs *p, int count) 346 struct audit_tree_refs *p, int count)
347 { 347 {
348 #ifdef CONFIG_AUDIT_TREE 348 #ifdef CONFIG_AUDIT_TREE
349 struct audit_tree_refs *q; 349 struct audit_tree_refs *q;
350 int n; 350 int n;
351 if (!p) { 351 if (!p) {
352 /* we started with empty chain */ 352 /* we started with empty chain */
353 p = ctx->first_trees; 353 p = ctx->first_trees;
354 count = 31; 354 count = 31;
355 /* if the very first allocation has failed, nothing to do */ 355 /* if the very first allocation has failed, nothing to do */
356 if (!p) 356 if (!p)
357 return; 357 return;
358 } 358 }
359 n = count; 359 n = count;
360 for (q = p; q != ctx->trees; q = q->next, n = 31) { 360 for (q = p; q != ctx->trees; q = q->next, n = 31) {
361 while (n--) { 361 while (n--) {
362 audit_put_chunk(q->c[n]); 362 audit_put_chunk(q->c[n]);
363 q->c[n] = NULL; 363 q->c[n] = NULL;
364 } 364 }
365 } 365 }
366 while (n-- > ctx->tree_count) { 366 while (n-- > ctx->tree_count) {
367 audit_put_chunk(q->c[n]); 367 audit_put_chunk(q->c[n]);
368 q->c[n] = NULL; 368 q->c[n] = NULL;
369 } 369 }
370 ctx->trees = p; 370 ctx->trees = p;
371 ctx->tree_count = count; 371 ctx->tree_count = count;
372 #endif 372 #endif
373 } 373 }
374 374
375 static void free_tree_refs(struct audit_context *ctx) 375 static void free_tree_refs(struct audit_context *ctx)
376 { 376 {
377 struct audit_tree_refs *p, *q; 377 struct audit_tree_refs *p, *q;
378 for (p = ctx->first_trees; p; p = q) { 378 for (p = ctx->first_trees; p; p = q) {
379 q = p->next; 379 q = p->next;
380 kfree(p); 380 kfree(p);
381 } 381 }
382 } 382 }
383 383
384 static int match_tree_refs(struct audit_context *ctx, struct audit_tree *tree) 384 static int match_tree_refs(struct audit_context *ctx, struct audit_tree *tree)
385 { 385 {
386 #ifdef CONFIG_AUDIT_TREE 386 #ifdef CONFIG_AUDIT_TREE
387 struct audit_tree_refs *p; 387 struct audit_tree_refs *p;
388 int n; 388 int n;
389 if (!tree) 389 if (!tree)
390 return 0; 390 return 0;
391 /* full ones */ 391 /* full ones */
392 for (p = ctx->first_trees; p != ctx->trees; p = p->next) { 392 for (p = ctx->first_trees; p != ctx->trees; p = p->next) {
393 for (n = 0; n < 31; n++) 393 for (n = 0; n < 31; n++)
394 if (audit_tree_match(p->c[n], tree)) 394 if (audit_tree_match(p->c[n], tree))
395 return 1; 395 return 1;
396 } 396 }
397 /* partial */ 397 /* partial */
398 if (p) { 398 if (p) {
399 for (n = ctx->tree_count; n < 31; n++) 399 for (n = ctx->tree_count; n < 31; n++)
400 if (audit_tree_match(p->c[n], tree)) 400 if (audit_tree_match(p->c[n], tree))
401 return 1; 401 return 1;
402 } 402 }
403 #endif 403 #endif
404 return 0; 404 return 0;
405 } 405 }
406 406
407 /* Determine if any context name data matches a rule's watch data */ 407 /* Determine if any context name data matches a rule's watch data */
408 /* Compare a task_struct with an audit_rule. Return 1 on match, 0 408 /* Compare a task_struct with an audit_rule. Return 1 on match, 0
409 * otherwise. */ 409 * otherwise. */
410 static int audit_filter_rules(struct task_struct *tsk, 410 static int audit_filter_rules(struct task_struct *tsk,
411 struct audit_krule *rule, 411 struct audit_krule *rule,
412 struct audit_context *ctx, 412 struct audit_context *ctx,
413 struct audit_names *name, 413 struct audit_names *name,
414 enum audit_state *state) 414 enum audit_state *state)
415 { 415 {
416 int i, j, need_sid = 1; 416 int i, j, need_sid = 1;
417 u32 sid; 417 u32 sid;
418 418
419 for (i = 0; i < rule->field_count; i++) { 419 for (i = 0; i < rule->field_count; i++) {
420 struct audit_field *f = &rule->fields[i]; 420 struct audit_field *f = &rule->fields[i];
421 int result = 0; 421 int result = 0;
422 422
423 switch (f->type) { 423 switch (f->type) {
424 case AUDIT_PID: 424 case AUDIT_PID:
425 result = audit_comparator(tsk->pid, f->op, f->val); 425 result = audit_comparator(tsk->pid, f->op, f->val);
426 break; 426 break;
427 case AUDIT_PPID: 427 case AUDIT_PPID:
428 if (ctx) { 428 if (ctx) {
429 if (!ctx->ppid) 429 if (!ctx->ppid)
430 ctx->ppid = sys_getppid(); 430 ctx->ppid = sys_getppid();
431 result = audit_comparator(ctx->ppid, f->op, f->val); 431 result = audit_comparator(ctx->ppid, f->op, f->val);
432 } 432 }
433 break; 433 break;
434 case AUDIT_UID: 434 case AUDIT_UID:
435 result = audit_comparator(tsk->uid, f->op, f->val); 435 result = audit_comparator(tsk->uid, f->op, f->val);
436 break; 436 break;
437 case AUDIT_EUID: 437 case AUDIT_EUID:
438 result = audit_comparator(tsk->euid, f->op, f->val); 438 result = audit_comparator(tsk->euid, f->op, f->val);
439 break; 439 break;
440 case AUDIT_SUID: 440 case AUDIT_SUID:
441 result = audit_comparator(tsk->suid, f->op, f->val); 441 result = audit_comparator(tsk->suid, f->op, f->val);
442 break; 442 break;
443 case AUDIT_FSUID: 443 case AUDIT_FSUID:
444 result = audit_comparator(tsk->fsuid, f->op, f->val); 444 result = audit_comparator(tsk->fsuid, f->op, f->val);
445 break; 445 break;
446 case AUDIT_GID: 446 case AUDIT_GID:
447 result = audit_comparator(tsk->gid, f->op, f->val); 447 result = audit_comparator(tsk->gid, f->op, f->val);
448 break; 448 break;
449 case AUDIT_EGID: 449 case AUDIT_EGID:
450 result = audit_comparator(tsk->egid, f->op, f->val); 450 result = audit_comparator(tsk->egid, f->op, f->val);
451 break; 451 break;
452 case AUDIT_SGID: 452 case AUDIT_SGID:
453 result = audit_comparator(tsk->sgid, f->op, f->val); 453 result = audit_comparator(tsk->sgid, f->op, f->val);
454 break; 454 break;
455 case AUDIT_FSGID: 455 case AUDIT_FSGID:
456 result = audit_comparator(tsk->fsgid, f->op, f->val); 456 result = audit_comparator(tsk->fsgid, f->op, f->val);
457 break; 457 break;
458 case AUDIT_PERS: 458 case AUDIT_PERS:
459 result = audit_comparator(tsk->personality, f->op, f->val); 459 result = audit_comparator(tsk->personality, f->op, f->val);
460 break; 460 break;
461 case AUDIT_ARCH: 461 case AUDIT_ARCH:
462 if (ctx) 462 if (ctx)
463 result = audit_comparator(ctx->arch, f->op, f->val); 463 result = audit_comparator(ctx->arch, f->op, f->val);
464 break; 464 break;
465 465
466 case AUDIT_EXIT: 466 case AUDIT_EXIT:
467 if (ctx && ctx->return_valid) 467 if (ctx && ctx->return_valid)
468 result = audit_comparator(ctx->return_code, f->op, f->val); 468 result = audit_comparator(ctx->return_code, f->op, f->val);
469 break; 469 break;
470 case AUDIT_SUCCESS: 470 case AUDIT_SUCCESS:
471 if (ctx && ctx->return_valid) { 471 if (ctx && ctx->return_valid) {
472 if (f->val) 472 if (f->val)
473 result = audit_comparator(ctx->return_valid, f->op, AUDITSC_SUCCESS); 473 result = audit_comparator(ctx->return_valid, f->op, AUDITSC_SUCCESS);
474 else 474 else
475 result = audit_comparator(ctx->return_valid, f->op, AUDITSC_FAILURE); 475 result = audit_comparator(ctx->return_valid, f->op, AUDITSC_FAILURE);
476 } 476 }
477 break; 477 break;
478 case AUDIT_DEVMAJOR: 478 case AUDIT_DEVMAJOR:
479 if (name) 479 if (name)
480 result = audit_comparator(MAJOR(name->dev), 480 result = audit_comparator(MAJOR(name->dev),
481 f->op, f->val); 481 f->op, f->val);
482 else if (ctx) { 482 else if (ctx) {
483 for (j = 0; j < ctx->name_count; j++) { 483 for (j = 0; j < ctx->name_count; j++) {
484 if (audit_comparator(MAJOR(ctx->names[j].dev), f->op, f->val)) { 484 if (audit_comparator(MAJOR(ctx->names[j].dev), f->op, f->val)) {
485 ++result; 485 ++result;
486 break; 486 break;
487 } 487 }
488 } 488 }
489 } 489 }
490 break; 490 break;
491 case AUDIT_DEVMINOR: 491 case AUDIT_DEVMINOR:
492 if (name) 492 if (name)
493 result = audit_comparator(MINOR(name->dev), 493 result = audit_comparator(MINOR(name->dev),
494 f->op, f->val); 494 f->op, f->val);
495 else if (ctx) { 495 else if (ctx) {
496 for (j = 0; j < ctx->name_count; j++) { 496 for (j = 0; j < ctx->name_count; j++) {
497 if (audit_comparator(MINOR(ctx->names[j].dev), f->op, f->val)) { 497 if (audit_comparator(MINOR(ctx->names[j].dev), f->op, f->val)) {
498 ++result; 498 ++result;
499 break; 499 break;
500 } 500 }
501 } 501 }
502 } 502 }
503 break; 503 break;
504 case AUDIT_INODE: 504 case AUDIT_INODE:
505 if (name) 505 if (name)
506 result = (name->ino == f->val); 506 result = (name->ino == f->val);
507 else if (ctx) { 507 else if (ctx) {
508 for (j = 0; j < ctx->name_count; j++) { 508 for (j = 0; j < ctx->name_count; j++) {
509 if (audit_comparator(ctx->names[j].ino, f->op, f->val)) { 509 if (audit_comparator(ctx->names[j].ino, f->op, f->val)) {
510 ++result; 510 ++result;
511 break; 511 break;
512 } 512 }
513 } 513 }
514 } 514 }
515 break; 515 break;
516 case AUDIT_WATCH: 516 case AUDIT_WATCH:
517 if (name && rule->watch->ino != (unsigned long)-1) 517 if (name && rule->watch->ino != (unsigned long)-1)
518 result = (name->dev == rule->watch->dev && 518 result = (name->dev == rule->watch->dev &&
519 name->ino == rule->watch->ino); 519 name->ino == rule->watch->ino);
520 break; 520 break;
521 case AUDIT_DIR: 521 case AUDIT_DIR:
522 if (ctx) 522 if (ctx)
523 result = match_tree_refs(ctx, rule->tree); 523 result = match_tree_refs(ctx, rule->tree);
524 break; 524 break;
525 case AUDIT_LOGINUID: 525 case AUDIT_LOGINUID:
526 result = 0; 526 result = 0;
527 if (ctx) 527 if (ctx)
528 result = audit_comparator(tsk->loginuid, f->op, f->val); 528 result = audit_comparator(tsk->loginuid, f->op, f->val);
529 break; 529 break;
530 case AUDIT_SUBJ_USER: 530 case AUDIT_SUBJ_USER:
531 case AUDIT_SUBJ_ROLE: 531 case AUDIT_SUBJ_ROLE:
532 case AUDIT_SUBJ_TYPE: 532 case AUDIT_SUBJ_TYPE:
533 case AUDIT_SUBJ_SEN: 533 case AUDIT_SUBJ_SEN:
534 case AUDIT_SUBJ_CLR: 534 case AUDIT_SUBJ_CLR:
535 /* NOTE: this may return negative values indicating 535 /* NOTE: this may return negative values indicating
536 a temporary error. We simply treat this as a 536 a temporary error. We simply treat this as a
537 match for now to avoid losing information that 537 match for now to avoid losing information that
538 may be wanted. An error message will also be 538 may be wanted. An error message will also be
539 logged upon error */ 539 logged upon error */
540 if (f->lsm_rule) { 540 if (f->lsm_rule) {
541 if (need_sid) { 541 if (need_sid) {
542 security_task_getsecid(tsk, &sid); 542 security_task_getsecid(tsk, &sid);
543 need_sid = 0; 543 need_sid = 0;
544 } 544 }
545 result = security_audit_rule_match(sid, f->type, 545 result = security_audit_rule_match(sid, f->type,
546 f->op, 546 f->op,
547 f->lsm_rule, 547 f->lsm_rule,
548 ctx); 548 ctx);
549 } 549 }
550 break; 550 break;
551 case AUDIT_OBJ_USER: 551 case AUDIT_OBJ_USER:
552 case AUDIT_OBJ_ROLE: 552 case AUDIT_OBJ_ROLE:
553 case AUDIT_OBJ_TYPE: 553 case AUDIT_OBJ_TYPE:
554 case AUDIT_OBJ_LEV_LOW: 554 case AUDIT_OBJ_LEV_LOW:
555 case AUDIT_OBJ_LEV_HIGH: 555 case AUDIT_OBJ_LEV_HIGH:
556 /* The above note for AUDIT_SUBJ_USER...AUDIT_SUBJ_CLR 556 /* The above note for AUDIT_SUBJ_USER...AUDIT_SUBJ_CLR
557 also applies here */ 557 also applies here */
558 if (f->lsm_rule) { 558 if (f->lsm_rule) {
559 /* Find files that match */ 559 /* Find files that match */
560 if (name) { 560 if (name) {
561 result = security_audit_rule_match( 561 result = security_audit_rule_match(
562 name->osid, f->type, f->op, 562 name->osid, f->type, f->op,
563 f->lsm_rule, ctx); 563 f->lsm_rule, ctx);
564 } else if (ctx) { 564 } else if (ctx) {
565 for (j = 0; j < ctx->name_count; j++) { 565 for (j = 0; j < ctx->name_count; j++) {
566 if (security_audit_rule_match( 566 if (security_audit_rule_match(
567 ctx->names[j].osid, 567 ctx->names[j].osid,
568 f->type, f->op, 568 f->type, f->op,
569 f->lsm_rule, ctx)) { 569 f->lsm_rule, ctx)) {
570 ++result; 570 ++result;
571 break; 571 break;
572 } 572 }
573 } 573 }
574 } 574 }
575 /* Find ipc objects that match */ 575 /* Find ipc objects that match */
576 if (ctx) { 576 if (ctx) {
577 struct audit_aux_data *aux; 577 struct audit_aux_data *aux;
578 for (aux = ctx->aux; aux; 578 for (aux = ctx->aux; aux;
579 aux = aux->next) { 579 aux = aux->next) {
580 if (aux->type == AUDIT_IPC) { 580 if (aux->type == AUDIT_IPC) {
581 struct audit_aux_data_ipcctl *axi = (void *)aux; 581 struct audit_aux_data_ipcctl *axi = (void *)aux;
582 if (security_audit_rule_match(axi->osid, f->type, f->op, f->lsm_rule, ctx)) { 582 if (security_audit_rule_match(axi->osid, f->type, f->op, f->lsm_rule, ctx)) {
583 ++result; 583 ++result;
584 break; 584 break;
585 } 585 }
586 } 586 }
587 } 587 }
588 } 588 }
589 } 589 }
590 break; 590 break;
591 case AUDIT_ARG0: 591 case AUDIT_ARG0:
592 case AUDIT_ARG1: 592 case AUDIT_ARG1:
593 case AUDIT_ARG2: 593 case AUDIT_ARG2:
594 case AUDIT_ARG3: 594 case AUDIT_ARG3:
595 if (ctx) 595 if (ctx)
596 result = audit_comparator(ctx->argv[f->type-AUDIT_ARG0], f->op, f->val); 596 result = audit_comparator(ctx->argv[f->type-AUDIT_ARG0], f->op, f->val);
597 break; 597 break;
598 case AUDIT_FILTERKEY: 598 case AUDIT_FILTERKEY:
599 /* ignore this field for filtering */ 599 /* ignore this field for filtering */
600 result = 1; 600 result = 1;
601 break; 601 break;
602 case AUDIT_PERM: 602 case AUDIT_PERM:
603 result = audit_match_perm(ctx, f->val); 603 result = audit_match_perm(ctx, f->val);
604 break; 604 break;
605 case AUDIT_FILETYPE: 605 case AUDIT_FILETYPE:
606 result = audit_match_filetype(ctx, f->val); 606 result = audit_match_filetype(ctx, f->val);
607 break; 607 break;
608 } 608 }
609 609
610 if (!result) 610 if (!result)
611 return 0; 611 return 0;
612 } 612 }
613 if (rule->filterkey) 613 if (rule->filterkey && ctx)
614 ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC); 614 ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC);
615 switch (rule->action) { 615 switch (rule->action) {
616 case AUDIT_NEVER: *state = AUDIT_DISABLED; break; 616 case AUDIT_NEVER: *state = AUDIT_DISABLED; break;
617 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break; 617 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break;
618 } 618 }
619 return 1; 619 return 1;
620 } 620 }
621 621
622 /* At process creation time, we can determine if system-call auditing is 622 /* At process creation time, we can determine if system-call auditing is
623 * completely disabled for this task. Since we only have the task 623 * completely disabled for this task. Since we only have the task
624 * structure at this point, we can only check uid and gid. 624 * structure at this point, we can only check uid and gid.
625 */ 625 */
626 static enum audit_state audit_filter_task(struct task_struct *tsk) 626 static enum audit_state audit_filter_task(struct task_struct *tsk)
627 { 627 {
628 struct audit_entry *e; 628 struct audit_entry *e;
629 enum audit_state state; 629 enum audit_state state;
630 630
631 rcu_read_lock(); 631 rcu_read_lock();
632 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) { 632 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) {
633 if (audit_filter_rules(tsk, &e->rule, NULL, NULL, &state)) { 633 if (audit_filter_rules(tsk, &e->rule, NULL, NULL, &state)) {
634 rcu_read_unlock(); 634 rcu_read_unlock();
635 return state; 635 return state;
636 } 636 }
637 } 637 }
638 rcu_read_unlock(); 638 rcu_read_unlock();
639 return AUDIT_BUILD_CONTEXT; 639 return AUDIT_BUILD_CONTEXT;
640 } 640 }
641 641
642 /* At syscall entry and exit time, this filter is called if the 642 /* At syscall entry and exit time, this filter is called if the
643 * audit_state is not low enough that auditing cannot take place, but is 643 * audit_state is not low enough that auditing cannot take place, but is
644 * also not high enough that we already know we have to write an audit 644 * also not high enough that we already know we have to write an audit
645 * record (i.e., the state is AUDIT_SETUP_CONTEXT or AUDIT_BUILD_CONTEXT). 645 * record (i.e., the state is AUDIT_SETUP_CONTEXT or AUDIT_BUILD_CONTEXT).
646 */ 646 */
647 static enum audit_state audit_filter_syscall(struct task_struct *tsk, 647 static enum audit_state audit_filter_syscall(struct task_struct *tsk,
648 struct audit_context *ctx, 648 struct audit_context *ctx,
649 struct list_head *list) 649 struct list_head *list)
650 { 650 {
651 struct audit_entry *e; 651 struct audit_entry *e;
652 enum audit_state state; 652 enum audit_state state;
653 653
654 if (audit_pid && tsk->tgid == audit_pid) 654 if (audit_pid && tsk->tgid == audit_pid)
655 return AUDIT_DISABLED; 655 return AUDIT_DISABLED;
656 656
657 rcu_read_lock(); 657 rcu_read_lock();
658 if (!list_empty(list)) { 658 if (!list_empty(list)) {
659 int word = AUDIT_WORD(ctx->major); 659 int word = AUDIT_WORD(ctx->major);
660 int bit = AUDIT_BIT(ctx->major); 660 int bit = AUDIT_BIT(ctx->major);
661 661
662 list_for_each_entry_rcu(e, list, list) { 662 list_for_each_entry_rcu(e, list, list) {
663 if ((e->rule.mask[word] & bit) == bit && 663 if ((e->rule.mask[word] & bit) == bit &&
664 audit_filter_rules(tsk, &e->rule, ctx, NULL, 664 audit_filter_rules(tsk, &e->rule, ctx, NULL,
665 &state)) { 665 &state)) {
666 rcu_read_unlock(); 666 rcu_read_unlock();
667 return state; 667 return state;
668 } 668 }
669 } 669 }
670 } 670 }
671 rcu_read_unlock(); 671 rcu_read_unlock();
672 return AUDIT_BUILD_CONTEXT; 672 return AUDIT_BUILD_CONTEXT;
673 } 673 }
674 674
675 /* At syscall exit time, this filter is called if any audit_names[] have been 675 /* At syscall exit time, this filter is called if any audit_names[] have been
676 * collected during syscall processing. We only check rules in sublists at hash 676 * collected during syscall processing. We only check rules in sublists at hash
677 * buckets applicable to the inode numbers in audit_names[]. 677 * buckets applicable to the inode numbers in audit_names[].
678 * Regarding audit_state, same rules apply as for audit_filter_syscall(). 678 * Regarding audit_state, same rules apply as for audit_filter_syscall().
679 */ 679 */
680 enum audit_state audit_filter_inodes(struct task_struct *tsk, 680 enum audit_state audit_filter_inodes(struct task_struct *tsk,
681 struct audit_context *ctx) 681 struct audit_context *ctx)
682 { 682 {
683 int i; 683 int i;
684 struct audit_entry *e; 684 struct audit_entry *e;
685 enum audit_state state; 685 enum audit_state state;
686 686
687 if (audit_pid && tsk->tgid == audit_pid) 687 if (audit_pid && tsk->tgid == audit_pid)
688 return AUDIT_DISABLED; 688 return AUDIT_DISABLED;
689 689
690 rcu_read_lock(); 690 rcu_read_lock();
691 for (i = 0; i < ctx->name_count; i++) { 691 for (i = 0; i < ctx->name_count; i++) {
692 int word = AUDIT_WORD(ctx->major); 692 int word = AUDIT_WORD(ctx->major);
693 int bit = AUDIT_BIT(ctx->major); 693 int bit = AUDIT_BIT(ctx->major);
694 struct audit_names *n = &ctx->names[i]; 694 struct audit_names *n = &ctx->names[i];
695 int h = audit_hash_ino((u32)n->ino); 695 int h = audit_hash_ino((u32)n->ino);
696 struct list_head *list = &audit_inode_hash[h]; 696 struct list_head *list = &audit_inode_hash[h];
697 697
698 if (list_empty(list)) 698 if (list_empty(list))
699 continue; 699 continue;
700 700
701 list_for_each_entry_rcu(e, list, list) { 701 list_for_each_entry_rcu(e, list, list) {
702 if ((e->rule.mask[word] & bit) == bit && 702 if ((e->rule.mask[word] & bit) == bit &&
703 audit_filter_rules(tsk, &e->rule, ctx, n, &state)) { 703 audit_filter_rules(tsk, &e->rule, ctx, n, &state)) {
704 rcu_read_unlock(); 704 rcu_read_unlock();
705 return state; 705 return state;
706 } 706 }
707 } 707 }
708 } 708 }
709 rcu_read_unlock(); 709 rcu_read_unlock();
710 return AUDIT_BUILD_CONTEXT; 710 return AUDIT_BUILD_CONTEXT;
711 } 711 }
712 712
713 void audit_set_auditable(struct audit_context *ctx) 713 void audit_set_auditable(struct audit_context *ctx)
714 { 714 {
715 ctx->auditable = 1; 715 ctx->auditable = 1;
716 } 716 }
717 717
718 static inline struct audit_context *audit_get_context(struct task_struct *tsk, 718 static inline struct audit_context *audit_get_context(struct task_struct *tsk,
719 int return_valid, 719 int return_valid,
720 int return_code) 720 int return_code)
721 { 721 {
722 struct audit_context *context = tsk->audit_context; 722 struct audit_context *context = tsk->audit_context;
723 723
724 if (likely(!context)) 724 if (likely(!context))
725 return NULL; 725 return NULL;
726 context->return_valid = return_valid; 726 context->return_valid = return_valid;
727 727
728 /* 728 /*
729 * we need to fix up the return code in the audit logs if the actual 729 * we need to fix up the return code in the audit logs if the actual
730 * return codes are later going to be fixed up by the arch specific 730 * return codes are later going to be fixed up by the arch specific
731 * signal handlers 731 * signal handlers
732 * 732 *
733 * This is actually a test for: 733 * This is actually a test for:
734 * (rc == ERESTARTSYS ) || (rc == ERESTARTNOINTR) || 734 * (rc == ERESTARTSYS ) || (rc == ERESTARTNOINTR) ||
735 * (rc == ERESTARTNOHAND) || (rc == ERESTART_RESTARTBLOCK) 735 * (rc == ERESTARTNOHAND) || (rc == ERESTART_RESTARTBLOCK)
736 * 736 *
737 * but is faster than a bunch of || 737 * but is faster than a bunch of ||
738 */ 738 */
739 if (unlikely(return_code <= -ERESTARTSYS) && 739 if (unlikely(return_code <= -ERESTARTSYS) &&
740 (return_code >= -ERESTART_RESTARTBLOCK) && 740 (return_code >= -ERESTART_RESTARTBLOCK) &&
741 (return_code != -ENOIOCTLCMD)) 741 (return_code != -ENOIOCTLCMD))
742 context->return_code = -EINTR; 742 context->return_code = -EINTR;
743 else 743 else
744 context->return_code = return_code; 744 context->return_code = return_code;
745 745
746 if (context->in_syscall && !context->dummy && !context->auditable) { 746 if (context->in_syscall && !context->dummy && !context->auditable) {
747 enum audit_state state; 747 enum audit_state state;
748 748
749 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]); 749 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]);
750 if (state == AUDIT_RECORD_CONTEXT) { 750 if (state == AUDIT_RECORD_CONTEXT) {
751 context->auditable = 1; 751 context->auditable = 1;
752 goto get_context; 752 goto get_context;
753 } 753 }
754 754
755 state = audit_filter_inodes(tsk, context); 755 state = audit_filter_inodes(tsk, context);
756 if (state == AUDIT_RECORD_CONTEXT) 756 if (state == AUDIT_RECORD_CONTEXT)
757 context->auditable = 1; 757 context->auditable = 1;
758 758
759 } 759 }
760 760
761 get_context: 761 get_context:
762 762
763 tsk->audit_context = NULL; 763 tsk->audit_context = NULL;
764 return context; 764 return context;
765 } 765 }
766 766
767 static inline void audit_free_names(struct audit_context *context) 767 static inline void audit_free_names(struct audit_context *context)
768 { 768 {
769 int i; 769 int i;
770 770
771 #if AUDIT_DEBUG == 2 771 #if AUDIT_DEBUG == 2
772 if (context->auditable 772 if (context->auditable
773 ||context->put_count + context->ino_count != context->name_count) { 773 ||context->put_count + context->ino_count != context->name_count) {
774 printk(KERN_ERR "%s:%d(:%d): major=%d in_syscall=%d" 774 printk(KERN_ERR "%s:%d(:%d): major=%d in_syscall=%d"
775 " name_count=%d put_count=%d" 775 " name_count=%d put_count=%d"
776 " ino_count=%d [NOT freeing]\n", 776 " ino_count=%d [NOT freeing]\n",
777 __FILE__, __LINE__, 777 __FILE__, __LINE__,
778 context->serial, context->major, context->in_syscall, 778 context->serial, context->major, context->in_syscall,
779 context->name_count, context->put_count, 779 context->name_count, context->put_count,
780 context->ino_count); 780 context->ino_count);
781 for (i = 0; i < context->name_count; i++) { 781 for (i = 0; i < context->name_count; i++) {
782 printk(KERN_ERR "names[%d] = %p = %s\n", i, 782 printk(KERN_ERR "names[%d] = %p = %s\n", i,
783 context->names[i].name, 783 context->names[i].name,
784 context->names[i].name ?: "(null)"); 784 context->names[i].name ?: "(null)");
785 } 785 }
786 dump_stack(); 786 dump_stack();
787 return; 787 return;
788 } 788 }
789 #endif 789 #endif
790 #if AUDIT_DEBUG 790 #if AUDIT_DEBUG
791 context->put_count = 0; 791 context->put_count = 0;
792 context->ino_count = 0; 792 context->ino_count = 0;
793 #endif 793 #endif
794 794
795 for (i = 0; i < context->name_count; i++) { 795 for (i = 0; i < context->name_count; i++) {
796 if (context->names[i].name && context->names[i].name_put) 796 if (context->names[i].name && context->names[i].name_put)
797 __putname(context->names[i].name); 797 __putname(context->names[i].name);
798 } 798 }
799 context->name_count = 0; 799 context->name_count = 0;
800 path_put(&context->pwd); 800 path_put(&context->pwd);
801 context->pwd.dentry = NULL; 801 context->pwd.dentry = NULL;
802 context->pwd.mnt = NULL; 802 context->pwd.mnt = NULL;
803 } 803 }
804 804
805 static inline void audit_free_aux(struct audit_context *context) 805 static inline void audit_free_aux(struct audit_context *context)
806 { 806 {
807 struct audit_aux_data *aux; 807 struct audit_aux_data *aux;
808 808
809 while ((aux = context->aux)) { 809 while ((aux = context->aux)) {
810 context->aux = aux->next; 810 context->aux = aux->next;
811 kfree(aux); 811 kfree(aux);
812 } 812 }
813 while ((aux = context->aux_pids)) { 813 while ((aux = context->aux_pids)) {
814 context->aux_pids = aux->next; 814 context->aux_pids = aux->next;
815 kfree(aux); 815 kfree(aux);
816 } 816 }
817 } 817 }
818 818
819 static inline void audit_zero_context(struct audit_context *context, 819 static inline void audit_zero_context(struct audit_context *context,
820 enum audit_state state) 820 enum audit_state state)
821 { 821 {
822 memset(context, 0, sizeof(*context)); 822 memset(context, 0, sizeof(*context));
823 context->state = state; 823 context->state = state;
824 } 824 }
825 825
826 static inline struct audit_context *audit_alloc_context(enum audit_state state) 826 static inline struct audit_context *audit_alloc_context(enum audit_state state)
827 { 827 {
828 struct audit_context *context; 828 struct audit_context *context;
829 829
830 if (!(context = kmalloc(sizeof(*context), GFP_KERNEL))) 830 if (!(context = kmalloc(sizeof(*context), GFP_KERNEL)))
831 return NULL; 831 return NULL;
832 audit_zero_context(context, state); 832 audit_zero_context(context, state);
833 return context; 833 return context;
834 } 834 }
835 835
836 /** 836 /**
837 * audit_alloc - allocate an audit context block for a task 837 * audit_alloc - allocate an audit context block for a task
838 * @tsk: task 838 * @tsk: task
839 * 839 *
840 * Filter on the task information and allocate a per-task audit context 840 * Filter on the task information and allocate a per-task audit context
841 * if necessary. Doing so turns on system call auditing for the 841 * if necessary. Doing so turns on system call auditing for the
842 * specified task. This is called from copy_process, so no lock is 842 * specified task. This is called from copy_process, so no lock is
843 * needed. 843 * needed.
844 */ 844 */
845 int audit_alloc(struct task_struct *tsk) 845 int audit_alloc(struct task_struct *tsk)
846 { 846 {
847 struct audit_context *context; 847 struct audit_context *context;
848 enum audit_state state; 848 enum audit_state state;
849 849
850 if (likely(!audit_ever_enabled)) 850 if (likely(!audit_ever_enabled))
851 return 0; /* Return if not auditing. */ 851 return 0; /* Return if not auditing. */
852 852
853 state = audit_filter_task(tsk); 853 state = audit_filter_task(tsk);
854 if (likely(state == AUDIT_DISABLED)) 854 if (likely(state == AUDIT_DISABLED))
855 return 0; 855 return 0;
856 856
857 if (!(context = audit_alloc_context(state))) { 857 if (!(context = audit_alloc_context(state))) {
858 audit_log_lost("out of memory in audit_alloc"); 858 audit_log_lost("out of memory in audit_alloc");
859 return -ENOMEM; 859 return -ENOMEM;
860 } 860 }
861 861
862 tsk->audit_context = context; 862 tsk->audit_context = context;
863 set_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT); 863 set_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT);
864 return 0; 864 return 0;
865 } 865 }
866 866
867 static inline void audit_free_context(struct audit_context *context) 867 static inline void audit_free_context(struct audit_context *context)
868 { 868 {
869 struct audit_context *previous; 869 struct audit_context *previous;
870 int count = 0; 870 int count = 0;
871 871
872 do { 872 do {
873 previous = context->previous; 873 previous = context->previous;
874 if (previous || (count && count < 10)) { 874 if (previous || (count && count < 10)) {
875 ++count; 875 ++count;
876 printk(KERN_ERR "audit(:%d): major=%d name_count=%d:" 876 printk(KERN_ERR "audit(:%d): major=%d name_count=%d:"
877 " freeing multiple contexts (%d)\n", 877 " freeing multiple contexts (%d)\n",
878 context->serial, context->major, 878 context->serial, context->major,
879 context->name_count, count); 879 context->name_count, count);
880 } 880 }
881 audit_free_names(context); 881 audit_free_names(context);
882 unroll_tree_refs(context, NULL, 0); 882 unroll_tree_refs(context, NULL, 0);
883 free_tree_refs(context); 883 free_tree_refs(context);
884 audit_free_aux(context); 884 audit_free_aux(context);
885 kfree(context->filterkey); 885 kfree(context->filterkey);
886 kfree(context); 886 kfree(context);
887 context = previous; 887 context = previous;
888 } while (context); 888 } while (context);
889 if (count >= 10) 889 if (count >= 10)
890 printk(KERN_ERR "audit: freed %d contexts\n", count); 890 printk(KERN_ERR "audit: freed %d contexts\n", count);
891 } 891 }
892 892
893 void audit_log_task_context(struct audit_buffer *ab) 893 void audit_log_task_context(struct audit_buffer *ab)
894 { 894 {
895 char *ctx = NULL; 895 char *ctx = NULL;
896 unsigned len; 896 unsigned len;
897 int error; 897 int error;
898 u32 sid; 898 u32 sid;
899 899
900 security_task_getsecid(current, &sid); 900 security_task_getsecid(current, &sid);
901 if (!sid) 901 if (!sid)
902 return; 902 return;
903 903
904 error = security_secid_to_secctx(sid, &ctx, &len); 904 error = security_secid_to_secctx(sid, &ctx, &len);
905 if (error) { 905 if (error) {
906 if (error != -EINVAL) 906 if (error != -EINVAL)
907 goto error_path; 907 goto error_path;
908 return; 908 return;
909 } 909 }
910 910
911 audit_log_format(ab, " subj=%s", ctx); 911 audit_log_format(ab, " subj=%s", ctx);
912 security_release_secctx(ctx, len); 912 security_release_secctx(ctx, len);
913 return; 913 return;
914 914
915 error_path: 915 error_path:
916 audit_panic("error in audit_log_task_context"); 916 audit_panic("error in audit_log_task_context");
917 return; 917 return;
918 } 918 }
919 919
920 EXPORT_SYMBOL(audit_log_task_context); 920 EXPORT_SYMBOL(audit_log_task_context);
921 921
922 static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk) 922 static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
923 { 923 {
924 char name[sizeof(tsk->comm)]; 924 char name[sizeof(tsk->comm)];
925 struct mm_struct *mm = tsk->mm; 925 struct mm_struct *mm = tsk->mm;
926 struct vm_area_struct *vma; 926 struct vm_area_struct *vma;
927 927
928 /* tsk == current */ 928 /* tsk == current */
929 929
930 get_task_comm(name, tsk); 930 get_task_comm(name, tsk);
931 audit_log_format(ab, " comm="); 931 audit_log_format(ab, " comm=");
932 audit_log_untrustedstring(ab, name); 932 audit_log_untrustedstring(ab, name);
933 933
934 if (mm) { 934 if (mm) {
935 down_read(&mm->mmap_sem); 935 down_read(&mm->mmap_sem);
936 vma = mm->mmap; 936 vma = mm->mmap;
937 while (vma) { 937 while (vma) {
938 if ((vma->vm_flags & VM_EXECUTABLE) && 938 if ((vma->vm_flags & VM_EXECUTABLE) &&
939 vma->vm_file) { 939 vma->vm_file) {
940 audit_log_d_path(ab, "exe=", 940 audit_log_d_path(ab, "exe=",
941 &vma->vm_file->f_path); 941 &vma->vm_file->f_path);
942 break; 942 break;
943 } 943 }
944 vma = vma->vm_next; 944 vma = vma->vm_next;
945 } 945 }
946 up_read(&mm->mmap_sem); 946 up_read(&mm->mmap_sem);
947 } 947 }
948 audit_log_task_context(ab); 948 audit_log_task_context(ab);
949 } 949 }
950 950
951 static int audit_log_pid_context(struct audit_context *context, pid_t pid, 951 static int audit_log_pid_context(struct audit_context *context, pid_t pid,
952 uid_t auid, uid_t uid, unsigned int sessionid, 952 uid_t auid, uid_t uid, unsigned int sessionid,
953 u32 sid, char *comm) 953 u32 sid, char *comm)
954 { 954 {
955 struct audit_buffer *ab; 955 struct audit_buffer *ab;
956 char *ctx = NULL; 956 char *ctx = NULL;
957 u32 len; 957 u32 len;
958 int rc = 0; 958 int rc = 0;
959 959
960 ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID); 960 ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID);
961 if (!ab) 961 if (!ab)
962 return rc; 962 return rc;
963 963
964 audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, auid, 964 audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, auid,
965 uid, sessionid); 965 uid, sessionid);
966 if (security_secid_to_secctx(sid, &ctx, &len)) { 966 if (security_secid_to_secctx(sid, &ctx, &len)) {
967 audit_log_format(ab, " obj=(none)"); 967 audit_log_format(ab, " obj=(none)");
968 rc = 1; 968 rc = 1;
969 } else { 969 } else {
970 audit_log_format(ab, " obj=%s", ctx); 970 audit_log_format(ab, " obj=%s", ctx);
971 security_release_secctx(ctx, len); 971 security_release_secctx(ctx, len);
972 } 972 }
973 audit_log_format(ab, " ocomm="); 973 audit_log_format(ab, " ocomm=");
974 audit_log_untrustedstring(ab, comm); 974 audit_log_untrustedstring(ab, comm);
975 audit_log_end(ab); 975 audit_log_end(ab);
976 976
977 return rc; 977 return rc;
978 } 978 }
979 979
980 /* 980 /*
981 * to_send and len_sent accounting are very loose estimates. We aren't 981 * to_send and len_sent accounting are very loose estimates. We aren't
982 * really worried about a hard cap to MAX_EXECVE_AUDIT_LEN so much as being 982 * really worried about a hard cap to MAX_EXECVE_AUDIT_LEN so much as being
983 * within about 500 bytes (next page boundry) 983 * within about 500 bytes (next page boundry)
984 * 984 *
985 * why snprintf? an int is up to 12 digits long. if we just assumed when 985 * why snprintf? an int is up to 12 digits long. if we just assumed when
986 * logging that a[%d]= was going to be 16 characters long we would be wasting 986 * logging that a[%d]= was going to be 16 characters long we would be wasting
987 * space in every audit message. In one 7500 byte message we can log up to 987 * space in every audit message. In one 7500 byte message we can log up to
988 * about 1000 min size arguments. That comes down to about 50% waste of space 988 * about 1000 min size arguments. That comes down to about 50% waste of space
989 * if we didn't do the snprintf to find out how long arg_num_len was. 989 * if we didn't do the snprintf to find out how long arg_num_len was.
990 */ 990 */
991 static int audit_log_single_execve_arg(struct audit_context *context, 991 static int audit_log_single_execve_arg(struct audit_context *context,
992 struct audit_buffer **ab, 992 struct audit_buffer **ab,
993 int arg_num, 993 int arg_num,
994 size_t *len_sent, 994 size_t *len_sent,
995 const char __user *p, 995 const char __user *p,
996 char *buf) 996 char *buf)
997 { 997 {
998 char arg_num_len_buf[12]; 998 char arg_num_len_buf[12];
999 const char __user *tmp_p = p; 999 const char __user *tmp_p = p;
1000 /* how many digits are in arg_num? 3 is the length of a=\n */ 1000 /* how many digits are in arg_num? 3 is the length of a=\n */
1001 size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 3; 1001 size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 3;
1002 size_t len, len_left, to_send; 1002 size_t len, len_left, to_send;
1003 size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN; 1003 size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN;
1004 unsigned int i, has_cntl = 0, too_long = 0; 1004 unsigned int i, has_cntl = 0, too_long = 0;
1005 int ret; 1005 int ret;
1006 1006
1007 /* strnlen_user includes the null we don't want to send */ 1007 /* strnlen_user includes the null we don't want to send */
1008 len_left = len = strnlen_user(p, MAX_ARG_STRLEN) - 1; 1008 len_left = len = strnlen_user(p, MAX_ARG_STRLEN) - 1;
1009 1009
1010 /* 1010 /*
1011 * We just created this mm, if we can't find the strings 1011 * We just created this mm, if we can't find the strings
1012 * we just copied into it something is _very_ wrong. Similar 1012 * we just copied into it something is _very_ wrong. Similar
1013 * for strings that are too long, we should not have created 1013 * for strings that are too long, we should not have created
1014 * any. 1014 * any.
1015 */ 1015 */
1016 if (unlikely((len == -1) || len > MAX_ARG_STRLEN - 1)) { 1016 if (unlikely((len == -1) || len > MAX_ARG_STRLEN - 1)) {
1017 WARN_ON(1); 1017 WARN_ON(1);
1018 send_sig(SIGKILL, current, 0); 1018 send_sig(SIGKILL, current, 0);
1019 return -1; 1019 return -1;
1020 } 1020 }
1021 1021
1022 /* walk the whole argument looking for non-ascii chars */ 1022 /* walk the whole argument looking for non-ascii chars */
1023 do { 1023 do {
1024 if (len_left > MAX_EXECVE_AUDIT_LEN) 1024 if (len_left > MAX_EXECVE_AUDIT_LEN)
1025 to_send = MAX_EXECVE_AUDIT_LEN; 1025 to_send = MAX_EXECVE_AUDIT_LEN;
1026 else 1026 else
1027 to_send = len_left; 1027 to_send = len_left;
1028 ret = copy_from_user(buf, tmp_p, to_send); 1028 ret = copy_from_user(buf, tmp_p, to_send);
1029 /* 1029 /*
1030 * There is no reason for this copy to be short. We just 1030 * There is no reason for this copy to be short. We just
1031 * copied them here, and the mm hasn't been exposed to user- 1031 * copied them here, and the mm hasn't been exposed to user-
1032 * space yet. 1032 * space yet.
1033 */ 1033 */
1034 if (ret) { 1034 if (ret) {
1035 WARN_ON(1); 1035 WARN_ON(1);
1036 send_sig(SIGKILL, current, 0); 1036 send_sig(SIGKILL, current, 0);
1037 return -1; 1037 return -1;
1038 } 1038 }
1039 buf[to_send] = '\0'; 1039 buf[to_send] = '\0';
1040 has_cntl = audit_string_contains_control(buf, to_send); 1040 has_cntl = audit_string_contains_control(buf, to_send);
1041 if (has_cntl) { 1041 if (has_cntl) {
1042 /* 1042 /*
1043 * hex messages get logged as 2 bytes, so we can only 1043 * hex messages get logged as 2 bytes, so we can only
1044 * send half as much in each message 1044 * send half as much in each message
1045 */ 1045 */
1046 max_execve_audit_len = MAX_EXECVE_AUDIT_LEN / 2; 1046 max_execve_audit_len = MAX_EXECVE_AUDIT_LEN / 2;
1047 break; 1047 break;
1048 } 1048 }
1049 len_left -= to_send; 1049 len_left -= to_send;
1050 tmp_p += to_send; 1050 tmp_p += to_send;
1051 } while (len_left > 0); 1051 } while (len_left > 0);
1052 1052
1053 len_left = len; 1053 len_left = len;
1054 1054
1055 if (len > max_execve_audit_len) 1055 if (len > max_execve_audit_len)
1056 too_long = 1; 1056 too_long = 1;
1057 1057
1058 /* rewalk the argument actually logging the message */ 1058 /* rewalk the argument actually logging the message */
1059 for (i = 0; len_left > 0; i++) { 1059 for (i = 0; len_left > 0; i++) {
1060 int room_left; 1060 int room_left;
1061 1061
1062 if (len_left > max_execve_audit_len) 1062 if (len_left > max_execve_audit_len)
1063 to_send = max_execve_audit_len; 1063 to_send = max_execve_audit_len;
1064 else 1064 else
1065 to_send = len_left; 1065 to_send = len_left;
1066 1066
1067 /* do we have space left to send this argument in this ab? */ 1067 /* do we have space left to send this argument in this ab? */
1068 room_left = MAX_EXECVE_AUDIT_LEN - arg_num_len - *len_sent; 1068 room_left = MAX_EXECVE_AUDIT_LEN - arg_num_len - *len_sent;
1069 if (has_cntl) 1069 if (has_cntl)
1070 room_left -= (to_send * 2); 1070 room_left -= (to_send * 2);
1071 else 1071 else
1072 room_left -= to_send; 1072 room_left -= to_send;
1073 if (room_left < 0) { 1073 if (room_left < 0) {
1074 *len_sent = 0; 1074 *len_sent = 0;
1075 audit_log_end(*ab); 1075 audit_log_end(*ab);
1076 *ab = audit_log_start(context, GFP_KERNEL, AUDIT_EXECVE); 1076 *ab = audit_log_start(context, GFP_KERNEL, AUDIT_EXECVE);
1077 if (!*ab) 1077 if (!*ab)
1078 return 0; 1078 return 0;
1079 } 1079 }
1080 1080
1081 /* 1081 /*
1082 * first record needs to say how long the original string was 1082 * first record needs to say how long the original string was
1083 * so we can be sure nothing was lost. 1083 * so we can be sure nothing was lost.
1084 */ 1084 */
1085 if ((i == 0) && (too_long)) 1085 if ((i == 0) && (too_long))
1086 audit_log_format(*ab, "a%d_len=%zu ", arg_num, 1086 audit_log_format(*ab, "a%d_len=%zu ", arg_num,
1087 has_cntl ? 2*len : len); 1087 has_cntl ? 2*len : len);
1088 1088
1089 /* 1089 /*
1090 * normally arguments are small enough to fit and we already 1090 * normally arguments are small enough to fit and we already
1091 * filled buf above when we checked for control characters 1091 * filled buf above when we checked for control characters
1092 * so don't bother with another copy_from_user 1092 * so don't bother with another copy_from_user
1093 */ 1093 */
1094 if (len >= max_execve_audit_len) 1094 if (len >= max_execve_audit_len)
1095 ret = copy_from_user(buf, p, to_send); 1095 ret = copy_from_user(buf, p, to_send);
1096 else 1096 else
1097 ret = 0; 1097 ret = 0;
1098 if (ret) { 1098 if (ret) {
1099 WARN_ON(1); 1099 WARN_ON(1);
1100 send_sig(SIGKILL, current, 0); 1100 send_sig(SIGKILL, current, 0);
1101 return -1; 1101 return -1;
1102 } 1102 }
1103 buf[to_send] = '\0'; 1103 buf[to_send] = '\0';
1104 1104
1105 /* actually log it */ 1105 /* actually log it */
1106 audit_log_format(*ab, "a%d", arg_num); 1106 audit_log_format(*ab, "a%d", arg_num);
1107 if (too_long) 1107 if (too_long)
1108 audit_log_format(*ab, "[%d]", i); 1108 audit_log_format(*ab, "[%d]", i);
1109 audit_log_format(*ab, "="); 1109 audit_log_format(*ab, "=");
1110 if (has_cntl) 1110 if (has_cntl)
1111 audit_log_n_hex(*ab, buf, to_send); 1111 audit_log_n_hex(*ab, buf, to_send);
1112 else 1112 else
1113 audit_log_format(*ab, "\"%s\"", buf); 1113 audit_log_format(*ab, "\"%s\"", buf);
1114 audit_log_format(*ab, "\n"); 1114 audit_log_format(*ab, "\n");
1115 1115
1116 p += to_send; 1116 p += to_send;
1117 len_left -= to_send; 1117 len_left -= to_send;
1118 *len_sent += arg_num_len; 1118 *len_sent += arg_num_len;
1119 if (has_cntl) 1119 if (has_cntl)
1120 *len_sent += to_send * 2; 1120 *len_sent += to_send * 2;
1121 else 1121 else
1122 *len_sent += to_send; 1122 *len_sent += to_send;
1123 } 1123 }
1124 /* include the null we didn't log */ 1124 /* include the null we didn't log */
1125 return len + 1; 1125 return len + 1;
1126 } 1126 }
1127 1127
1128 static void audit_log_execve_info(struct audit_context *context, 1128 static void audit_log_execve_info(struct audit_context *context,
1129 struct audit_buffer **ab, 1129 struct audit_buffer **ab,
1130 struct audit_aux_data_execve *axi) 1130 struct audit_aux_data_execve *axi)
1131 { 1131 {
1132 int i; 1132 int i;
1133 size_t len, len_sent = 0; 1133 size_t len, len_sent = 0;
1134 const char __user *p; 1134 const char __user *p;
1135 char *buf; 1135 char *buf;
1136 1136
1137 if (axi->mm != current->mm) 1137 if (axi->mm != current->mm)
1138 return; /* execve failed, no additional info */ 1138 return; /* execve failed, no additional info */
1139 1139
1140 p = (const char __user *)axi->mm->arg_start; 1140 p = (const char __user *)axi->mm->arg_start;
1141 1141
1142 audit_log_format(*ab, "argc=%d ", axi->argc); 1142 audit_log_format(*ab, "argc=%d ", axi->argc);
1143 1143
1144 /* 1144 /*
1145 * we need some kernel buffer to hold the userspace args. Just 1145 * we need some kernel buffer to hold the userspace args. Just
1146 * allocate one big one rather than allocating one of the right size 1146 * allocate one big one rather than allocating one of the right size
1147 * for every single argument inside audit_log_single_execve_arg() 1147 * for every single argument inside audit_log_single_execve_arg()
1148 * should be <8k allocation so should be pretty safe. 1148 * should be <8k allocation so should be pretty safe.
1149 */ 1149 */
1150 buf = kmalloc(MAX_EXECVE_AUDIT_LEN + 1, GFP_KERNEL); 1150 buf = kmalloc(MAX_EXECVE_AUDIT_LEN + 1, GFP_KERNEL);
1151 if (!buf) { 1151 if (!buf) {
1152 audit_panic("out of memory for argv string\n"); 1152 audit_panic("out of memory for argv string\n");
1153 return; 1153 return;
1154 } 1154 }
1155 1155
1156 for (i = 0; i < axi->argc; i++) { 1156 for (i = 0; i < axi->argc; i++) {
1157 len = audit_log_single_execve_arg(context, ab, i, 1157 len = audit_log_single_execve_arg(context, ab, i,
1158 &len_sent, p, buf); 1158 &len_sent, p, buf);
1159 if (len <= 0) 1159 if (len <= 0)
1160 break; 1160 break;
1161 p += len; 1161 p += len;
1162 } 1162 }
1163 kfree(buf); 1163 kfree(buf);
1164 } 1164 }
1165 1165
1166 static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) 1166 static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
1167 { 1167 {
1168 int i, call_panic = 0; 1168 int i, call_panic = 0;
1169 struct audit_buffer *ab; 1169 struct audit_buffer *ab;
1170 struct audit_aux_data *aux; 1170 struct audit_aux_data *aux;
1171 const char *tty; 1171 const char *tty;
1172 1172
1173 /* tsk == current */ 1173 /* tsk == current */
1174 context->pid = tsk->pid; 1174 context->pid = tsk->pid;
1175 if (!context->ppid) 1175 if (!context->ppid)
1176 context->ppid = sys_getppid(); 1176 context->ppid = sys_getppid();
1177 context->uid = tsk->uid; 1177 context->uid = tsk->uid;
1178 context->gid = tsk->gid; 1178 context->gid = tsk->gid;
1179 context->euid = tsk->euid; 1179 context->euid = tsk->euid;
1180 context->suid = tsk->suid; 1180 context->suid = tsk->suid;
1181 context->fsuid = tsk->fsuid; 1181 context->fsuid = tsk->fsuid;
1182 context->egid = tsk->egid; 1182 context->egid = tsk->egid;
1183 context->sgid = tsk->sgid; 1183 context->sgid = tsk->sgid;
1184 context->fsgid = tsk->fsgid; 1184 context->fsgid = tsk->fsgid;
1185 context->personality = tsk->personality; 1185 context->personality = tsk->personality;
1186 1186
1187 ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL); 1187 ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL);
1188 if (!ab) 1188 if (!ab)
1189 return; /* audit_panic has been called */ 1189 return; /* audit_panic has been called */
1190 audit_log_format(ab, "arch=%x syscall=%d", 1190 audit_log_format(ab, "arch=%x syscall=%d",
1191 context->arch, context->major); 1191 context->arch, context->major);
1192 if (context->personality != PER_LINUX) 1192 if (context->personality != PER_LINUX)
1193 audit_log_format(ab, " per=%lx", context->personality); 1193 audit_log_format(ab, " per=%lx", context->personality);
1194 if (context->return_valid) 1194 if (context->return_valid)
1195 audit_log_format(ab, " success=%s exit=%ld", 1195 audit_log_format(ab, " success=%s exit=%ld",
1196 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no", 1196 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no",
1197 context->return_code); 1197 context->return_code);
1198 1198
1199 mutex_lock(&tty_mutex); 1199 mutex_lock(&tty_mutex);
1200 read_lock(&tasklist_lock); 1200 read_lock(&tasklist_lock);
1201 if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name) 1201 if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
1202 tty = tsk->signal->tty->name; 1202 tty = tsk->signal->tty->name;
1203 else 1203 else
1204 tty = "(none)"; 1204 tty = "(none)";
1205 read_unlock(&tasklist_lock); 1205 read_unlock(&tasklist_lock);
1206 audit_log_format(ab, 1206 audit_log_format(ab,
1207 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d" 1207 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d"
1208 " ppid=%d pid=%d auid=%u uid=%u gid=%u" 1208 " ppid=%d pid=%d auid=%u uid=%u gid=%u"
1209 " euid=%u suid=%u fsuid=%u" 1209 " euid=%u suid=%u fsuid=%u"
1210 " egid=%u sgid=%u fsgid=%u tty=%s ses=%u", 1210 " egid=%u sgid=%u fsgid=%u tty=%s ses=%u",
1211 context->argv[0], 1211 context->argv[0],
1212 context->argv[1], 1212 context->argv[1],
1213 context->argv[2], 1213 context->argv[2],
1214 context->argv[3], 1214 context->argv[3],
1215 context->name_count, 1215 context->name_count,
1216 context->ppid, 1216 context->ppid,
1217 context->pid, 1217 context->pid,
1218 tsk->loginuid, 1218 tsk->loginuid,
1219 context->uid, 1219 context->uid,
1220 context->gid, 1220 context->gid,
1221 context->euid, context->suid, context->fsuid, 1221 context->euid, context->suid, context->fsuid,
1222 context->egid, context->sgid, context->fsgid, tty, 1222 context->egid, context->sgid, context->fsgid, tty,
1223 tsk->sessionid); 1223 tsk->sessionid);
1224 1224
1225 mutex_unlock(&tty_mutex); 1225 mutex_unlock(&tty_mutex);
1226 1226
1227 audit_log_task_info(ab, tsk); 1227 audit_log_task_info(ab, tsk);
1228 if (context->filterkey) { 1228 if (context->filterkey) {
1229 audit_log_format(ab, " key="); 1229 audit_log_format(ab, " key=");
1230 audit_log_untrustedstring(ab, context->filterkey); 1230 audit_log_untrustedstring(ab, context->filterkey);
1231 } else 1231 } else
1232 audit_log_format(ab, " key=(null)"); 1232 audit_log_format(ab, " key=(null)");
1233 audit_log_end(ab); 1233 audit_log_end(ab);
1234 1234
1235 for (aux = context->aux; aux; aux = aux->next) { 1235 for (aux = context->aux; aux; aux = aux->next) {
1236 1236
1237 ab = audit_log_start(context, GFP_KERNEL, aux->type); 1237 ab = audit_log_start(context, GFP_KERNEL, aux->type);
1238 if (!ab) 1238 if (!ab)
1239 continue; /* audit_panic has been called */ 1239 continue; /* audit_panic has been called */
1240 1240
1241 switch (aux->type) { 1241 switch (aux->type) {
1242 case AUDIT_MQ_OPEN: { 1242 case AUDIT_MQ_OPEN: {
1243 struct audit_aux_data_mq_open *axi = (void *)aux; 1243 struct audit_aux_data_mq_open *axi = (void *)aux;
1244 audit_log_format(ab, 1244 audit_log_format(ab,
1245 "oflag=0x%x mode=%#o mq_flags=0x%lx mq_maxmsg=%ld " 1245 "oflag=0x%x mode=%#o mq_flags=0x%lx mq_maxmsg=%ld "
1246 "mq_msgsize=%ld mq_curmsgs=%ld", 1246 "mq_msgsize=%ld mq_curmsgs=%ld",
1247 axi->oflag, axi->mode, axi->attr.mq_flags, 1247 axi->oflag, axi->mode, axi->attr.mq_flags,
1248 axi->attr.mq_maxmsg, axi->attr.mq_msgsize, 1248 axi->attr.mq_maxmsg, axi->attr.mq_msgsize,
1249 axi->attr.mq_curmsgs); 1249 axi->attr.mq_curmsgs);
1250 break; } 1250 break; }
1251 1251
1252 case AUDIT_MQ_SENDRECV: { 1252 case AUDIT_MQ_SENDRECV: {
1253 struct audit_aux_data_mq_sendrecv *axi = (void *)aux; 1253 struct audit_aux_data_mq_sendrecv *axi = (void *)aux;
1254 audit_log_format(ab, 1254 audit_log_format(ab,
1255 "mqdes=%d msg_len=%zd msg_prio=%u " 1255 "mqdes=%d msg_len=%zd msg_prio=%u "
1256 "abs_timeout_sec=%ld abs_timeout_nsec=%ld", 1256 "abs_timeout_sec=%ld abs_timeout_nsec=%ld",
1257 axi->mqdes, axi->msg_len, axi->msg_prio, 1257 axi->mqdes, axi->msg_len, axi->msg_prio,
1258 axi->abs_timeout.tv_sec, axi->abs_timeout.tv_nsec); 1258 axi->abs_timeout.tv_sec, axi->abs_timeout.tv_nsec);
1259 break; } 1259 break; }
1260 1260
1261 case AUDIT_MQ_NOTIFY: { 1261 case AUDIT_MQ_NOTIFY: {
1262 struct audit_aux_data_mq_notify *axi = (void *)aux; 1262 struct audit_aux_data_mq_notify *axi = (void *)aux;
1263 audit_log_format(ab, 1263 audit_log_format(ab,
1264 "mqdes=%d sigev_signo=%d", 1264 "mqdes=%d sigev_signo=%d",
1265 axi->mqdes, 1265 axi->mqdes,
1266 axi->notification.sigev_signo); 1266 axi->notification.sigev_signo);
1267 break; } 1267 break; }
1268 1268
1269 case AUDIT_MQ_GETSETATTR: { 1269 case AUDIT_MQ_GETSETATTR: {
1270 struct audit_aux_data_mq_getsetattr *axi = (void *)aux; 1270 struct audit_aux_data_mq_getsetattr *axi = (void *)aux;
1271 audit_log_format(ab, 1271 audit_log_format(ab,
1272 "mqdes=%d mq_flags=0x%lx mq_maxmsg=%ld mq_msgsize=%ld " 1272 "mqdes=%d mq_flags=0x%lx mq_maxmsg=%ld mq_msgsize=%ld "
1273 "mq_curmsgs=%ld ", 1273 "mq_curmsgs=%ld ",
1274 axi->mqdes, 1274 axi->mqdes,
1275 axi->mqstat.mq_flags, axi->mqstat.mq_maxmsg, 1275 axi->mqstat.mq_flags, axi->mqstat.mq_maxmsg,
1276 axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs); 1276 axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs);
1277 break; } 1277 break; }
1278 1278
1279 case AUDIT_IPC: { 1279 case AUDIT_IPC: {
1280 struct audit_aux_data_ipcctl *axi = (void *)aux; 1280 struct audit_aux_data_ipcctl *axi = (void *)aux;
1281 audit_log_format(ab, 1281 audit_log_format(ab,
1282 "ouid=%u ogid=%u mode=%#o", 1282 "ouid=%u ogid=%u mode=%#o",
1283 axi->uid, axi->gid, axi->mode); 1283 axi->uid, axi->gid, axi->mode);
1284 if (axi->osid != 0) { 1284 if (axi->osid != 0) {
1285 char *ctx = NULL; 1285 char *ctx = NULL;
1286 u32 len; 1286 u32 len;
1287 if (security_secid_to_secctx( 1287 if (security_secid_to_secctx(
1288 axi->osid, &ctx, &len)) { 1288 axi->osid, &ctx, &len)) {
1289 audit_log_format(ab, " osid=%u", 1289 audit_log_format(ab, " osid=%u",
1290 axi->osid); 1290 axi->osid);
1291 call_panic = 1; 1291 call_panic = 1;
1292 } else { 1292 } else {
1293 audit_log_format(ab, " obj=%s", ctx); 1293 audit_log_format(ab, " obj=%s", ctx);
1294 security_release_secctx(ctx, len); 1294 security_release_secctx(ctx, len);
1295 } 1295 }
1296 } 1296 }
1297 break; } 1297 break; }
1298 1298
1299 case AUDIT_IPC_SET_PERM: { 1299 case AUDIT_IPC_SET_PERM: {
1300 struct audit_aux_data_ipcctl *axi = (void *)aux; 1300 struct audit_aux_data_ipcctl *axi = (void *)aux;
1301 audit_log_format(ab, 1301 audit_log_format(ab,
1302 "qbytes=%lx ouid=%u ogid=%u mode=%#o", 1302 "qbytes=%lx ouid=%u ogid=%u mode=%#o",
1303 axi->qbytes, axi->uid, axi->gid, axi->mode); 1303 axi->qbytes, axi->uid, axi->gid, axi->mode);
1304 break; } 1304 break; }
1305 1305
1306 case AUDIT_EXECVE: { 1306 case AUDIT_EXECVE: {
1307 struct audit_aux_data_execve *axi = (void *)aux; 1307 struct audit_aux_data_execve *axi = (void *)aux;
1308 audit_log_execve_info(context, &ab, axi); 1308 audit_log_execve_info(context, &ab, axi);
1309 break; } 1309 break; }
1310 1310
1311 case AUDIT_SOCKETCALL: { 1311 case AUDIT_SOCKETCALL: {
1312 struct audit_aux_data_socketcall *axs = (void *)aux; 1312 struct audit_aux_data_socketcall *axs = (void *)aux;
1313 audit_log_format(ab, "nargs=%d", axs->nargs); 1313 audit_log_format(ab, "nargs=%d", axs->nargs);
1314 for (i=0; i<axs->nargs; i++) 1314 for (i=0; i<axs->nargs; i++)
1315 audit_log_format(ab, " a%d=%lx", i, axs->args[i]); 1315 audit_log_format(ab, " a%d=%lx", i, axs->args[i]);
1316 break; } 1316 break; }
1317 1317
1318 case AUDIT_SOCKADDR: { 1318 case AUDIT_SOCKADDR: {
1319 struct audit_aux_data_sockaddr *axs = (void *)aux; 1319 struct audit_aux_data_sockaddr *axs = (void *)aux;
1320 1320
1321 audit_log_format(ab, "saddr="); 1321 audit_log_format(ab, "saddr=");
1322 audit_log_n_hex(ab, axs->a, axs->len); 1322 audit_log_n_hex(ab, axs->a, axs->len);
1323 break; } 1323 break; }
1324 1324
1325 case AUDIT_FD_PAIR: { 1325 case AUDIT_FD_PAIR: {
1326 struct audit_aux_data_fd_pair *axs = (void *)aux; 1326 struct audit_aux_data_fd_pair *axs = (void *)aux;
1327 audit_log_format(ab, "fd0=%d fd1=%d", axs->fd[0], axs->fd[1]); 1327 audit_log_format(ab, "fd0=%d fd1=%d", axs->fd[0], axs->fd[1]);
1328 break; } 1328 break; }
1329 1329
1330 } 1330 }
1331 audit_log_end(ab); 1331 audit_log_end(ab);
1332 } 1332 }
1333 1333
1334 for (aux = context->aux_pids; aux; aux = aux->next) { 1334 for (aux = context->aux_pids; aux; aux = aux->next) {
1335 struct audit_aux_data_pids *axs = (void *)aux; 1335 struct audit_aux_data_pids *axs = (void *)aux;
1336 1336
1337 for (i = 0; i < axs->pid_count; i++) 1337 for (i = 0; i < axs->pid_count; i++)
1338 if (audit_log_pid_context(context, axs->target_pid[i], 1338 if (audit_log_pid_context(context, axs->target_pid[i],
1339 axs->target_auid[i], 1339 axs->target_auid[i],
1340 axs->target_uid[i], 1340 axs->target_uid[i],
1341 axs->target_sessionid[i], 1341 axs->target_sessionid[i],
1342 axs->target_sid[i], 1342 axs->target_sid[i],
1343 axs->target_comm[i])) 1343 axs->target_comm[i]))
1344 call_panic = 1; 1344 call_panic = 1;
1345 } 1345 }
1346 1346
1347 if (context->target_pid && 1347 if (context->target_pid &&
1348 audit_log_pid_context(context, context->target_pid, 1348 audit_log_pid_context(context, context->target_pid,
1349 context->target_auid, context->target_uid, 1349 context->target_auid, context->target_uid,
1350 context->target_sessionid, 1350 context->target_sessionid,
1351 context->target_sid, context->target_comm)) 1351 context->target_sid, context->target_comm))
1352 call_panic = 1; 1352 call_panic = 1;
1353 1353
1354 if (context->pwd.dentry && context->pwd.mnt) { 1354 if (context->pwd.dentry && context->pwd.mnt) {
1355 ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD); 1355 ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD);
1356 if (ab) { 1356 if (ab) {
1357 audit_log_d_path(ab, "cwd=", &context->pwd); 1357 audit_log_d_path(ab, "cwd=", &context->pwd);
1358 audit_log_end(ab); 1358 audit_log_end(ab);
1359 } 1359 }
1360 } 1360 }
1361 for (i = 0; i < context->name_count; i++) { 1361 for (i = 0; i < context->name_count; i++) {
1362 struct audit_names *n = &context->names[i]; 1362 struct audit_names *n = &context->names[i];
1363 1363
1364 ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH); 1364 ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH);
1365 if (!ab) 1365 if (!ab)
1366 continue; /* audit_panic has been called */ 1366 continue; /* audit_panic has been called */
1367 1367
1368 audit_log_format(ab, "item=%d", i); 1368 audit_log_format(ab, "item=%d", i);
1369 1369
1370 if (n->name) { 1370 if (n->name) {
1371 switch(n->name_len) { 1371 switch(n->name_len) {
1372 case AUDIT_NAME_FULL: 1372 case AUDIT_NAME_FULL:
1373 /* log the full path */ 1373 /* log the full path */
1374 audit_log_format(ab, " name="); 1374 audit_log_format(ab, " name=");
1375 audit_log_untrustedstring(ab, n->name); 1375 audit_log_untrustedstring(ab, n->name);
1376 break; 1376 break;
1377 case 0: 1377 case 0:
1378 /* name was specified as a relative path and the 1378 /* name was specified as a relative path and the
1379 * directory component is the cwd */ 1379 * directory component is the cwd */
1380 audit_log_d_path(ab, " name=", &context->pwd); 1380 audit_log_d_path(ab, " name=", &context->pwd);
1381 break; 1381 break;
1382 default: 1382 default:
1383 /* log the name's directory component */ 1383 /* log the name's directory component */
1384 audit_log_format(ab, " name="); 1384 audit_log_format(ab, " name=");
1385 audit_log_n_untrustedstring(ab, n->name, 1385 audit_log_n_untrustedstring(ab, n->name,
1386 n->name_len); 1386 n->name_len);
1387 } 1387 }
1388 } else 1388 } else
1389 audit_log_format(ab, " name=(null)"); 1389 audit_log_format(ab, " name=(null)");
1390 1390
1391 if (n->ino != (unsigned long)-1) { 1391 if (n->ino != (unsigned long)-1) {
1392 audit_log_format(ab, " inode=%lu" 1392 audit_log_format(ab, " inode=%lu"
1393 " dev=%02x:%02x mode=%#o" 1393 " dev=%02x:%02x mode=%#o"
1394 " ouid=%u ogid=%u rdev=%02x:%02x", 1394 " ouid=%u ogid=%u rdev=%02x:%02x",
1395 n->ino, 1395 n->ino,
1396 MAJOR(n->dev), 1396 MAJOR(n->dev),
1397 MINOR(n->dev), 1397 MINOR(n->dev),
1398 n->mode, 1398 n->mode,
1399 n->uid, 1399 n->uid,
1400 n->gid, 1400 n->gid,
1401 MAJOR(n->rdev), 1401 MAJOR(n->rdev),
1402 MINOR(n->rdev)); 1402 MINOR(n->rdev));
1403 } 1403 }
1404 if (n->osid != 0) { 1404 if (n->osid != 0) {
1405 char *ctx = NULL; 1405 char *ctx = NULL;
1406 u32 len; 1406 u32 len;
1407 if (security_secid_to_secctx( 1407 if (security_secid_to_secctx(
1408 n->osid, &ctx, &len)) { 1408 n->osid, &ctx, &len)) {
1409 audit_log_format(ab, " osid=%u", n->osid); 1409 audit_log_format(ab, " osid=%u", n->osid);
1410 call_panic = 2; 1410 call_panic = 2;
1411 } else { 1411 } else {
1412 audit_log_format(ab, " obj=%s", ctx); 1412 audit_log_format(ab, " obj=%s", ctx);
1413 security_release_secctx(ctx, len); 1413 security_release_secctx(ctx, len);
1414 } 1414 }
1415 } 1415 }
1416 1416
1417 audit_log_end(ab); 1417 audit_log_end(ab);
1418 } 1418 }
1419 1419
1420 /* Send end of event record to help user space know we are finished */ 1420 /* Send end of event record to help user space know we are finished */
1421 ab = audit_log_start(context, GFP_KERNEL, AUDIT_EOE); 1421 ab = audit_log_start(context, GFP_KERNEL, AUDIT_EOE);
1422 if (ab) 1422 if (ab)
1423 audit_log_end(ab); 1423 audit_log_end(ab);
1424 if (call_panic) 1424 if (call_panic)
1425 audit_panic("error converting sid to string"); 1425 audit_panic("error converting sid to string");
1426 } 1426 }
1427 1427
1428 /** 1428 /**
1429 * audit_free - free a per-task audit context 1429 * audit_free - free a per-task audit context
1430 * @tsk: task whose audit context block to free 1430 * @tsk: task whose audit context block to free
1431 * 1431 *
1432 * Called from copy_process and do_exit 1432 * Called from copy_process and do_exit
1433 */ 1433 */
1434 void audit_free(struct task_struct *tsk) 1434 void audit_free(struct task_struct *tsk)
1435 { 1435 {
1436 struct audit_context *context; 1436 struct audit_context *context;
1437 1437
1438 context = audit_get_context(tsk, 0, 0); 1438 context = audit_get_context(tsk, 0, 0);
1439 if (likely(!context)) 1439 if (likely(!context))
1440 return; 1440 return;
1441 1441
1442 /* Check for system calls that do not go through the exit 1442 /* Check for system calls that do not go through the exit
1443 * function (e.g., exit_group), then free context block. 1443 * function (e.g., exit_group), then free context block.
1444 * We use GFP_ATOMIC here because we might be doing this 1444 * We use GFP_ATOMIC here because we might be doing this
1445 * in the context of the idle thread */ 1445 * in the context of the idle thread */
1446 /* that can happen only if we are called from do_exit() */ 1446 /* that can happen only if we are called from do_exit() */
1447 if (context->in_syscall && context->auditable) 1447 if (context->in_syscall && context->auditable)
1448 audit_log_exit(context, tsk); 1448 audit_log_exit(context, tsk);
1449 1449
1450 audit_free_context(context); 1450 audit_free_context(context);
1451 } 1451 }
1452 1452
1453 /** 1453 /**
1454 * audit_syscall_entry - fill in an audit record at syscall entry 1454 * audit_syscall_entry - fill in an audit record at syscall entry
1455 * @tsk: task being audited 1455 * @tsk: task being audited
1456 * @arch: architecture type 1456 * @arch: architecture type
1457 * @major: major syscall type (function) 1457 * @major: major syscall type (function)
1458 * @a1: additional syscall register 1 1458 * @a1: additional syscall register 1
1459 * @a2: additional syscall register 2 1459 * @a2: additional syscall register 2
1460 * @a3: additional syscall register 3 1460 * @a3: additional syscall register 3
1461 * @a4: additional syscall register 4 1461 * @a4: additional syscall register 4
1462 * 1462 *
1463 * Fill in audit context at syscall entry. This only happens if the 1463 * Fill in audit context at syscall entry. This only happens if the
1464 * audit context was created when the task was created and the state or 1464 * audit context was created when the task was created and the state or
1465 * filters demand the audit context be built. If the state from the 1465 * filters demand the audit context be built. If the state from the
1466 * per-task filter or from the per-syscall filter is AUDIT_RECORD_CONTEXT, 1466 * per-task filter or from the per-syscall filter is AUDIT_RECORD_CONTEXT,
1467 * then the record will be written at syscall exit time (otherwise, it 1467 * then the record will be written at syscall exit time (otherwise, it
1468 * will only be written if another part of the kernel requests that it 1468 * will only be written if another part of the kernel requests that it
1469 * be written). 1469 * be written).
1470 */ 1470 */
1471 void audit_syscall_entry(int arch, int major, 1471 void audit_syscall_entry(int arch, int major,
1472 unsigned long a1, unsigned long a2, 1472 unsigned long a1, unsigned long a2,
1473 unsigned long a3, unsigned long a4) 1473 unsigned long a3, unsigned long a4)
1474 { 1474 {
1475 struct task_struct *tsk = current; 1475 struct task_struct *tsk = current;
1476 struct audit_context *context = tsk->audit_context; 1476 struct audit_context *context = tsk->audit_context;
1477 enum audit_state state; 1477 enum audit_state state;
1478 1478
1479 if (unlikely(!context)) 1479 if (unlikely(!context))
1480 return; 1480 return;
1481 1481
1482 /* 1482 /*
1483 * This happens only on certain architectures that make system 1483 * This happens only on certain architectures that make system
1484 * calls in kernel_thread via the entry.S interface, instead of 1484 * calls in kernel_thread via the entry.S interface, instead of
1485 * with direct calls. (If you are porting to a new 1485 * with direct calls. (If you are porting to a new
1486 * architecture, hitting this condition can indicate that you 1486 * architecture, hitting this condition can indicate that you
1487 * got the _exit/_leave calls backward in entry.S.) 1487 * got the _exit/_leave calls backward in entry.S.)
1488 * 1488 *
1489 * i386 no 1489 * i386 no
1490 * x86_64 no 1490 * x86_64 no
1491 * ppc64 yes (see arch/powerpc/platforms/iseries/misc.S) 1491 * ppc64 yes (see arch/powerpc/platforms/iseries/misc.S)
1492 * 1492 *
1493 * This also happens with vm86 emulation in a non-nested manner 1493 * This also happens with vm86 emulation in a non-nested manner
1494 * (entries without exits), so this case must be caught. 1494 * (entries without exits), so this case must be caught.
1495 */ 1495 */
1496 if (context->in_syscall) { 1496 if (context->in_syscall) {
1497 struct audit_context *newctx; 1497 struct audit_context *newctx;
1498 1498
1499 #if AUDIT_DEBUG 1499 #if AUDIT_DEBUG
1500 printk(KERN_ERR 1500 printk(KERN_ERR
1501 "audit(:%d) pid=%d in syscall=%d;" 1501 "audit(:%d) pid=%d in syscall=%d;"
1502 " entering syscall=%d\n", 1502 " entering syscall=%d\n",
1503 context->serial, tsk->pid, context->major, major); 1503 context->serial, tsk->pid, context->major, major);
1504 #endif 1504 #endif
1505 newctx = audit_alloc_context(context->state); 1505 newctx = audit_alloc_context(context->state);
1506 if (newctx) { 1506 if (newctx) {
1507 newctx->previous = context; 1507 newctx->previous = context;
1508 context = newctx; 1508 context = newctx;
1509 tsk->audit_context = newctx; 1509 tsk->audit_context = newctx;
1510 } else { 1510 } else {
1511 /* If we can't alloc a new context, the best we 1511 /* If we can't alloc a new context, the best we
1512 * can do is to leak memory (any pending putname 1512 * can do is to leak memory (any pending putname
1513 * will be lost). The only other alternative is 1513 * will be lost). The only other alternative is
1514 * to abandon auditing. */ 1514 * to abandon auditing. */
1515 audit_zero_context(context, context->state); 1515 audit_zero_context(context, context->state);
1516 } 1516 }
1517 } 1517 }
1518 BUG_ON(context->in_syscall || context->name_count); 1518 BUG_ON(context->in_syscall || context->name_count);
1519 1519
1520 if (!audit_enabled) 1520 if (!audit_enabled)
1521 return; 1521 return;
1522 1522
1523 context->arch = arch; 1523 context->arch = arch;
1524 context->major = major; 1524 context->major = major;
1525 context->argv[0] = a1; 1525 context->argv[0] = a1;
1526 context->argv[1] = a2; 1526 context->argv[1] = a2;
1527 context->argv[2] = a3; 1527 context->argv[2] = a3;
1528 context->argv[3] = a4; 1528 context->argv[3] = a4;
1529 1529
1530 state = context->state; 1530 state = context->state;
1531 context->dummy = !audit_n_rules; 1531 context->dummy = !audit_n_rules;
1532 if (!context->dummy && (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT)) 1532 if (!context->dummy && (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT))
1533 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]); 1533 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]);
1534 if (likely(state == AUDIT_DISABLED)) 1534 if (likely(state == AUDIT_DISABLED))
1535 return; 1535 return;
1536 1536
1537 context->serial = 0; 1537 context->serial = 0;
1538 context->ctime = CURRENT_TIME; 1538 context->ctime = CURRENT_TIME;
1539 context->in_syscall = 1; 1539 context->in_syscall = 1;
1540 context->auditable = !!(state == AUDIT_RECORD_CONTEXT); 1540 context->auditable = !!(state == AUDIT_RECORD_CONTEXT);
1541 context->ppid = 0; 1541 context->ppid = 0;
1542 } 1542 }
1543 1543
1544 /** 1544 /**
1545 * audit_syscall_exit - deallocate audit context after a system call 1545 * audit_syscall_exit - deallocate audit context after a system call
1546 * @tsk: task being audited 1546 * @tsk: task being audited
1547 * @valid: success/failure flag 1547 * @valid: success/failure flag
1548 * @return_code: syscall return value 1548 * @return_code: syscall return value
1549 * 1549 *
1550 * Tear down after system call. If the audit context has been marked as 1550 * Tear down after system call. If the audit context has been marked as
1551 * auditable (either because of the AUDIT_RECORD_CONTEXT state from 1551 * auditable (either because of the AUDIT_RECORD_CONTEXT state from
1552 * filtering, or because some other part of the kernel write an audit 1552 * filtering, or because some other part of the kernel write an audit
1553 * message), then write out the syscall information. In call cases, 1553 * message), then write out the syscall information. In call cases,
1554 * free the names stored from getname(). 1554 * free the names stored from getname().
1555 */ 1555 */
1556 void audit_syscall_exit(int valid, long return_code) 1556 void audit_syscall_exit(int valid, long return_code)
1557 { 1557 {
1558 struct task_struct *tsk = current; 1558 struct task_struct *tsk = current;
1559 struct audit_context *context; 1559 struct audit_context *context;
1560 1560
1561 context = audit_get_context(tsk, valid, return_code); 1561 context = audit_get_context(tsk, valid, return_code);
1562 1562
1563 if (likely(!context)) 1563 if (likely(!context))
1564 return; 1564 return;
1565 1565
1566 if (context->in_syscall && context->auditable) 1566 if (context->in_syscall && context->auditable)
1567 audit_log_exit(context, tsk); 1567 audit_log_exit(context, tsk);
1568 1568
1569 context->in_syscall = 0; 1569 context->in_syscall = 0;
1570 context->auditable = 0; 1570 context->auditable = 0;
1571 1571
1572 if (context->previous) { 1572 if (context->previous) {
1573 struct audit_context *new_context = context->previous; 1573 struct audit_context *new_context = context->previous;
1574 context->previous = NULL; 1574 context->previous = NULL;
1575 audit_free_context(context); 1575 audit_free_context(context);
1576 tsk->audit_context = new_context; 1576 tsk->audit_context = new_context;
1577 } else { 1577 } else {
1578 audit_free_names(context); 1578 audit_free_names(context);
1579 unroll_tree_refs(context, NULL, 0); 1579 unroll_tree_refs(context, NULL, 0);
1580 audit_free_aux(context); 1580 audit_free_aux(context);
1581 context->aux = NULL; 1581 context->aux = NULL;
1582 context->aux_pids = NULL; 1582 context->aux_pids = NULL;
1583 context->target_pid = 0; 1583 context->target_pid = 0;
1584 context->target_sid = 0; 1584 context->target_sid = 0;
1585 kfree(context->filterkey); 1585 kfree(context->filterkey);
1586 context->filterkey = NULL; 1586 context->filterkey = NULL;
1587 tsk->audit_context = context; 1587 tsk->audit_context = context;
1588 } 1588 }
1589 } 1589 }
1590 1590
1591 static inline void handle_one(const struct inode *inode) 1591 static inline void handle_one(const struct inode *inode)
1592 { 1592 {
1593 #ifdef CONFIG_AUDIT_TREE 1593 #ifdef CONFIG_AUDIT_TREE
1594 struct audit_context *context; 1594 struct audit_context *context;
1595 struct audit_tree_refs *p; 1595 struct audit_tree_refs *p;
1596 struct audit_chunk *chunk; 1596 struct audit_chunk *chunk;
1597 int count; 1597 int count;
1598 if (likely(list_empty(&inode->inotify_watches))) 1598 if (likely(list_empty(&inode->inotify_watches)))
1599 return; 1599 return;
1600 context = current->audit_context; 1600 context = current->audit_context;
1601 p = context->trees; 1601 p = context->trees;
1602 count = context->tree_count; 1602 count = context->tree_count;
1603 rcu_read_lock(); 1603 rcu_read_lock();
1604 chunk = audit_tree_lookup(inode); 1604 chunk = audit_tree_lookup(inode);
1605 rcu_read_unlock(); 1605 rcu_read_unlock();
1606 if (!chunk) 1606 if (!chunk)
1607 return; 1607 return;
1608 if (likely(put_tree_ref(context, chunk))) 1608 if (likely(put_tree_ref(context, chunk)))
1609 return; 1609 return;
1610 if (unlikely(!grow_tree_refs(context))) { 1610 if (unlikely(!grow_tree_refs(context))) {
1611 printk(KERN_WARNING "out of memory, audit has lost a tree reference\n"); 1611 printk(KERN_WARNING "out of memory, audit has lost a tree reference\n");
1612 audit_set_auditable(context); 1612 audit_set_auditable(context);
1613 audit_put_chunk(chunk); 1613 audit_put_chunk(chunk);
1614 unroll_tree_refs(context, p, count); 1614 unroll_tree_refs(context, p, count);
1615 return; 1615 return;
1616 } 1616 }
1617 put_tree_ref(context, chunk); 1617 put_tree_ref(context, chunk);
1618 #endif 1618 #endif
1619 } 1619 }
1620 1620
1621 static void handle_path(const struct dentry *dentry) 1621 static void handle_path(const struct dentry *dentry)
1622 { 1622 {
1623 #ifdef CONFIG_AUDIT_TREE 1623 #ifdef CONFIG_AUDIT_TREE
1624 struct audit_context *context; 1624 struct audit_context *context;
1625 struct audit_tree_refs *p; 1625 struct audit_tree_refs *p;
1626 const struct dentry *d, *parent; 1626 const struct dentry *d, *parent;
1627 struct audit_chunk *drop; 1627 struct audit_chunk *drop;
1628 unsigned long seq; 1628 unsigned long seq;
1629 int count; 1629 int count;
1630 1630
1631 context = current->audit_context; 1631 context = current->audit_context;
1632 p = context->trees; 1632 p = context->trees;
1633 count = context->tree_count; 1633 count = context->tree_count;
1634 retry: 1634 retry:
1635 drop = NULL; 1635 drop = NULL;
1636 d = dentry; 1636 d = dentry;
1637 rcu_read_lock(); 1637 rcu_read_lock();
1638 seq = read_seqbegin(&rename_lock); 1638 seq = read_seqbegin(&rename_lock);
1639 for(;;) { 1639 for(;;) {
1640 struct inode *inode = d->d_inode; 1640 struct inode *inode = d->d_inode;
1641 if (inode && unlikely(!list_empty(&inode->inotify_watches))) { 1641 if (inode && unlikely(!list_empty(&inode->inotify_watches))) {
1642 struct audit_chunk *chunk; 1642 struct audit_chunk *chunk;
1643 chunk = audit_tree_lookup(inode); 1643 chunk = audit_tree_lookup(inode);
1644 if (chunk) { 1644 if (chunk) {
1645 if (unlikely(!put_tree_ref(context, chunk))) { 1645 if (unlikely(!put_tree_ref(context, chunk))) {
1646 drop = chunk; 1646 drop = chunk;
1647 break; 1647 break;
1648 } 1648 }
1649 } 1649 }
1650 } 1650 }
1651 parent = d->d_parent; 1651 parent = d->d_parent;
1652 if (parent == d) 1652 if (parent == d)
1653 break; 1653 break;
1654 d = parent; 1654 d = parent;
1655 } 1655 }
1656 if (unlikely(read_seqretry(&rename_lock, seq) || drop)) { /* in this order */ 1656 if (unlikely(read_seqretry(&rename_lock, seq) || drop)) { /* in this order */
1657 rcu_read_unlock(); 1657 rcu_read_unlock();
1658 if (!drop) { 1658 if (!drop) {
1659 /* just a race with rename */ 1659 /* just a race with rename */
1660 unroll_tree_refs(context, p, count); 1660 unroll_tree_refs(context, p, count);
1661 goto retry; 1661 goto retry;
1662 } 1662 }
1663 audit_put_chunk(drop); 1663 audit_put_chunk(drop);
1664 if (grow_tree_refs(context)) { 1664 if (grow_tree_refs(context)) {
1665 /* OK, got more space */ 1665 /* OK, got more space */
1666 unroll_tree_refs(context, p, count); 1666 unroll_tree_refs(context, p, count);
1667 goto retry; 1667 goto retry;
1668 } 1668 }
1669 /* too bad */ 1669 /* too bad */
1670 printk(KERN_WARNING 1670 printk(KERN_WARNING
1671 "out of memory, audit has lost a tree reference\n"); 1671 "out of memory, audit has lost a tree reference\n");
1672 unroll_tree_refs(context, p, count); 1672 unroll_tree_refs(context, p, count);
1673 audit_set_auditable(context); 1673 audit_set_auditable(context);
1674 return; 1674 return;
1675 } 1675 }
1676 rcu_read_unlock(); 1676 rcu_read_unlock();
1677 #endif 1677 #endif
1678 } 1678 }
1679 1679
1680 /** 1680 /**
1681 * audit_getname - add a name to the list 1681 * audit_getname - add a name to the list
1682 * @name: name to add 1682 * @name: name to add
1683 * 1683 *
1684 * Add a name to the list of audit names for this context. 1684 * Add a name to the list of audit names for this context.
1685 * Called from fs/namei.c:getname(). 1685 * Called from fs/namei.c:getname().
1686 */ 1686 */
1687 void __audit_getname(const char *name) 1687 void __audit_getname(const char *name)
1688 { 1688 {
1689 struct audit_context *context = current->audit_context; 1689 struct audit_context *context = current->audit_context;
1690 1690
1691 if (IS_ERR(name) || !name) 1691 if (IS_ERR(name) || !name)
1692 return; 1692 return;
1693 1693
1694 if (!context->in_syscall) { 1694 if (!context->in_syscall) {
1695 #if AUDIT_DEBUG == 2 1695 #if AUDIT_DEBUG == 2
1696 printk(KERN_ERR "%s:%d(:%d): ignoring getname(%p)\n", 1696 printk(KERN_ERR "%s:%d(:%d): ignoring getname(%p)\n",
1697 __FILE__, __LINE__, context->serial, name); 1697 __FILE__, __LINE__, context->serial, name);
1698 dump_stack(); 1698 dump_stack();
1699 #endif 1699 #endif
1700 return; 1700 return;
1701 } 1701 }
1702 BUG_ON(context->name_count >= AUDIT_NAMES); 1702 BUG_ON(context->name_count >= AUDIT_NAMES);
1703 context->names[context->name_count].name = name; 1703 context->names[context->name_count].name = name;
1704 context->names[context->name_count].name_len = AUDIT_NAME_FULL; 1704 context->names[context->name_count].name_len = AUDIT_NAME_FULL;
1705 context->names[context->name_count].name_put = 1; 1705 context->names[context->name_count].name_put = 1;
1706 context->names[context->name_count].ino = (unsigned long)-1; 1706 context->names[context->name_count].ino = (unsigned long)-1;
1707 context->names[context->name_count].osid = 0; 1707 context->names[context->name_count].osid = 0;
1708 ++context->name_count; 1708 ++context->name_count;
1709 if (!context->pwd.dentry) { 1709 if (!context->pwd.dentry) {
1710 read_lock(&current->fs->lock); 1710 read_lock(&current->fs->lock);
1711 context->pwd = current->fs->pwd; 1711 context->pwd = current->fs->pwd;
1712 path_get(&current->fs->pwd); 1712 path_get(&current->fs->pwd);
1713 read_unlock(&current->fs->lock); 1713 read_unlock(&current->fs->lock);
1714 } 1714 }
1715 1715
1716 } 1716 }
1717 1717
1718 /* audit_putname - intercept a putname request 1718 /* audit_putname - intercept a putname request
1719 * @name: name to intercept and delay for putname 1719 * @name: name to intercept and delay for putname
1720 * 1720 *
1721 * If we have stored the name from getname in the audit context, 1721 * If we have stored the name from getname in the audit context,
1722 * then we delay the putname until syscall exit. 1722 * then we delay the putname until syscall exit.
1723 * Called from include/linux/fs.h:putname(). 1723 * Called from include/linux/fs.h:putname().
1724 */ 1724 */
1725 void audit_putname(const char *name) 1725 void audit_putname(const char *name)
1726 { 1726 {
1727 struct audit_context *context = current->audit_context; 1727 struct audit_context *context = current->audit_context;
1728 1728
1729 BUG_ON(!context); 1729 BUG_ON(!context);
1730 if (!context->in_syscall) { 1730 if (!context->in_syscall) {
1731 #if AUDIT_DEBUG == 2 1731 #if AUDIT_DEBUG == 2
1732 printk(KERN_ERR "%s:%d(:%d): __putname(%p)\n", 1732 printk(KERN_ERR "%s:%d(:%d): __putname(%p)\n",
1733 __FILE__, __LINE__, context->serial, name); 1733 __FILE__, __LINE__, context->serial, name);
1734 if (context->name_count) { 1734 if (context->name_count) {
1735 int i; 1735 int i;
1736 for (i = 0; i < context->name_count; i++) 1736 for (i = 0; i < context->name_count; i++)
1737 printk(KERN_ERR "name[%d] = %p = %s\n", i, 1737 printk(KERN_ERR "name[%d] = %p = %s\n", i,
1738 context->names[i].name, 1738 context->names[i].name,
1739 context->names[i].name ?: "(null)"); 1739 context->names[i].name ?: "(null)");
1740 } 1740 }
1741 #endif 1741 #endif
1742 __putname(name); 1742 __putname(name);
1743 } 1743 }
1744 #if AUDIT_DEBUG 1744 #if AUDIT_DEBUG
1745 else { 1745 else {
1746 ++context->put_count; 1746 ++context->put_count;
1747 if (context->put_count > context->name_count) { 1747 if (context->put_count > context->name_count) {
1748 printk(KERN_ERR "%s:%d(:%d): major=%d" 1748 printk(KERN_ERR "%s:%d(:%d): major=%d"
1749 " in_syscall=%d putname(%p) name_count=%d" 1749 " in_syscall=%d putname(%p) name_count=%d"
1750 " put_count=%d\n", 1750 " put_count=%d\n",
1751 __FILE__, __LINE__, 1751 __FILE__, __LINE__,
1752 context->serial, context->major, 1752 context->serial, context->major,
1753 context->in_syscall, name, context->name_count, 1753 context->in_syscall, name, context->name_count,
1754 context->put_count); 1754 context->put_count);
1755 dump_stack(); 1755 dump_stack();
1756 } 1756 }
1757 } 1757 }
1758 #endif 1758 #endif
1759 } 1759 }
1760 1760
1761 static int audit_inc_name_count(struct audit_context *context, 1761 static int audit_inc_name_count(struct audit_context *context,
1762 const struct inode *inode) 1762 const struct inode *inode)
1763 { 1763 {
1764 if (context->name_count >= AUDIT_NAMES) { 1764 if (context->name_count >= AUDIT_NAMES) {
1765 if (inode) 1765 if (inode)
1766 printk(KERN_DEBUG "name_count maxed, losing inode data: " 1766 printk(KERN_DEBUG "name_count maxed, losing inode data: "
1767 "dev=%02x:%02x, inode=%lu\n", 1767 "dev=%02x:%02x, inode=%lu\n",
1768 MAJOR(inode->i_sb->s_dev), 1768 MAJOR(inode->i_sb->s_dev),
1769 MINOR(inode->i_sb->s_dev), 1769 MINOR(inode->i_sb->s_dev),
1770 inode->i_ino); 1770 inode->i_ino);
1771 1771
1772 else 1772 else
1773 printk(KERN_DEBUG "name_count maxed, losing inode data\n"); 1773 printk(KERN_DEBUG "name_count maxed, losing inode data\n");
1774 return 1; 1774 return 1;
1775 } 1775 }
1776 context->name_count++; 1776 context->name_count++;
1777 #if AUDIT_DEBUG 1777 #if AUDIT_DEBUG
1778 context->ino_count++; 1778 context->ino_count++;
1779 #endif 1779 #endif
1780 return 0; 1780 return 0;
1781 } 1781 }
1782 1782
1783 /* Copy inode data into an audit_names. */ 1783 /* Copy inode data into an audit_names. */
1784 static void audit_copy_inode(struct audit_names *name, const struct inode *inode) 1784 static void audit_copy_inode(struct audit_names *name, const struct inode *inode)
1785 { 1785 {
1786 name->ino = inode->i_ino; 1786 name->ino = inode->i_ino;
1787 name->dev = inode->i_sb->s_dev; 1787 name->dev = inode->i_sb->s_dev;
1788 name->mode = inode->i_mode; 1788 name->mode = inode->i_mode;
1789 name->uid = inode->i_uid; 1789 name->uid = inode->i_uid;
1790 name->gid = inode->i_gid; 1790 name->gid = inode->i_gid;
1791 name->rdev = inode->i_rdev; 1791 name->rdev = inode->i_rdev;
1792 security_inode_getsecid(inode, &name->osid); 1792 security_inode_getsecid(inode, &name->osid);
1793 } 1793 }
1794 1794
1795 /** 1795 /**
1796 * audit_inode - store the inode and device from a lookup 1796 * audit_inode - store the inode and device from a lookup
1797 * @name: name being audited 1797 * @name: name being audited
1798 * @dentry: dentry being audited 1798 * @dentry: dentry being audited
1799 * 1799 *
1800 * Called from fs/namei.c:path_lookup(). 1800 * Called from fs/namei.c:path_lookup().
1801 */ 1801 */
1802 void __audit_inode(const char *name, const struct dentry *dentry) 1802 void __audit_inode(const char *name, const struct dentry *dentry)
1803 { 1803 {
1804 int idx; 1804 int idx;
1805 struct audit_context *context = current->audit_context; 1805 struct audit_context *context = current->audit_context;
1806 const struct inode *inode = dentry->d_inode; 1806 const struct inode *inode = dentry->d_inode;
1807 1807
1808 if (!context->in_syscall) 1808 if (!context->in_syscall)
1809 return; 1809 return;
1810 if (context->name_count 1810 if (context->name_count
1811 && context->names[context->name_count-1].name 1811 && context->names[context->name_count-1].name
1812 && context->names[context->name_count-1].name == name) 1812 && context->names[context->name_count-1].name == name)
1813 idx = context->name_count - 1; 1813 idx = context->name_count - 1;
1814 else if (context->name_count > 1 1814 else if (context->name_count > 1
1815 && context->names[context->name_count-2].name 1815 && context->names[context->name_count-2].name
1816 && context->names[context->name_count-2].name == name) 1816 && context->names[context->name_count-2].name == name)
1817 idx = context->name_count - 2; 1817 idx = context->name_count - 2;
1818 else { 1818 else {
1819 /* FIXME: how much do we care about inodes that have no 1819 /* FIXME: how much do we care about inodes that have no
1820 * associated name? */ 1820 * associated name? */
1821 if (audit_inc_name_count(context, inode)) 1821 if (audit_inc_name_count(context, inode))
1822 return; 1822 return;
1823 idx = context->name_count - 1; 1823 idx = context->name_count - 1;
1824 context->names[idx].name = NULL; 1824 context->names[idx].name = NULL;
1825 } 1825 }
1826 handle_path(dentry); 1826 handle_path(dentry);
1827 audit_copy_inode(&context->names[idx], inode); 1827 audit_copy_inode(&context->names[idx], inode);
1828 } 1828 }
1829 1829
1830 /** 1830 /**
1831 * audit_inode_child - collect inode info for created/removed objects 1831 * audit_inode_child - collect inode info for created/removed objects
1832 * @dname: inode's dentry name 1832 * @dname: inode's dentry name
1833 * @dentry: dentry being audited 1833 * @dentry: dentry being audited
1834 * @parent: inode of dentry parent 1834 * @parent: inode of dentry parent
1835 * 1835 *
1836 * For syscalls that create or remove filesystem objects, audit_inode 1836 * For syscalls that create or remove filesystem objects, audit_inode
1837 * can only collect information for the filesystem object's parent. 1837 * can only collect information for the filesystem object's parent.
1838 * This call updates the audit context with the child's information. 1838 * This call updates the audit context with the child's information.
1839 * Syscalls that create a new filesystem object must be hooked after 1839 * Syscalls that create a new filesystem object must be hooked after
1840 * the object is created. Syscalls that remove a filesystem object 1840 * the object is created. Syscalls that remove a filesystem object
1841 * must be hooked prior, in order to capture the target inode during 1841 * must be hooked prior, in order to capture the target inode during
1842 * unsuccessful attempts. 1842 * unsuccessful attempts.
1843 */ 1843 */
1844 void __audit_inode_child(const char *dname, const struct dentry *dentry, 1844 void __audit_inode_child(const char *dname, const struct dentry *dentry,
1845 const struct inode *parent) 1845 const struct inode *parent)
1846 { 1846 {
1847 int idx; 1847 int idx;
1848 struct audit_context *context = current->audit_context; 1848 struct audit_context *context = current->audit_context;
1849 const char *found_parent = NULL, *found_child = NULL; 1849 const char *found_parent = NULL, *found_child = NULL;
1850 const struct inode *inode = dentry->d_inode; 1850 const struct inode *inode = dentry->d_inode;
1851 int dirlen = 0; 1851 int dirlen = 0;
1852 1852
1853 if (!context->in_syscall) 1853 if (!context->in_syscall)
1854 return; 1854 return;
1855 1855
1856 if (inode) 1856 if (inode)
1857 handle_one(inode); 1857 handle_one(inode);
1858 /* determine matching parent */ 1858 /* determine matching parent */
1859 if (!dname) 1859 if (!dname)
1860 goto add_names; 1860 goto add_names;
1861 1861
1862 /* parent is more likely, look for it first */ 1862 /* parent is more likely, look for it first */
1863 for (idx = 0; idx < context->name_count; idx++) { 1863 for (idx = 0; idx < context->name_count; idx++) {
1864 struct audit_names *n = &context->names[idx]; 1864 struct audit_names *n = &context->names[idx];
1865 1865
1866 if (!n->name) 1866 if (!n->name)
1867 continue; 1867 continue;
1868 1868
1869 if (n->ino == parent->i_ino && 1869 if (n->ino == parent->i_ino &&
1870 !audit_compare_dname_path(dname, n->name, &dirlen)) { 1870 !audit_compare_dname_path(dname, n->name, &dirlen)) {
1871 n->name_len = dirlen; /* update parent data in place */ 1871 n->name_len = dirlen; /* update parent data in place */
1872 found_parent = n->name; 1872 found_parent = n->name;
1873 goto add_names; 1873 goto add_names;
1874 } 1874 }
1875 } 1875 }
1876 1876
1877 /* no matching parent, look for matching child */ 1877 /* no matching parent, look for matching child */
1878 for (idx = 0; idx < context->name_count; idx++) { 1878 for (idx = 0; idx < context->name_count; idx++) {
1879 struct audit_names *n = &context->names[idx]; 1879 struct audit_names *n = &context->names[idx];
1880 1880
1881 if (!n->name) 1881 if (!n->name)
1882 continue; 1882 continue;
1883 1883
1884 /* strcmp() is the more likely scenario */ 1884 /* strcmp() is the more likely scenario */
1885 if (!strcmp(dname, n->name) || 1885 if (!strcmp(dname, n->name) ||
1886 !audit_compare_dname_path(dname, n->name, &dirlen)) { 1886 !audit_compare_dname_path(dname, n->name, &dirlen)) {
1887 if (inode) 1887 if (inode)
1888 audit_copy_inode(n, inode); 1888 audit_copy_inode(n, inode);
1889 else 1889 else
1890 n->ino = (unsigned long)-1; 1890 n->ino = (unsigned long)-1;
1891 found_child = n->name; 1891 found_child = n->name;
1892 goto add_names; 1892 goto add_names;
1893 } 1893 }
1894 } 1894 }
1895 1895
1896 add_names: 1896 add_names:
1897 if (!found_parent) { 1897 if (!found_parent) {
1898 if (audit_inc_name_count(context, parent)) 1898 if (audit_inc_name_count(context, parent))
1899 return; 1899 return;
1900 idx = context->name_count - 1; 1900 idx = context->name_count - 1;
1901 context->names[idx].name = NULL; 1901 context->names[idx].name = NULL;
1902 audit_copy_inode(&context->names[idx], parent); 1902 audit_copy_inode(&context->names[idx], parent);
1903 } 1903 }
1904 1904
1905 if (!found_child) { 1905 if (!found_child) {
1906 if (audit_inc_name_count(context, inode)) 1906 if (audit_inc_name_count(context, inode))
1907 return; 1907 return;
1908 idx = context->name_count - 1; 1908 idx = context->name_count - 1;
1909 1909
1910 /* Re-use the name belonging to the slot for a matching parent 1910 /* Re-use the name belonging to the slot for a matching parent
1911 * directory. All names for this context are relinquished in 1911 * directory. All names for this context are relinquished in
1912 * audit_free_names() */ 1912 * audit_free_names() */
1913 if (found_parent) { 1913 if (found_parent) {
1914 context->names[idx].name = found_parent; 1914 context->names[idx].name = found_parent;
1915 context->names[idx].name_len = AUDIT_NAME_FULL; 1915 context->names[idx].name_len = AUDIT_NAME_FULL;
1916 /* don't call __putname() */ 1916 /* don't call __putname() */
1917 context->names[idx].name_put = 0; 1917 context->names[idx].name_put = 0;
1918 } else { 1918 } else {
1919 context->names[idx].name = NULL; 1919 context->names[idx].name = NULL;
1920 } 1920 }
1921 1921
1922 if (inode) 1922 if (inode)
1923 audit_copy_inode(&context->names[idx], inode); 1923 audit_copy_inode(&context->names[idx], inode);
1924 else 1924 else
1925 context->names[idx].ino = (unsigned long)-1; 1925 context->names[idx].ino = (unsigned long)-1;
1926 } 1926 }
1927 } 1927 }
1928 EXPORT_SYMBOL_GPL(__audit_inode_child); 1928 EXPORT_SYMBOL_GPL(__audit_inode_child);
1929 1929
1930 /** 1930 /**
1931 * auditsc_get_stamp - get local copies of audit_context values 1931 * auditsc_get_stamp - get local copies of audit_context values
1932 * @ctx: audit_context for the task 1932 * @ctx: audit_context for the task
1933 * @t: timespec to store time recorded in the audit_context 1933 * @t: timespec to store time recorded in the audit_context
1934 * @serial: serial value that is recorded in the audit_context 1934 * @serial: serial value that is recorded in the audit_context
1935 * 1935 *
1936 * Also sets the context as auditable. 1936 * Also sets the context as auditable.
1937 */ 1937 */
1938 void auditsc_get_stamp(struct audit_context *ctx, 1938 void auditsc_get_stamp(struct audit_context *ctx,
1939 struct timespec *t, unsigned int *serial) 1939 struct timespec *t, unsigned int *serial)
1940 { 1940 {
1941 if (!ctx->serial) 1941 if (!ctx->serial)
1942 ctx->serial = audit_serial(); 1942 ctx->serial = audit_serial();
1943 t->tv_sec = ctx->ctime.tv_sec; 1943 t->tv_sec = ctx->ctime.tv_sec;
1944 t->tv_nsec = ctx->ctime.tv_nsec; 1944 t->tv_nsec = ctx->ctime.tv_nsec;
1945 *serial = ctx->serial; 1945 *serial = ctx->serial;
1946 ctx->auditable = 1; 1946 ctx->auditable = 1;
1947 } 1947 }
1948 1948
1949 /* global counter which is incremented every time something logs in */ 1949 /* global counter which is incremented every time something logs in */
1950 static atomic_t session_id = ATOMIC_INIT(0); 1950 static atomic_t session_id = ATOMIC_INIT(0);
1951 1951
1952 /** 1952 /**
1953 * audit_set_loginuid - set a task's audit_context loginuid 1953 * audit_set_loginuid - set a task's audit_context loginuid
1954 * @task: task whose audit context is being modified 1954 * @task: task whose audit context is being modified
1955 * @loginuid: loginuid value 1955 * @loginuid: loginuid value
1956 * 1956 *
1957 * Returns 0. 1957 * Returns 0.
1958 * 1958 *
1959 * Called (set) from fs/proc/base.c::proc_loginuid_write(). 1959 * Called (set) from fs/proc/base.c::proc_loginuid_write().
1960 */ 1960 */
1961 int audit_set_loginuid(struct task_struct *task, uid_t loginuid) 1961 int audit_set_loginuid(struct task_struct *task, uid_t loginuid)
1962 { 1962 {
1963 unsigned int sessionid = atomic_inc_return(&session_id); 1963 unsigned int sessionid = atomic_inc_return(&session_id);
1964 struct audit_context *context = task->audit_context; 1964 struct audit_context *context = task->audit_context;
1965 1965
1966 if (context && context->in_syscall) { 1966 if (context && context->in_syscall) {
1967 struct audit_buffer *ab; 1967 struct audit_buffer *ab;
1968 1968
1969 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN); 1969 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);
1970 if (ab) { 1970 if (ab) {
1971 audit_log_format(ab, "login pid=%d uid=%u " 1971 audit_log_format(ab, "login pid=%d uid=%u "
1972 "old auid=%u new auid=%u" 1972 "old auid=%u new auid=%u"
1973 " old ses=%u new ses=%u", 1973 " old ses=%u new ses=%u",
1974 task->pid, task->uid, 1974 task->pid, task->uid,
1975 task->loginuid, loginuid, 1975 task->loginuid, loginuid,
1976 task->sessionid, sessionid); 1976 task->sessionid, sessionid);
1977 audit_log_end(ab); 1977 audit_log_end(ab);
1978 } 1978 }
1979 } 1979 }
1980 task->sessionid = sessionid; 1980 task->sessionid = sessionid;
1981 task->loginuid = loginuid; 1981 task->loginuid = loginuid;
1982 return 0; 1982 return 0;
1983 } 1983 }
1984 1984
1985 /** 1985 /**
1986 * __audit_mq_open - record audit data for a POSIX MQ open 1986 * __audit_mq_open - record audit data for a POSIX MQ open
1987 * @oflag: open flag 1987 * @oflag: open flag
1988 * @mode: mode bits 1988 * @mode: mode bits
1989 * @u_attr: queue attributes 1989 * @u_attr: queue attributes
1990 * 1990 *
1991 * Returns 0 for success or NULL context or < 0 on error. 1991 * Returns 0 for success or NULL context or < 0 on error.
1992 */ 1992 */
1993 int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr) 1993 int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
1994 { 1994 {
1995 struct audit_aux_data_mq_open *ax; 1995 struct audit_aux_data_mq_open *ax;
1996 struct audit_context *context = current->audit_context; 1996 struct audit_context *context = current->audit_context;
1997 1997
1998 if (!audit_enabled) 1998 if (!audit_enabled)
1999 return 0; 1999 return 0;
2000 2000
2001 if (likely(!context)) 2001 if (likely(!context))
2002 return 0; 2002 return 0;
2003 2003
2004 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2004 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2005 if (!ax) 2005 if (!ax)
2006 return -ENOMEM; 2006 return -ENOMEM;
2007 2007
2008 if (u_attr != NULL) { 2008 if (u_attr != NULL) {
2009 if (copy_from_user(&ax->attr, u_attr, sizeof(ax->attr))) { 2009 if (copy_from_user(&ax->attr, u_attr, sizeof(ax->attr))) {
2010 kfree(ax); 2010 kfree(ax);
2011 return -EFAULT; 2011 return -EFAULT;
2012 } 2012 }
2013 } else 2013 } else
2014 memset(&ax->attr, 0, sizeof(ax->attr)); 2014 memset(&ax->attr, 0, sizeof(ax->attr));
2015 2015
2016 ax->oflag = oflag; 2016 ax->oflag = oflag;
2017 ax->mode = mode; 2017 ax->mode = mode;
2018 2018
2019 ax->d.type = AUDIT_MQ_OPEN; 2019 ax->d.type = AUDIT_MQ_OPEN;
2020 ax->d.next = context->aux; 2020 ax->d.next = context->aux;
2021 context->aux = (void *)ax; 2021 context->aux = (void *)ax;
2022 return 0; 2022 return 0;
2023 } 2023 }
2024 2024
2025 /** 2025 /**
2026 * __audit_mq_timedsend - record audit data for a POSIX MQ timed send 2026 * __audit_mq_timedsend - record audit data for a POSIX MQ timed send
2027 * @mqdes: MQ descriptor 2027 * @mqdes: MQ descriptor
2028 * @msg_len: Message length 2028 * @msg_len: Message length
2029 * @msg_prio: Message priority 2029 * @msg_prio: Message priority
2030 * @u_abs_timeout: Message timeout in absolute time 2030 * @u_abs_timeout: Message timeout in absolute time
2031 * 2031 *
2032 * Returns 0 for success or NULL context or < 0 on error. 2032 * Returns 0 for success or NULL context or < 0 on error.
2033 */ 2033 */
2034 int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, 2034 int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
2035 const struct timespec __user *u_abs_timeout) 2035 const struct timespec __user *u_abs_timeout)
2036 { 2036 {
2037 struct audit_aux_data_mq_sendrecv *ax; 2037 struct audit_aux_data_mq_sendrecv *ax;
2038 struct audit_context *context = current->audit_context; 2038 struct audit_context *context = current->audit_context;
2039 2039
2040 if (!audit_enabled) 2040 if (!audit_enabled)
2041 return 0; 2041 return 0;
2042 2042
2043 if (likely(!context)) 2043 if (likely(!context))
2044 return 0; 2044 return 0;
2045 2045
2046 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2046 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2047 if (!ax) 2047 if (!ax)
2048 return -ENOMEM; 2048 return -ENOMEM;
2049 2049
2050 if (u_abs_timeout != NULL) { 2050 if (u_abs_timeout != NULL) {
2051 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) { 2051 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) {
2052 kfree(ax); 2052 kfree(ax);
2053 return -EFAULT; 2053 return -EFAULT;
2054 } 2054 }
2055 } else 2055 } else
2056 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout)); 2056 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
2057 2057
2058 ax->mqdes = mqdes; 2058 ax->mqdes = mqdes;
2059 ax->msg_len = msg_len; 2059 ax->msg_len = msg_len;
2060 ax->msg_prio = msg_prio; 2060 ax->msg_prio = msg_prio;
2061 2061
2062 ax->d.type = AUDIT_MQ_SENDRECV; 2062 ax->d.type = AUDIT_MQ_SENDRECV;
2063 ax->d.next = context->aux; 2063 ax->d.next = context->aux;
2064 context->aux = (void *)ax; 2064 context->aux = (void *)ax;
2065 return 0; 2065 return 0;
2066 } 2066 }
2067 2067
2068 /** 2068 /**
2069 * __audit_mq_timedreceive - record audit data for a POSIX MQ timed receive 2069 * __audit_mq_timedreceive - record audit data for a POSIX MQ timed receive
2070 * @mqdes: MQ descriptor 2070 * @mqdes: MQ descriptor
2071 * @msg_len: Message length 2071 * @msg_len: Message length
2072 * @u_msg_prio: Message priority 2072 * @u_msg_prio: Message priority
2073 * @u_abs_timeout: Message timeout in absolute time 2073 * @u_abs_timeout: Message timeout in absolute time
2074 * 2074 *
2075 * Returns 0 for success or NULL context or < 0 on error. 2075 * Returns 0 for success or NULL context or < 0 on error.
2076 */ 2076 */
2077 int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, 2077 int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len,
2078 unsigned int __user *u_msg_prio, 2078 unsigned int __user *u_msg_prio,
2079 const struct timespec __user *u_abs_timeout) 2079 const struct timespec __user *u_abs_timeout)
2080 { 2080 {
2081 struct audit_aux_data_mq_sendrecv *ax; 2081 struct audit_aux_data_mq_sendrecv *ax;
2082 struct audit_context *context = current->audit_context; 2082 struct audit_context *context = current->audit_context;
2083 2083
2084 if (!audit_enabled) 2084 if (!audit_enabled)
2085 return 0; 2085 return 0;
2086 2086
2087 if (likely(!context)) 2087 if (likely(!context))
2088 return 0; 2088 return 0;
2089 2089
2090 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2090 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2091 if (!ax) 2091 if (!ax)
2092 return -ENOMEM; 2092 return -ENOMEM;
2093 2093
2094 if (u_msg_prio != NULL) { 2094 if (u_msg_prio != NULL) {
2095 if (get_user(ax->msg_prio, u_msg_prio)) { 2095 if (get_user(ax->msg_prio, u_msg_prio)) {
2096 kfree(ax); 2096 kfree(ax);
2097 return -EFAULT; 2097 return -EFAULT;
2098 } 2098 }
2099 } else 2099 } else
2100 ax->msg_prio = 0; 2100 ax->msg_prio = 0;
2101 2101
2102 if (u_abs_timeout != NULL) { 2102 if (u_abs_timeout != NULL) {
2103 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) { 2103 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) {
2104 kfree(ax); 2104 kfree(ax);
2105 return -EFAULT; 2105 return -EFAULT;
2106 } 2106 }
2107 } else 2107 } else
2108 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout)); 2108 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
2109 2109
2110 ax->mqdes = mqdes; 2110 ax->mqdes = mqdes;
2111 ax->msg_len = msg_len; 2111 ax->msg_len = msg_len;
2112 2112
2113 ax->d.type = AUDIT_MQ_SENDRECV; 2113 ax->d.type = AUDIT_MQ_SENDRECV;
2114 ax->d.next = context->aux; 2114 ax->d.next = context->aux;
2115 context->aux = (void *)ax; 2115 context->aux = (void *)ax;
2116 return 0; 2116 return 0;
2117 } 2117 }
2118 2118
2119 /** 2119 /**
2120 * __audit_mq_notify - record audit data for a POSIX MQ notify 2120 * __audit_mq_notify - record audit data for a POSIX MQ notify
2121 * @mqdes: MQ descriptor 2121 * @mqdes: MQ descriptor
2122 * @u_notification: Notification event 2122 * @u_notification: Notification event
2123 * 2123 *
2124 * Returns 0 for success or NULL context or < 0 on error. 2124 * Returns 0 for success or NULL context or < 0 on error.
2125 */ 2125 */
2126 2126
2127 int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification) 2127 int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
2128 { 2128 {
2129 struct audit_aux_data_mq_notify *ax; 2129 struct audit_aux_data_mq_notify *ax;
2130 struct audit_context *context = current->audit_context; 2130 struct audit_context *context = current->audit_context;
2131 2131
2132 if (!audit_enabled) 2132 if (!audit_enabled)
2133 return 0; 2133 return 0;
2134 2134
2135 if (likely(!context)) 2135 if (likely(!context))
2136 return 0; 2136 return 0;
2137 2137
2138 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2138 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2139 if (!ax) 2139 if (!ax)
2140 return -ENOMEM; 2140 return -ENOMEM;
2141 2141
2142 if (u_notification != NULL) { 2142 if (u_notification != NULL) {
2143 if (copy_from_user(&ax->notification, u_notification, sizeof(ax->notification))) { 2143 if (copy_from_user(&ax->notification, u_notification, sizeof(ax->notification))) {
2144 kfree(ax); 2144 kfree(ax);
2145 return -EFAULT; 2145 return -EFAULT;
2146 } 2146 }
2147 } else 2147 } else
2148 memset(&ax->notification, 0, sizeof(ax->notification)); 2148 memset(&ax->notification, 0, sizeof(ax->notification));
2149 2149
2150 ax->mqdes = mqdes; 2150 ax->mqdes = mqdes;
2151 2151
2152 ax->d.type = AUDIT_MQ_NOTIFY; 2152 ax->d.type = AUDIT_MQ_NOTIFY;
2153 ax->d.next = context->aux; 2153 ax->d.next = context->aux;
2154 context->aux = (void *)ax; 2154 context->aux = (void *)ax;
2155 return 0; 2155 return 0;
2156 } 2156 }
2157 2157
2158 /** 2158 /**
2159 * __audit_mq_getsetattr - record audit data for a POSIX MQ get/set attribute 2159 * __audit_mq_getsetattr - record audit data for a POSIX MQ get/set attribute
2160 * @mqdes: MQ descriptor 2160 * @mqdes: MQ descriptor
2161 * @mqstat: MQ flags 2161 * @mqstat: MQ flags
2162 * 2162 *
2163 * Returns 0 for success or NULL context or < 0 on error. 2163 * Returns 0 for success or NULL context or < 0 on error.
2164 */ 2164 */
2165 int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) 2165 int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
2166 { 2166 {
2167 struct audit_aux_data_mq_getsetattr *ax; 2167 struct audit_aux_data_mq_getsetattr *ax;
2168 struct audit_context *context = current->audit_context; 2168 struct audit_context *context = current->audit_context;
2169 2169
2170 if (!audit_enabled) 2170 if (!audit_enabled)
2171 return 0; 2171 return 0;
2172 2172
2173 if (likely(!context)) 2173 if (likely(!context))
2174 return 0; 2174 return 0;
2175 2175
2176 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2176 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2177 if (!ax) 2177 if (!ax)
2178 return -ENOMEM; 2178 return -ENOMEM;
2179 2179
2180 ax->mqdes = mqdes; 2180 ax->mqdes = mqdes;
2181 ax->mqstat = *mqstat; 2181 ax->mqstat = *mqstat;
2182 2182
2183 ax->d.type = AUDIT_MQ_GETSETATTR; 2183 ax->d.type = AUDIT_MQ_GETSETATTR;
2184 ax->d.next = context->aux; 2184 ax->d.next = context->aux;
2185 context->aux = (void *)ax; 2185 context->aux = (void *)ax;
2186 return 0; 2186 return 0;
2187 } 2187 }
2188 2188
2189 /** 2189 /**
2190 * audit_ipc_obj - record audit data for ipc object 2190 * audit_ipc_obj - record audit data for ipc object
2191 * @ipcp: ipc permissions 2191 * @ipcp: ipc permissions
2192 * 2192 *
2193 * Returns 0 for success or NULL context or < 0 on error. 2193 * Returns 0 for success or NULL context or < 0 on error.
2194 */ 2194 */
2195 int __audit_ipc_obj(struct kern_ipc_perm *ipcp) 2195 int __audit_ipc_obj(struct kern_ipc_perm *ipcp)
2196 { 2196 {
2197 struct audit_aux_data_ipcctl *ax; 2197 struct audit_aux_data_ipcctl *ax;
2198 struct audit_context *context = current->audit_context; 2198 struct audit_context *context = current->audit_context;
2199 2199
2200 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2200 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2201 if (!ax) 2201 if (!ax)
2202 return -ENOMEM; 2202 return -ENOMEM;
2203 2203
2204 ax->uid = ipcp->uid; 2204 ax->uid = ipcp->uid;
2205 ax->gid = ipcp->gid; 2205 ax->gid = ipcp->gid;
2206 ax->mode = ipcp->mode; 2206 ax->mode = ipcp->mode;
2207 security_ipc_getsecid(ipcp, &ax->osid); 2207 security_ipc_getsecid(ipcp, &ax->osid);
2208 ax->d.type = AUDIT_IPC; 2208 ax->d.type = AUDIT_IPC;
2209 ax->d.next = context->aux; 2209 ax->d.next = context->aux;
2210 context->aux = (void *)ax; 2210 context->aux = (void *)ax;
2211 return 0; 2211 return 0;
2212 } 2212 }
2213 2213
2214 /** 2214 /**
2215 * audit_ipc_set_perm - record audit data for new ipc permissions 2215 * audit_ipc_set_perm - record audit data for new ipc permissions
2216 * @qbytes: msgq bytes 2216 * @qbytes: msgq bytes
2217 * @uid: msgq user id 2217 * @uid: msgq user id
2218 * @gid: msgq group id 2218 * @gid: msgq group id
2219 * @mode: msgq mode (permissions) 2219 * @mode: msgq mode (permissions)
2220 * 2220 *
2221 * Returns 0 for success or NULL context or < 0 on error. 2221 * Returns 0 for success or NULL context or < 0 on error.
2222 */ 2222 */
2223 int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) 2223 int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
2224 { 2224 {
2225 struct audit_aux_data_ipcctl *ax; 2225 struct audit_aux_data_ipcctl *ax;
2226 struct audit_context *context = current->audit_context; 2226 struct audit_context *context = current->audit_context;
2227 2227
2228 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2228 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2229 if (!ax) 2229 if (!ax)
2230 return -ENOMEM; 2230 return -ENOMEM;
2231 2231
2232 ax->qbytes = qbytes; 2232 ax->qbytes = qbytes;
2233 ax->uid = uid; 2233 ax->uid = uid;
2234 ax->gid = gid; 2234 ax->gid = gid;
2235 ax->mode = mode; 2235 ax->mode = mode;
2236 2236
2237 ax->d.type = AUDIT_IPC_SET_PERM; 2237 ax->d.type = AUDIT_IPC_SET_PERM;
2238 ax->d.next = context->aux; 2238 ax->d.next = context->aux;
2239 context->aux = (void *)ax; 2239 context->aux = (void *)ax;
2240 return 0; 2240 return 0;
2241 } 2241 }
2242 2242
2243 int audit_bprm(struct linux_binprm *bprm) 2243 int audit_bprm(struct linux_binprm *bprm)
2244 { 2244 {
2245 struct audit_aux_data_execve *ax; 2245 struct audit_aux_data_execve *ax;
2246 struct audit_context *context = current->audit_context; 2246 struct audit_context *context = current->audit_context;
2247 2247
2248 if (likely(!audit_enabled || !context || context->dummy)) 2248 if (likely(!audit_enabled || !context || context->dummy))
2249 return 0; 2249 return 0;
2250 2250
2251 ax = kmalloc(sizeof(*ax), GFP_KERNEL); 2251 ax = kmalloc(sizeof(*ax), GFP_KERNEL);
2252 if (!ax) 2252 if (!ax)
2253 return -ENOMEM; 2253 return -ENOMEM;
2254 2254
2255 ax->argc = bprm->argc; 2255 ax->argc = bprm->argc;
2256 ax->envc = bprm->envc; 2256 ax->envc = bprm->envc;
2257 ax->mm = bprm->mm; 2257 ax->mm = bprm->mm;
2258 ax->d.type = AUDIT_EXECVE; 2258 ax->d.type = AUDIT_EXECVE;
2259 ax->d.next = context->aux; 2259 ax->d.next = context->aux;
2260 context->aux = (void *)ax; 2260 context->aux = (void *)ax;
2261 return 0; 2261 return 0;
2262 } 2262 }
2263 2263
2264 2264
2265 /** 2265 /**
2266 * audit_socketcall - record audit data for sys_socketcall 2266 * audit_socketcall - record audit data for sys_socketcall
2267 * @nargs: number of args 2267 * @nargs: number of args
2268 * @args: args array 2268 * @args: args array
2269 * 2269 *
2270 * Returns 0 for success or NULL context or < 0 on error. 2270 * Returns 0 for success or NULL context or < 0 on error.
2271 */ 2271 */
2272 int audit_socketcall(int nargs, unsigned long *args) 2272 int audit_socketcall(int nargs, unsigned long *args)
2273 { 2273 {
2274 struct audit_aux_data_socketcall *ax; 2274 struct audit_aux_data_socketcall *ax;
2275 struct audit_context *context = current->audit_context; 2275 struct audit_context *context = current->audit_context;
2276 2276
2277 if (likely(!context || context->dummy)) 2277 if (likely(!context || context->dummy))
2278 return 0; 2278 return 0;
2279 2279
2280 ax = kmalloc(sizeof(*ax) + nargs * sizeof(unsigned long), GFP_KERNEL); 2280 ax = kmalloc(sizeof(*ax) + nargs * sizeof(unsigned long), GFP_KERNEL);
2281 if (!ax) 2281 if (!ax)
2282 return -ENOMEM; 2282 return -ENOMEM;
2283 2283
2284 ax->nargs = nargs; 2284 ax->nargs = nargs;
2285 memcpy(ax->args, args, nargs * sizeof(unsigned long)); 2285 memcpy(ax->args, args, nargs * sizeof(unsigned long));
2286 2286
2287 ax->d.type = AUDIT_SOCKETCALL; 2287 ax->d.type = AUDIT_SOCKETCALL;
2288 ax->d.next = context->aux; 2288 ax->d.next = context->aux;
2289 context->aux = (void *)ax; 2289 context->aux = (void *)ax;
2290 return 0; 2290 return 0;
2291 } 2291 }
2292 2292
2293 /** 2293 /**
2294 * __audit_fd_pair - record audit data for pipe and socketpair 2294 * __audit_fd_pair - record audit data for pipe and socketpair
2295 * @fd1: the first file descriptor 2295 * @fd1: the first file descriptor
2296 * @fd2: the second file descriptor 2296 * @fd2: the second file descriptor
2297 * 2297 *
2298 * Returns 0 for success or NULL context or < 0 on error. 2298 * Returns 0 for success or NULL context or < 0 on error.
2299 */ 2299 */
2300 int __audit_fd_pair(int fd1, int fd2) 2300 int __audit_fd_pair(int fd1, int fd2)
2301 { 2301 {
2302 struct audit_context *context = current->audit_context; 2302 struct audit_context *context = current->audit_context;
2303 struct audit_aux_data_fd_pair *ax; 2303 struct audit_aux_data_fd_pair *ax;
2304 2304
2305 if (likely(!context)) { 2305 if (likely(!context)) {
2306 return 0; 2306 return 0;
2307 } 2307 }
2308 2308
2309 ax = kmalloc(sizeof(*ax), GFP_KERNEL); 2309 ax = kmalloc(sizeof(*ax), GFP_KERNEL);
2310 if (!ax) { 2310 if (!ax) {
2311 return -ENOMEM; 2311 return -ENOMEM;
2312 } 2312 }
2313 2313
2314 ax->fd[0] = fd1; 2314 ax->fd[0] = fd1;
2315 ax->fd[1] = fd2; 2315 ax->fd[1] = fd2;
2316 2316
2317 ax->d.type = AUDIT_FD_PAIR; 2317 ax->d.type = AUDIT_FD_PAIR;
2318 ax->d.next = context->aux; 2318 ax->d.next = context->aux;
2319 context->aux = (void *)ax; 2319 context->aux = (void *)ax;
2320 return 0; 2320 return 0;
2321 } 2321 }
2322 2322
2323 /** 2323 /**
2324 * audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto 2324 * audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto
2325 * @len: data length in user space 2325 * @len: data length in user space
2326 * @a: data address in kernel space 2326 * @a: data address in kernel space
2327 * 2327 *
2328 * Returns 0 for success or NULL context or < 0 on error. 2328 * Returns 0 for success or NULL context or < 0 on error.
2329 */ 2329 */
2330 int audit_sockaddr(int len, void *a) 2330 int audit_sockaddr(int len, void *a)
2331 { 2331 {
2332 struct audit_aux_data_sockaddr *ax; 2332 struct audit_aux_data_sockaddr *ax;
2333 struct audit_context *context = current->audit_context; 2333 struct audit_context *context = current->audit_context;
2334 2334
2335 if (likely(!context || context->dummy)) 2335 if (likely(!context || context->dummy))
2336 return 0; 2336 return 0;
2337 2337
2338 ax = kmalloc(sizeof(*ax) + len, GFP_KERNEL); 2338 ax = kmalloc(sizeof(*ax) + len, GFP_KERNEL);
2339 if (!ax) 2339 if (!ax)
2340 return -ENOMEM; 2340 return -ENOMEM;
2341 2341
2342 ax->len = len; 2342 ax->len = len;
2343 memcpy(ax->a, a, len); 2343 memcpy(ax->a, a, len);
2344 2344
2345 ax->d.type = AUDIT_SOCKADDR; 2345 ax->d.type = AUDIT_SOCKADDR;
2346 ax->d.next = context->aux; 2346 ax->d.next = context->aux;
2347 context->aux = (void *)ax; 2347 context->aux = (void *)ax;
2348 return 0; 2348 return 0;
2349 } 2349 }
2350 2350
2351 void __audit_ptrace(struct task_struct *t) 2351 void __audit_ptrace(struct task_struct *t)
2352 { 2352 {
2353 struct audit_context *context = current->audit_context; 2353 struct audit_context *context = current->audit_context;
2354 2354
2355 context->target_pid = t->pid; 2355 context->target_pid = t->pid;
2356 context->target_auid = audit_get_loginuid(t); 2356 context->target_auid = audit_get_loginuid(t);
2357 context->target_uid = t->uid; 2357 context->target_uid = t->uid;
2358 context->target_sessionid = audit_get_sessionid(t); 2358 context->target_sessionid = audit_get_sessionid(t);
2359 security_task_getsecid(t, &context->target_sid); 2359 security_task_getsecid(t, &context->target_sid);
2360 memcpy(context->target_comm, t->comm, TASK_COMM_LEN); 2360 memcpy(context->target_comm, t->comm, TASK_COMM_LEN);
2361 } 2361 }
2362 2362
2363 /** 2363 /**
2364 * audit_signal_info - record signal info for shutting down audit subsystem 2364 * audit_signal_info - record signal info for shutting down audit subsystem
2365 * @sig: signal value 2365 * @sig: signal value
2366 * @t: task being signaled 2366 * @t: task being signaled
2367 * 2367 *
2368 * If the audit subsystem is being terminated, record the task (pid) 2368 * If the audit subsystem is being terminated, record the task (pid)
2369 * and uid that is doing that. 2369 * and uid that is doing that.
2370 */ 2370 */
2371 int __audit_signal_info(int sig, struct task_struct *t) 2371 int __audit_signal_info(int sig, struct task_struct *t)
2372 { 2372 {
2373 struct audit_aux_data_pids *axp; 2373 struct audit_aux_data_pids *axp;
2374 struct task_struct *tsk = current; 2374 struct task_struct *tsk = current;
2375 struct audit_context *ctx = tsk->audit_context; 2375 struct audit_context *ctx = tsk->audit_context;
2376 2376
2377 if (audit_pid && t->tgid == audit_pid) { 2377 if (audit_pid && t->tgid == audit_pid) {
2378 if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) { 2378 if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) {
2379 audit_sig_pid = tsk->pid; 2379 audit_sig_pid = tsk->pid;
2380 if (tsk->loginuid != -1) 2380 if (tsk->loginuid != -1)
2381 audit_sig_uid = tsk->loginuid; 2381 audit_sig_uid = tsk->loginuid;
2382 else 2382 else
2383 audit_sig_uid = tsk->uid; 2383 audit_sig_uid = tsk->uid;
2384 security_task_getsecid(tsk, &audit_sig_sid); 2384 security_task_getsecid(tsk, &audit_sig_sid);
2385 } 2385 }
2386 if (!audit_signals || audit_dummy_context()) 2386 if (!audit_signals || audit_dummy_context())
2387 return 0; 2387 return 0;
2388 } 2388 }
2389 2389
2390 /* optimize the common case by putting first signal recipient directly 2390 /* optimize the common case by putting first signal recipient directly
2391 * in audit_context */ 2391 * in audit_context */
2392 if (!ctx->target_pid) { 2392 if (!ctx->target_pid) {
2393 ctx->target_pid = t->tgid; 2393 ctx->target_pid = t->tgid;
2394 ctx->target_auid = audit_get_loginuid(t); 2394 ctx->target_auid = audit_get_loginuid(t);
2395 ctx->target_uid = t->uid; 2395 ctx->target_uid = t->uid;
2396 ctx->target_sessionid = audit_get_sessionid(t); 2396 ctx->target_sessionid = audit_get_sessionid(t);
2397 security_task_getsecid(t, &ctx->target_sid); 2397 security_task_getsecid(t, &ctx->target_sid);
2398 memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); 2398 memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);
2399 return 0; 2399 return 0;
2400 } 2400 }
2401 2401
2402 axp = (void *)ctx->aux_pids; 2402 axp = (void *)ctx->aux_pids;
2403 if (!axp || axp->pid_count == AUDIT_AUX_PIDS) { 2403 if (!axp || axp->pid_count == AUDIT_AUX_PIDS) {
2404 axp = kzalloc(sizeof(*axp), GFP_ATOMIC); 2404 axp = kzalloc(sizeof(*axp), GFP_ATOMIC);
2405 if (!axp) 2405 if (!axp)
2406 return -ENOMEM; 2406 return -ENOMEM;
2407 2407
2408 axp->d.type = AUDIT_OBJ_PID; 2408 axp->d.type = AUDIT_OBJ_PID;
2409 axp->d.next = ctx->aux_pids; 2409 axp->d.next = ctx->aux_pids;
2410 ctx->aux_pids = (void *)axp; 2410 ctx->aux_pids = (void *)axp;
2411 } 2411 }
2412 BUG_ON(axp->pid_count >= AUDIT_AUX_PIDS); 2412 BUG_ON(axp->pid_count >= AUDIT_AUX_PIDS);
2413 2413
2414 axp->target_pid[axp->pid_count] = t->tgid; 2414 axp->target_pid[axp->pid_count] = t->tgid;
2415 axp->target_auid[axp->pid_count] = audit_get_loginuid(t); 2415 axp->target_auid[axp->pid_count] = audit_get_loginuid(t);
2416 axp->target_uid[axp->pid_count] = t->uid; 2416 axp->target_uid[axp->pid_count] = t->uid;
2417 axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); 2417 axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t);
2418 security_task_getsecid(t, &axp->target_sid[axp->pid_count]); 2418 security_task_getsecid(t, &axp->target_sid[axp->pid_count]);
2419 memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); 2419 memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN);
2420 axp->pid_count++; 2420 axp->pid_count++;
2421 2421
2422 return 0; 2422 return 0;
2423 } 2423 }
2424 2424
2425 /** 2425 /**
2426 * audit_core_dumps - record information about processes that end abnormally 2426 * audit_core_dumps - record information about processes that end abnormally
2427 * @signr: signal value 2427 * @signr: signal value
2428 * 2428 *
2429 * If a process ends with a core dump, something fishy is going on and we 2429 * If a process ends with a core dump, something fishy is going on and we
2430 * should record the event for investigation. 2430 * should record the event for investigation.
2431 */ 2431 */
2432 void audit_core_dumps(long signr) 2432 void audit_core_dumps(long signr)
2433 { 2433 {
2434 struct audit_buffer *ab; 2434 struct audit_buffer *ab;
2435 u32 sid; 2435 u32 sid;
2436 uid_t auid = audit_get_loginuid(current); 2436 uid_t auid = audit_get_loginuid(current);
2437 unsigned int sessionid = audit_get_sessionid(current); 2437 unsigned int sessionid = audit_get_sessionid(current);
2438 2438
2439 if (!audit_enabled) 2439 if (!audit_enabled)
2440 return; 2440 return;
2441 2441
2442 if (signr == SIGQUIT) /* don't care for those */ 2442 if (signr == SIGQUIT) /* don't care for those */
2443 return; 2443 return;
2444 2444
2445 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND); 2445 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND);
2446 audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u", 2446 audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u",
2447 auid, current->uid, current->gid, sessionid); 2447 auid, current->uid, current->gid, sessionid);
2448 security_task_getsecid(current, &sid); 2448 security_task_getsecid(current, &sid);
2449 if (sid) { 2449 if (sid) {
2450 char *ctx = NULL; 2450 char *ctx = NULL;
2451 u32 len; 2451 u32 len;
2452 2452
2453 if (security_secid_to_secctx(sid, &ctx, &len)) 2453 if (security_secid_to_secctx(sid, &ctx, &len))
2454 audit_log_format(ab, " ssid=%u", sid); 2454 audit_log_format(ab, " ssid=%u", sid);
2455 else { 2455 else {
2456 audit_log_format(ab, " subj=%s", ctx); 2456 audit_log_format(ab, " subj=%s", ctx);
2457 security_release_secctx(ctx, len); 2457 security_release_secctx(ctx, len);
2458 } 2458 }
2459 } 2459 }
2460 audit_log_format(ab, " pid=%d comm=", current->pid); 2460 audit_log_format(ab, " pid=%d comm=", current->pid);
2461 audit_log_untrustedstring(ab, current->comm); 2461 audit_log_untrustedstring(ab, current->comm);
2462 audit_log_format(ab, " sig=%ld", signr); 2462 audit_log_format(ab, " sig=%ld", signr);
2463 audit_log_end(ab); 2463 audit_log_end(ab);
2464 } 2464 }
2465 2465