Commit b556f8ad58c6e9f8f485c8cef7546e3fc82c382a
Committed by
Al Viro
Al Viro
1 parent
f09ac9db2a
Exists in
master
and in
4 other branches
Audit: standardize string audit interfaces
This patch standardized the string auditing interfaces. No userspace changes will be visible and this is all just cleanup and consistancy work. We have the following string audit interfaces to use: void audit_log_n_hex(struct audit_buffer *ab, const unsigned char *buf, size_t len); void audit_log_n_string(struct audit_buffer *ab, const char *buf, size_t n); void audit_log_string(struct audit_buffer *ab, const char *buf); void audit_log_n_untrustedstring(struct audit_buffer *ab, const char *string, size_t n); void audit_log_untrustedstring(struct audit_buffer *ab, const char *string); This may be the first step to possibly fixing some of the issues that people have with the string output from the kernel audit system. But we still don't have an agreed upon solution to that problem. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Showing 5 changed files with 29 additions and 24 deletions Side-by-side Diff
drivers/char/tty_audit.c
| ... | ... | @@ -92,7 +92,7 @@ |
| 92 | 92 | get_task_comm(name, tsk); |
| 93 | 93 | audit_log_untrustedstring(ab, name); |
| 94 | 94 | audit_log_format(ab, " data="); |
| 95 | - audit_log_n_untrustedstring(ab, buf->valid, buf->data); | |
| 95 | + audit_log_n_untrustedstring(ab, buf->data, buf->valid); | |
| 96 | 96 | audit_log_end(ab); |
| 97 | 97 | } |
| 98 | 98 | buf->valid = 0; |
include/linux/audit.h
| ... | ... | @@ -549,16 +549,20 @@ |
| 549 | 549 | const char *fmt, ...) |
| 550 | 550 | __attribute__((format(printf,2,3))); |
| 551 | 551 | extern void audit_log_end(struct audit_buffer *ab); |
| 552 | -extern void audit_log_hex(struct audit_buffer *ab, | |
| 553 | - const unsigned char *buf, | |
| 554 | - size_t len); | |
| 555 | 552 | extern int audit_string_contains_control(const char *string, |
| 556 | 553 | size_t len); |
| 554 | +extern void audit_log_n_hex(struct audit_buffer *ab, | |
| 555 | + const unsigned char *buf, | |
| 556 | + size_t len); | |
| 557 | +extern void audit_log_n_string(struct audit_buffer *ab, | |
| 558 | + const char *buf, | |
| 559 | + size_t n); | |
| 560 | +#define audit_log_string(a,b) audit_log_n_string(a, b, strlen(b)); | |
| 561 | +extern void audit_log_n_untrustedstring(struct audit_buffer *ab, | |
| 562 | + const char *string, | |
| 563 | + size_t n); | |
| 557 | 564 | extern void audit_log_untrustedstring(struct audit_buffer *ab, |
| 558 | 565 | const char *string); |
| 559 | -extern void audit_log_n_untrustedstring(struct audit_buffer *ab, | |
| 560 | - size_t n, | |
| 561 | - const char *string); | |
| 562 | 566 | extern void audit_log_d_path(struct audit_buffer *ab, |
| 563 | 567 | const char *prefix, |
| 564 | 568 | struct path *path); |
| 565 | 569 | |
| ... | ... | @@ -578,9 +582,11 @@ |
| 578 | 582 | #define audit_log_vformat(b,f,a) do { ; } while (0) |
| 579 | 583 | #define audit_log_format(b,f,...) do { ; } while (0) |
| 580 | 584 | #define audit_log_end(b) do { ; } while (0) |
| 581 | -#define audit_log_hex(a,b,l) do { ; } while (0) | |
| 582 | -#define audit_log_untrustedstring(a,s) do { ; } while (0) | |
| 585 | +#define audit_log_n_hex(a,b,l) do { ; } while (0) | |
| 586 | +#define audit_log_n_string(a,c,l) do { ; } while (0) | |
| 587 | +#define audit_log_string(a,c) do { ; } while (0) | |
| 583 | 588 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) |
| 589 | +#define audit_log_untrustedstring(a,s) do { ; } while (0) | |
| 584 | 590 | #define audit_log_d_path(b, p, d) do { ; } while (0) |
| 585 | 591 | #define audit_enabled 0 |
| 586 | 592 | #endif |
kernel/audit.c
| ... | ... | @@ -757,8 +757,7 @@ |
| 757 | 757 | |
| 758 | 758 | audit_log_format(ab, " msg="); |
| 759 | 759 | size = nlmsg_len(nlh); |
| 760 | - audit_log_n_untrustedstring(ab, size, | |
| 761 | - data); | |
| 760 | + audit_log_n_untrustedstring(ab, data, size); | |
| 762 | 761 | } |
| 763 | 762 | audit_set_pid(ab, pid); |
| 764 | 763 | audit_log_end(ab); |
| ... | ... | @@ -1293,7 +1292,7 @@ |
| 1293 | 1292 | * This function will take the passed buf and convert it into a string of |
| 1294 | 1293 | * ascii hex digits. The new string is placed onto the skb. |
| 1295 | 1294 | */ |
| 1296 | -void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, | |
| 1295 | +void audit_log_n_hex(struct audit_buffer *ab, const unsigned char *buf, | |
| 1297 | 1296 | size_t len) |
| 1298 | 1297 | { |
| 1299 | 1298 | int i, avail, new_len; |
| ... | ... | @@ -1329,8 +1328,8 @@ |
| 1329 | 1328 | * Format a string of no more than slen characters into the audit buffer, |
| 1330 | 1329 | * enclosed in quote marks. |
| 1331 | 1330 | */ |
| 1332 | -static void audit_log_n_string(struct audit_buffer *ab, size_t slen, | |
| 1333 | - const char *string) | |
| 1331 | +void audit_log_n_string(struct audit_buffer *ab, const char *string, | |
| 1332 | + size_t slen) | |
| 1334 | 1333 | { |
| 1335 | 1334 | int avail, new_len; |
| 1336 | 1335 | unsigned char *ptr; |
| 1337 | 1336 | |
| 1338 | 1337 | |
| ... | ... | @@ -1386,13 +1385,13 @@ |
| 1386 | 1385 | * The caller specifies the number of characters in the string to log, which may |
| 1387 | 1386 | * or may not be the entire string. |
| 1388 | 1387 | */ |
| 1389 | -void audit_log_n_untrustedstring(struct audit_buffer *ab, size_t len, | |
| 1390 | - const char *string) | |
| 1388 | +void audit_log_n_untrustedstring(struct audit_buffer *ab, const char *string, | |
| 1389 | + size_t len) | |
| 1391 | 1390 | { |
| 1392 | 1391 | if (audit_string_contains_control(string, len)) |
| 1393 | - audit_log_hex(ab, string, len); | |
| 1392 | + audit_log_n_hex(ab, string, len); | |
| 1394 | 1393 | else |
| 1395 | - audit_log_n_string(ab, len, string); | |
| 1394 | + audit_log_n_string(ab, string, len); | |
| 1396 | 1395 | } |
| 1397 | 1396 | |
| 1398 | 1397 | /** |
| ... | ... | @@ -1405,7 +1404,7 @@ |
| 1405 | 1404 | */ |
| 1406 | 1405 | void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) |
| 1407 | 1406 | { |
| 1408 | - audit_log_n_untrustedstring(ab, strlen(string), string); | |
| 1407 | + audit_log_n_untrustedstring(ab, string, strlen(string)); | |
| 1409 | 1408 | } |
| 1410 | 1409 | |
| 1411 | 1410 | /* This is a helper-function to print the escaped d_path */ |
kernel/auditsc.c
| ... | ... | @@ -1095,7 +1095,7 @@ |
| 1095 | 1095 | audit_log_format(*ab, "[%d]", i); |
| 1096 | 1096 | audit_log_format(*ab, "="); |
| 1097 | 1097 | if (has_cntl) |
| 1098 | - audit_log_hex(*ab, buf, to_send); | |
| 1098 | + audit_log_n_hex(*ab, buf, to_send); | |
| 1099 | 1099 | else |
| 1100 | 1100 | audit_log_format(*ab, "\"%s\"", buf); |
| 1101 | 1101 | audit_log_format(*ab, "\n"); |
| ... | ... | @@ -1307,7 +1307,7 @@ |
| 1307 | 1307 | struct audit_aux_data_sockaddr *axs = (void *)aux; |
| 1308 | 1308 | |
| 1309 | 1309 | audit_log_format(ab, "saddr="); |
| 1310 | - audit_log_hex(ab, axs->a, axs->len); | |
| 1310 | + audit_log_n_hex(ab, axs->a, axs->len); | |
| 1311 | 1311 | break; } |
| 1312 | 1312 | |
| 1313 | 1313 | case AUDIT_FD_PAIR: { |
| ... | ... | @@ -1371,8 +1371,8 @@ |
| 1371 | 1371 | default: |
| 1372 | 1372 | /* log the name's directory component */ |
| 1373 | 1373 | audit_log_format(ab, " name="); |
| 1374 | - audit_log_n_untrustedstring(ab, n->name_len, | |
| 1375 | - n->name); | |
| 1374 | + audit_log_n_untrustedstring(ab, n->name, | |
| 1375 | + n->name_len); | |
| 1376 | 1376 | } |
| 1377 | 1377 | } else |
| 1378 | 1378 | audit_log_format(ab, " name=(null)"); |