sanitize audit_ipc_set_perm()

* get rid of allocations * make it return void * simplify callers Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

sanitize audit_ipc_set_perm()
* get rid of allocations * make it return void * simplify callers Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro
1 parent a33e675100
Showing 3 changed files with 32 additions and 45 deletions Side-by-side Diff
include/linux/audit.h
ipc/util.c
kernel/auditsc.c
@@ -444,7 +444,7 @@
 #define audit_get_sessionid(t) ((t)->sessionid)
 extern void audit_log_task_context(struct audit_buffer *ab);
 extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
-extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
+extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
 extern int audit_bprm(struct linux_binprm *bprm);
 extern void audit_socketcall(int nargs, unsigned long *args);
 extern int audit_sockaddr(int len, void *addr);
  
@@ -471,11 +471,10 @@
 		return __audit_fd_pair(fd1, fd2);
 	return 0;
 }
-static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
+static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
 {
 	if (unlikely(!audit_dummy_context()))
-		return __audit_ipc_set_perm(qbytes, uid, gid, mode);
-	return 0;
+		__audit_ipc_set_perm(qbytes, uid, gid, mode);
 }
 static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
 {
@@ -546,7 +545,7 @@
 #define audit_get_sessionid(t) (-1)
 #define audit_log_task_context(b) do { ; } while (0)
 #define audit_ipc_obj(i) ((void)0)
-#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
+#define audit_ipc_set_perm(q,u,g,m) ((void)0)
 #define audit_bprm(p) ({ 0; })
 #define audit_socketcall(n,a) ((void)0)
 #define audit_fd_pair(n,a) ({ 0; })
@@ -803,13 +803,9 @@
 	}
  
 	audit_ipc_obj(ipcp);
-
-	if (cmd == IPC_SET) {
-		err = audit_ipc_set_perm(extra_perm, perm->uid,
+	if (cmd == IPC_SET)
+		audit_ipc_set_perm(extra_perm, perm->uid,
 					 perm->gid, perm->mode);
-		if (err)
-			goto out_unlock;
-	}
  
 	euid = current_euid();
 	if (euid == ipcp->cuid ||
@@ -817,7 +813,6 @@
 		return ipcp;
  
 	err = -EPERM;
-out_unlock:
 	ipc_unlock(ipcp);
 out_up:
 	up_write(&ids->rw_mutex);
@@ -151,16 +151,6 @@
 	struct mq_attr 		mqstat;
 };
  
-struct audit_aux_data_ipcctl {
-	struct audit_aux_data	d;
-	struct ipc_perm		p;
-	unsigned long		qbytes;
-	uid_t			uid;
-	gid_t			gid;
-	mode_t			mode;
-	u32			osid;
-};
-
 struct audit_aux_data_execve {
 	struct audit_aux_data	d;
 	int argc;
@@ -252,6 +242,11 @@
 			gid_t			gid;
 			mode_t			mode;
 			u32			osid;
+			int			has_perm;
+			uid_t			perm_uid;
+			gid_t			perm_gid;
+			mode_t			perm_mode;
+			unsigned long		qbytes;
 		} ipc;
 	};
  
@@ -1260,6 +1255,19 @@
 				security_release_secctx(ctx, len);
 			}
 		}
+		if (context->ipc.has_perm) {
+			audit_log_end(ab);
+			ab = audit_log_start(context, GFP_KERNEL,
+					     AUDIT_IPC_SET_PERM);
+			audit_log_format(ab,
+				"qbytes=%lx ouid=%u ogid=%u mode=%#o",
+				context->ipc.qbytes,
+				context->ipc.perm_uid,
+				context->ipc.perm_gid,
+				context->ipc.perm_mode);
+			if (!ab)
+				return;
+		}
 		break; }
 	}
 	audit_log_end(ab);
@@ -1379,13 +1387,6 @@
 				axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs);
 			break; }
  
-		case AUDIT_IPC_SET_PERM: {
-			struct audit_aux_data_ipcctl *axi = (void *)aux;
-			audit_log_format(ab,
-				"qbytes=%lx ouid=%u ogid=%u mode=%#o",
-				axi->qbytes, axi->uid, axi->gid, axi->mode);
-			break; }
-
 		case AUDIT_EXECVE: {
 			struct audit_aux_data_execve *axi = (void *)aux;
 			audit_log_execve_info(context, &ab, axi);
@@ -2352,6 +2353,7 @@
 	context->ipc.uid = ipcp->uid;
 	context->ipc.gid = ipcp->gid;
 	context->ipc.mode = ipcp->mode;
+	context->ipc.has_perm = 0;
 	security_ipc_getsecid(ipcp, &context->ipc.osid);
 	context->type = AUDIT_IPC;
 }
  
  
  
@@ -2363,26 +2365,17 @@
  * @gid: msgq group id
  * @mode: msgq mode (permissions)
  *
- * Returns 0 for success or NULL context or < 0 on error.
+ * Called only after audit_ipc_obj().
  */
-int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
+void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
 {
-	struct audit_aux_data_ipcctl *ax;
 	struct audit_context *context = current->audit_context;
  
-	ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
-	if (!ax)
-		return -ENOMEM;
-
-	ax->qbytes = qbytes;
-	ax->uid = uid;
-	ax->gid = gid;
-	ax->mode = mode;
-
-	ax->d.type = AUDIT_IPC_SET_PERM;
-	ax->d.next = context->aux;
-	context->aux = (void *)ax;
-	return 0;
+	context->ipc.qbytes = qbytes;
+	context->ipc.perm_uid = uid;
+	context->ipc.perm_gid = gid;
+	context->ipc.perm_mode = mode;
+	context->ipc.has_perm = 1;
 }
  
 int audit_bprm(struct linux_binprm *bprm)
...	...	@@ -444,7 +444,7 @@
444	444	#define audit_get_sessionid(t) ((t)->sessionid)
445	445	extern void audit_log_task_context(struct audit_buffer *ab);
446	446	extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
447		-extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
	447	+extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
448	448	extern int audit_bprm(struct linux_binprm *bprm);
449	449	extern void audit_socketcall(int nargs, unsigned long *args);
450	450	extern int audit_sockaddr(int len, void *addr);
451	451
...	...	@@ -471,11 +471,10 @@
471	471	return __audit_fd_pair(fd1, fd2);
472	472	return 0;
473	473	}
474		-static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
	474	+static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
475	475	{
476	476	if (unlikely(!audit_dummy_context()))
477		- return __audit_ipc_set_perm(qbytes, uid, gid, mode);
478		- return 0;
	477	+ __audit_ipc_set_perm(qbytes, uid, gid, mode);
479	478	}
480	479	static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
481	480	{
...	...	@@ -546,7 +545,7 @@
546	545	#define audit_get_sessionid(t) (-1)
547	546	#define audit_log_task_context(b) do { ; } while (0)
548	547	#define audit_ipc_obj(i) ((void)0)
549		-#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
	548	+#define audit_ipc_set_perm(q,u,g,m) ((void)0)
550	549	#define audit_bprm(p) ({ 0; })
551	550	#define audit_socketcall(n,a) ((void)0)
552	551	#define audit_fd_pair(n,a) ({ 0; })
...	...	@@ -803,13 +803,9 @@
803	803	}
804	804
805	805	audit_ipc_obj(ipcp);
806		-
807		- if (cmd == IPC_SET) {
808		- err = audit_ipc_set_perm(extra_perm, perm->uid,
	806	+ if (cmd == IPC_SET)
	807	+ audit_ipc_set_perm(extra_perm, perm->uid,
809	808	perm->gid, perm->mode);
810		- if (err)
811		- goto out_unlock;
812		- }
813	809
814	810	euid = current_euid();
815	811	if (euid == ipcp->cuid \|\|
...	...	@@ -817,7 +813,6 @@
817	813	return ipcp;
818	814
819	815	err = -EPERM;
820		-out_unlock:
821	816	ipc_unlock(ipcp);
822	817	out_up:
823	818	up_write(&ids->rw_mutex);
...	...	@@ -151,16 +151,6 @@
151	151	struct mq_attr mqstat;
152	152	};
153	153
154		-struct audit_aux_data_ipcctl {
155		- struct audit_aux_data d;
156		- struct ipc_perm p;
157		- unsigned long qbytes;
158		- uid_t uid;
159		- gid_t gid;
160		- mode_t mode;
161		- u32 osid;
162		-};
163		-
164	154	struct audit_aux_data_execve {
165	155	struct audit_aux_data d;
166	156	int argc;
...	...	@@ -252,6 +242,11 @@
252	242	gid_t gid;
253	243	mode_t mode;
254	244	u32 osid;
	245	+ int has_perm;
	246	+ uid_t perm_uid;
	247	+ gid_t perm_gid;
	248	+ mode_t perm_mode;
	249	+ unsigned long qbytes;
255	250	} ipc;
256	251	};
257	252
...	...	@@ -1260,6 +1255,19 @@
1260	1255	security_release_secctx(ctx, len);
1261	1256	}
1262	1257	}
	1258	+ if (context->ipc.has_perm) {
	1259	+ audit_log_end(ab);
	1260	+ ab = audit_log_start(context, GFP_KERNEL,
	1261	+ AUDIT_IPC_SET_PERM);
	1262	+ audit_log_format(ab,
	1263	+ "qbytes=%lx ouid=%u ogid=%u mode=%#o",
	1264	+ context->ipc.qbytes,
	1265	+ context->ipc.perm_uid,
	1266	+ context->ipc.perm_gid,
	1267	+ context->ipc.perm_mode);
	1268	+ if (!ab)
	1269	+ return;
	1270	+ }
1263	1271	break; }
1264	1272	}
1265	1273	audit_log_end(ab);
...	...	@@ -1379,13 +1387,6 @@
1379	1387	axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs);
1380	1388	break; }
1381	1389
1382		- case AUDIT_IPC_SET_PERM: {
1383		- struct audit_aux_data_ipcctl axi = (void )aux;
1384		- audit_log_format(ab,
1385		- "qbytes=%lx ouid=%u ogid=%u mode=%#o",
1386		- axi->qbytes, axi->uid, axi->gid, axi->mode);
1387		- break; }
1388		-
1389	1390	case AUDIT_EXECVE: {
1390	1391	struct audit_aux_data_execve axi = (void )aux;
1391	1392	audit_log_execve_info(context, &ab, axi);
...	...	@@ -2352,6 +2353,7 @@
2352	2353	context->ipc.uid = ipcp->uid;
2353	2354	context->ipc.gid = ipcp->gid;
2354	2355	context->ipc.mode = ipcp->mode;
	2356	+ context->ipc.has_perm = 0;
2355	2357	security_ipc_getsecid(ipcp, &context->ipc.osid);
2356	2358	context->type = AUDIT_IPC;
2357	2359	}
2358	2360
2359	2361
2360	2362
...	...	@@ -2363,26 +2365,17 @@
2363	2365	* @gid: msgq group id
2364	2366	* @mode: msgq mode (permissions)
2365	2367	*
2366		- * Returns 0 for success or NULL context or < 0 on error.
	2368	+ * Called only after audit_ipc_obj().
2367	2369	*/
2368		-int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
	2370	+void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
2369	2371	{
2370		- struct audit_aux_data_ipcctl *ax;
2371	2372	struct audit_context *context = current->audit_context;
2372	2373
2373		- ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2374		- if (!ax)
2375		- return -ENOMEM;
2376		-
2377		- ax->qbytes = qbytes;
2378		- ax->uid = uid;
2379		- ax->gid = gid;
2380		- ax->mode = mode;
2381		-
2382		- ax->d.type = AUDIT_IPC_SET_PERM;
2383		- ax->d.next = context->aux;
2384		- context->aux = (void *)ax;
2385		- return 0;
	2374	+ context->ipc.qbytes = qbytes;
	2375	+ context->ipc.perm_uid = uid;
	2376	+ context->ipc.perm_gid = gid;
	2377	+ context->ipc.perm_mode = mode;
	2378	+ context->ipc.has_perm = 1;
2386	2379	}
2387	2380
2388	2381	int audit_bprm(struct linux_binprm *bprm)