Eric Lee / linux-smarc-t335x-v3.2

Download as
Browse Code ยป

Commit f3298dc4f2277874d40cb4fc3a6e277317d6603b

Authored by Al Viro
1 parent 4f6b434fee
Exists in master and in 4 other branches v3.2_AM335xPSP_04.06.00.11, v3.2_NEWT335xPSP_04.06.00.11, v3.2_SBC_SMARTMEN, v3.2_SMARCT335xPSP_04.06.00.11

sanitize audit_socketcall 

* don't bother with allocations
* now that it can't fail, make it return void

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Showing 3 changed files with 41 additions and 33 deletions Side-by-side Diff

include/linux/audit.h
Diff comments   View file @ f3298dc
... ... @@ -446,7 +446,7 @@
446 446 extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);
447 447 extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
448 448 extern int audit_bprm(struct linux_binprm *bprm);
449   -extern int audit_socketcall(int nargs, unsigned long *args);
  449 +extern void audit_socketcall(int nargs, unsigned long *args);
450 450 extern int audit_sockaddr(int len, void *addr);
451 451 extern int __audit_fd_pair(int fd1, int fd2);
452 452 extern int audit_set_macxattr(const char *name);
... ... @@ -549,7 +549,7 @@
549 549 #define audit_ipc_obj(i) ({ 0; })
550 550 #define audit_ipc_set_perm(q,u,g,m) ({ 0; })
551 551 #define audit_bprm(p) ({ 0; })
552   -#define audit_socketcall(n,a) ({ 0; })
  552 +#define audit_socketcall(n,a) ((void)0)
553 553 #define audit_fd_pair(n,a) ({ 0; })
554 554 #define audit_sockaddr(len, addr) ({ 0; })
555 555 #define audit_set_macxattr(n) do { ; } while (0)
... ... @@ -168,12 +168,6 @@
168 168 struct mm_struct *mm;
169 169 };
170 170  
171   -struct audit_aux_data_socketcall {
172   - struct audit_aux_data d;
173   - int nargs;
174   - unsigned long args[0];
175   -};
176   -
177 171 struct audit_aux_data_fd_pair {
178 172 struct audit_aux_data d;
179 173 int fd[2];
... ... @@ -247,6 +241,14 @@
247 241 struct audit_tree_refs *trees, *first_trees;
248 242 int tree_count;
249 243  
  244 + int type;
  245 + union {
  246 + struct {
  247 + int nargs;
  248 + long args[6];
  249 + } socketcall;
  250 + };
  251 +
250 252 #if AUDIT_DEBUG
251 253 int put_count;
252 254 int ino_count;
... ... @@ -1226,6 +1228,27 @@
1226 1228 audit_log_format(ab, " cap_fe=%d cap_fver=%x", name->fcap.fE, name->fcap_ver);
1227 1229 }
1228 1230  
  1231 +static void show_special(struct audit_context *context)
  1232 +{
  1233 + struct audit_buffer *ab;
  1234 + int i;
  1235 +
  1236 + ab = audit_log_start(context, GFP_KERNEL, context->type);
  1237 + if (!ab)
  1238 + return;
  1239 +
  1240 + switch (context->type) {
  1241 + case AUDIT_SOCKETCALL: {
  1242 + int nargs = context->socketcall.nargs;
  1243 + audit_log_format(ab, "nargs=%d", nargs);
  1244 + for (i = 0; i < nargs; i++)
  1245 + audit_log_format(ab, " a%d=%lx", i,
  1246 + context->socketcall.args[i]);
  1247 + break; }
  1248 + }
  1249 + audit_log_end(ab);
  1250 +}
  1251 +
1229 1252 static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
1230 1253 {
1231 1254 const struct cred *cred;
... ... @@ -1372,13 +1395,6 @@
1372 1395 audit_log_execve_info(context, &ab, axi);
1373 1396 break; }
1374 1397  
1375   - case AUDIT_SOCKETCALL: {
1376   - struct audit_aux_data_socketcall *axs = (void *)aux;
1377   - audit_log_format(ab, "nargs=%d", axs->nargs);
1378   - for (i=0; i<axs->nargs; i++)
1379   - audit_log_format(ab, " a%d=%lx", i, axs->args[i]);
1380   - break; }
1381   -
1382 1398 case AUDIT_FD_PAIR: {
1383 1399 struct audit_aux_data_fd_pair *axs = (void *)aux;
1384 1400 audit_log_format(ab, "fd0=%d fd1=%d", axs->fd[0], axs->fd[1]);
... ... @@ -1410,6 +1426,9 @@
1410 1426 audit_log_end(ab);
1411 1427 }
1412 1428  
  1429 + if (context->type)
  1430 + show_special(context);
  1431 +
1413 1432 if (context->sockaddr_len) {
1414 1433 ab = audit_log_start(context, GFP_KERNEL, AUDIT_SOCKADDR);
1415 1434 if (ab) {
... ... @@ -1689,6 +1708,7 @@
1689 1708 context->target_pid = 0;
1690 1709 context->target_sid = 0;
1691 1710 context->sockaddr_len = 0;
  1711 + context->type = 0;
1692 1712 kfree(context->filterkey);
1693 1713 context->filterkey = NULL;
1694 1714 tsk->audit_context = context;
1695 1715  
1696 1716  
1697 1717  
1698 1718  
... ... @@ -2406,27 +2426,17 @@
2406 2426 * @nargs: number of args
2407 2427 * @args: args array
2408 2428 *
2409   - * Returns 0 for success or NULL context or < 0 on error.
2410 2429 */
2411   -int audit_socketcall(int nargs, unsigned long *args)
  2430 +void audit_socketcall(int nargs, unsigned long *args)
2412 2431 {
2413   - struct audit_aux_data_socketcall *ax;
2414 2432 struct audit_context *context = current->audit_context;
2415 2433  
2416 2434 if (likely(!context || context->dummy))
2417   - return 0;
  2435 + return;
2418 2436  
2419   - ax = kmalloc(sizeof(*ax) + nargs * sizeof(unsigned long), GFP_KERNEL);
2420   - if (!ax)
2421   - return -ENOMEM;
2422   -
2423   - ax->nargs = nargs;
2424   - memcpy(ax->args, args, nargs * sizeof(unsigned long));
2425   -
2426   - ax->d.type = AUDIT_SOCKETCALL;
2427   - ax->d.next = context->aux;
2428   - context->aux = (void *)ax;
2429   - return 0;
  2437 + context->type = AUDIT_SOCKETCALL;
  2438 + context->socketcall.nargs = nargs;
  2439 + memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long));
2430 2440 }
2431 2441  
2432 2442 /**
... ... @@ -2065,9 +2065,7 @@
2065 2065 if (copy_from_user(a, args, nargs[call]))
2066 2066 return -EFAULT;
2067 2067  
2068   - err = audit_socketcall(nargs[call] / sizeof(unsigned long), a);
2069   - if (err)
2070   - return err;
  2068 + audit_socketcall(nargs[call] / sizeof(unsigned long), a);
2071 2069  
2072 2070 a0 = a[0];
2073 2071 a1 = a[1];