Eric Lee / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit b29ee87e9b441e72454efd1be56aa1a05ffb2f58

Authored by Eric Paris
Committed by Al Viro
1 parent 422b03cf75
Exists in master and in 39 other branches 8mp-imx_5.4.70_2.3.0, 8qm-imx_5.4.70_2.3.0, emb_imx_lf-5.15.y, emb_lf-6.1.y, imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, imx_4.1.15_1.0.0_ga, pitx_8mp_lf-5.10.y, rt-smarc-imx_4.1.15_1.0.0_ga, rt_linux_5.15.71, smarc-8m-android-11.0.0_2.0.0, smarc-imx6_4.14.98_2.0.0_ga, smarc-imx6_4.9.88_2.0.0_ga, smarc-imx7_4.14.98_2.0.0_ga, smarc-imx7_4.9.11_1.0.0_ga, smarc-imx7_4.9.88_2.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-imx_4.1.15_1.0.0_ga, smarc-imx_4.9.11_1.0.0_ga, smarc-imx_4.9.51_imx8m_ga, smarc-imx_4.9.88_2.0.0_ga, smarc-m6.0.1_2.1.0-ga, smarc-n7.1.2_2.0.0-ga, smarc-rel_imx_4.1.15_1.2.0_ga, smarc_8m_00d0_imx_4.14.98_2.0.0_ga, smarc_8m_imx_4.14.78_1.0.0_ga, smarc_8m_imx_4.14.98_2.0.0_ga, smarc_8m_imx_4.19.35_1.1.0, smarc_8mm_imx_4.14.78_1.0.0_ga, smarc_8mm_imx_4.14.98_2.0.0_ga, smarc_8mm_imx_4.19.35_1.1.0, smarc_8mm_imx_5.4.24_2.1.0, smarc_8mp_lf-5.10.y, smarc_8mq_imx_5.4.24_2.1.0, smarc_8mq_lf-5.10.y, smarc_imx_lf-5.15.y

[RFC] AUDIT: do not panic when printk loses messages 

On the latest kernels if one was to load about 15 rules, set the failure
state to panic, and then run service auditd stop the kernel will panic.
This is because auditd stops, then the script deletes all of the rules.
These deletions are sent as audit messages out of the printk kernel
interface which is already known to be lossy.  These will overun the
default kernel rate limiting (10 really fast messages) and will call
audit_panic().  The same effect can happen if a slew of avc's come
through while auditd is stopped.

This can be fixed a number of ways but this patch fixes the problem by
just not panicing if auditd is not running.  We know printk is lossy and
if the user chooses to set the failure mode to panic and tries to use
printk we can't make any promises no matter how hard we try, so why try?
At least in this way we continue to get lost message accounting and will
eventually know that things went bad.

The other change is to add a new call to audit_log_lost() if auditd
disappears.  We already pulled the skb off the queue and couldn't send
it so that message is lost.  At least this way we will account for the
last message and panic if the machine is configured to panic.  This code
path should only be run if auditd dies for unforeseen reasons.  If
auditd closes correctly audit_pid will get set to 0 and we won't walk
this code path.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Showing 1 changed file with 4 additions and 1 deletions Inline Diff

1 /* audit.c -- Auditing support 1 /* audit.c -- Auditing support
2 * Gateway between the kernel (e.g., selinux) and the user-space audit daemon. 2 * Gateway between the kernel (e.g., selinux) and the user-space audit daemon.
3 * System-call specific features have moved to auditsc.c 3 * System-call specific features have moved to auditsc.c
4 * 4 *
5 * Copyright 2003-2007 Red Hat Inc., Durham, North Carolina. 5 * Copyright 2003-2007 Red Hat Inc., Durham, North Carolina.
6 * All Rights Reserved. 6 * All Rights Reserved.
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify 8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by 9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or 10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version. 11 * (at your option) any later version.
12 * 12 *
13 * This program is distributed in the hope that it will be useful, 13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details. 16 * GNU General Public License for more details.
17 * 17 *
18 * You should have received a copy of the GNU General Public License 18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software 19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 * 21 *
22 * Written by Rickard E. (Rik) Faith <faith@redhat.com> 22 * Written by Rickard E. (Rik) Faith <faith@redhat.com>
23 * 23 *
24 * Goals: 1) Integrate fully with SELinux. 24 * Goals: 1) Integrate fully with SELinux.
25 * 2) Minimal run-time overhead: 25 * 2) Minimal run-time overhead:
26 * a) Minimal when syscall auditing is disabled (audit_enable=0). 26 * a) Minimal when syscall auditing is disabled (audit_enable=0).
27 * b) Small when syscall auditing is enabled and no audit record 27 * b) Small when syscall auditing is enabled and no audit record
28 * is generated (defer as much work as possible to record 28 * is generated (defer as much work as possible to record
29 * generation time): 29 * generation time):
30 * i) context is allocated, 30 * i) context is allocated,
31 * ii) names from getname are stored without a copy, and 31 * ii) names from getname are stored without a copy, and
32 * iii) inode information stored from path_lookup. 32 * iii) inode information stored from path_lookup.
33 * 3) Ability to disable syscall auditing at boot time (audit=0). 33 * 3) Ability to disable syscall auditing at boot time (audit=0).
34 * 4) Usable by other parts of the kernel (if audit_log* is called, 34 * 4) Usable by other parts of the kernel (if audit_log* is called,
35 * then a syscall record will be generated automatically for the 35 * then a syscall record will be generated automatically for the
36 * current syscall). 36 * current syscall).
37 * 5) Netlink interface to user-space. 37 * 5) Netlink interface to user-space.
38 * 6) Support low-overhead kernel-based filtering to minimize the 38 * 6) Support low-overhead kernel-based filtering to minimize the
39 * information that must be passed to user-space. 39 * information that must be passed to user-space.
40 * 40 *
41 * Example user-space utilities: http://people.redhat.com/sgrubb/audit/ 41 * Example user-space utilities: http://people.redhat.com/sgrubb/audit/
42 */ 42 */
43 43
44 #include <linux/init.h> 44 #include <linux/init.h>
45 #include <asm/types.h> 45 #include <asm/types.h>
46 #include <asm/atomic.h> 46 #include <asm/atomic.h>
47 #include <linux/mm.h> 47 #include <linux/mm.h>
48 #include <linux/module.h> 48 #include <linux/module.h>
49 #include <linux/err.h> 49 #include <linux/err.h>
50 #include <linux/kthread.h> 50 #include <linux/kthread.h>
51 51
52 #include <linux/audit.h> 52 #include <linux/audit.h>
53 53
54 #include <net/sock.h> 54 #include <net/sock.h>
55 #include <net/netlink.h> 55 #include <net/netlink.h>
56 #include <linux/skbuff.h> 56 #include <linux/skbuff.h>
57 #include <linux/netlink.h> 57 #include <linux/netlink.h>
58 #include <linux/selinux.h> 58 #include <linux/selinux.h>
59 #include <linux/inotify.h> 59 #include <linux/inotify.h>
60 #include <linux/freezer.h> 60 #include <linux/freezer.h>
61 #include <linux/tty.h> 61 #include <linux/tty.h>
62 62
63 #include "audit.h" 63 #include "audit.h"
64 64
65 /* No auditing will take place until audit_initialized != 0. 65 /* No auditing will take place until audit_initialized != 0.
66 * (Initialization happens after skb_init is called.) */ 66 * (Initialization happens after skb_init is called.) */
67 static int audit_initialized; 67 static int audit_initialized;
68 68
69 #define AUDIT_OFF 0 69 #define AUDIT_OFF 0
70 #define AUDIT_ON 1 70 #define AUDIT_ON 1
71 #define AUDIT_LOCKED 2 71 #define AUDIT_LOCKED 2
72 int audit_enabled; 72 int audit_enabled;
73 int audit_ever_enabled; 73 int audit_ever_enabled;
74 74
75 /* Default state when kernel boots without any parameters. */ 75 /* Default state when kernel boots without any parameters. */
76 static int audit_default; 76 static int audit_default;
77 77
78 /* If auditing cannot proceed, audit_failure selects what happens. */ 78 /* If auditing cannot proceed, audit_failure selects what happens. */
79 static int audit_failure = AUDIT_FAIL_PRINTK; 79 static int audit_failure = AUDIT_FAIL_PRINTK;
80 80
81 /* If audit records are to be written to the netlink socket, audit_pid 81 /* If audit records are to be written to the netlink socket, audit_pid
82 * contains the (non-zero) pid. */ 82 * contains the (non-zero) pid. */
83 int audit_pid; 83 int audit_pid;
84 84
85 /* If audit_rate_limit is non-zero, limit the rate of sending audit records 85 /* If audit_rate_limit is non-zero, limit the rate of sending audit records
86 * to that number per second. This prevents DoS attacks, but results in 86 * to that number per second. This prevents DoS attacks, but results in
87 * audit records being dropped. */ 87 * audit records being dropped. */
88 static int audit_rate_limit; 88 static int audit_rate_limit;
89 89
90 /* Number of outstanding audit_buffers allowed. */ 90 /* Number of outstanding audit_buffers allowed. */
91 static int audit_backlog_limit = 64; 91 static int audit_backlog_limit = 64;
92 static int audit_backlog_wait_time = 60 * HZ; 92 static int audit_backlog_wait_time = 60 * HZ;
93 static int audit_backlog_wait_overflow = 0; 93 static int audit_backlog_wait_overflow = 0;
94 94
95 /* The identity of the user shutting down the audit system. */ 95 /* The identity of the user shutting down the audit system. */
96 uid_t audit_sig_uid = -1; 96 uid_t audit_sig_uid = -1;
97 pid_t audit_sig_pid = -1; 97 pid_t audit_sig_pid = -1;
98 u32 audit_sig_sid = 0; 98 u32 audit_sig_sid = 0;
99 99
100 /* Records can be lost in several ways: 100 /* Records can be lost in several ways:
101 0) [suppressed in audit_alloc] 101 0) [suppressed in audit_alloc]
102 1) out of memory in audit_log_start [kmalloc of struct audit_buffer] 102 1) out of memory in audit_log_start [kmalloc of struct audit_buffer]
103 2) out of memory in audit_log_move [alloc_skb] 103 2) out of memory in audit_log_move [alloc_skb]
104 3) suppressed due to audit_rate_limit 104 3) suppressed due to audit_rate_limit
105 4) suppressed due to audit_backlog_limit 105 4) suppressed due to audit_backlog_limit
106 */ 106 */
107 static atomic_t audit_lost = ATOMIC_INIT(0); 107 static atomic_t audit_lost = ATOMIC_INIT(0);
108 108
109 /* The netlink socket. */ 109 /* The netlink socket. */
110 static struct sock *audit_sock; 110 static struct sock *audit_sock;
111 111
112 /* Inotify handle. */ 112 /* Inotify handle. */
113 struct inotify_handle *audit_ih; 113 struct inotify_handle *audit_ih;
114 114
115 /* Hash for inode-based rules */ 115 /* Hash for inode-based rules */
116 struct list_head audit_inode_hash[AUDIT_INODE_BUCKETS]; 116 struct list_head audit_inode_hash[AUDIT_INODE_BUCKETS];
117 117
118 /* The audit_freelist is a list of pre-allocated audit buffers (if more 118 /* The audit_freelist is a list of pre-allocated audit buffers (if more
119 * than AUDIT_MAXFREE are in use, the audit buffer is freed instead of 119 * than AUDIT_MAXFREE are in use, the audit buffer is freed instead of
120 * being placed on the freelist). */ 120 * being placed on the freelist). */
121 static DEFINE_SPINLOCK(audit_freelist_lock); 121 static DEFINE_SPINLOCK(audit_freelist_lock);
122 static int audit_freelist_count; 122 static int audit_freelist_count;
123 static LIST_HEAD(audit_freelist); 123 static LIST_HEAD(audit_freelist);
124 124
125 static struct sk_buff_head audit_skb_queue; 125 static struct sk_buff_head audit_skb_queue;
126 static struct task_struct *kauditd_task; 126 static struct task_struct *kauditd_task;
127 static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait); 127 static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
128 static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait); 128 static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait);
129 129
130 /* Serialize requests from userspace. */ 130 /* Serialize requests from userspace. */
131 static DEFINE_MUTEX(audit_cmd_mutex); 131 static DEFINE_MUTEX(audit_cmd_mutex);
132 132
133 /* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting 133 /* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
134 * audit records. Since printk uses a 1024 byte buffer, this buffer 134 * audit records. Since printk uses a 1024 byte buffer, this buffer
135 * should be at least that large. */ 135 * should be at least that large. */
136 #define AUDIT_BUFSIZ 1024 136 #define AUDIT_BUFSIZ 1024
137 137
138 /* AUDIT_MAXFREE is the number of empty audit_buffers we keep on the 138 /* AUDIT_MAXFREE is the number of empty audit_buffers we keep on the
139 * audit_freelist. Doing so eliminates many kmalloc/kfree calls. */ 139 * audit_freelist. Doing so eliminates many kmalloc/kfree calls. */
140 #define AUDIT_MAXFREE (2*NR_CPUS) 140 #define AUDIT_MAXFREE (2*NR_CPUS)
141 141
142 /* The audit_buffer is used when formatting an audit record. The caller 142 /* The audit_buffer is used when formatting an audit record. The caller
143 * locks briefly to get the record off the freelist or to allocate the 143 * locks briefly to get the record off the freelist or to allocate the
144 * buffer, and locks briefly to send the buffer to the netlink layer or 144 * buffer, and locks briefly to send the buffer to the netlink layer or
145 * to place it on a transmit queue. Multiple audit_buffers can be in 145 * to place it on a transmit queue. Multiple audit_buffers can be in
146 * use simultaneously. */ 146 * use simultaneously. */
147 struct audit_buffer { 147 struct audit_buffer {
148 struct list_head list; 148 struct list_head list;
149 struct sk_buff *skb; /* formatted skb ready to send */ 149 struct sk_buff *skb; /* formatted skb ready to send */
150 struct audit_context *ctx; /* NULL or associated context */ 150 struct audit_context *ctx; /* NULL or associated context */
151 gfp_t gfp_mask; 151 gfp_t gfp_mask;
152 }; 152 };
153 153
154 static void audit_set_pid(struct audit_buffer *ab, pid_t pid) 154 static void audit_set_pid(struct audit_buffer *ab, pid_t pid)
155 { 155 {
156 if (ab) { 156 if (ab) {
157 struct nlmsghdr *nlh = nlmsg_hdr(ab->skb); 157 struct nlmsghdr *nlh = nlmsg_hdr(ab->skb);
158 nlh->nlmsg_pid = pid; 158 nlh->nlmsg_pid = pid;
159 } 159 }
160 } 160 }
161 161
162 void audit_panic(const char *message) 162 void audit_panic(const char *message)
163 { 163 {
164 switch (audit_failure) 164 switch (audit_failure)
165 { 165 {
166 case AUDIT_FAIL_SILENT: 166 case AUDIT_FAIL_SILENT:
167 break; 167 break;
168 case AUDIT_FAIL_PRINTK: 168 case AUDIT_FAIL_PRINTK:
169 if (printk_ratelimit()) 169 if (printk_ratelimit())
170 printk(KERN_ERR "audit: %s\n", message); 170 printk(KERN_ERR "audit: %s\n", message);
171 break; 171 break;
172 case AUDIT_FAIL_PANIC: 172 case AUDIT_FAIL_PANIC:
173 panic("audit: %s\n", message); 173 /* test audit_pid since printk is always losey, why bother? */
174 if (audit_pid)
175 panic("audit: %s\n", message);
174 break; 176 break;
175 } 177 }
176 } 178 }
177 179
178 static inline int audit_rate_check(void) 180 static inline int audit_rate_check(void)
179 { 181 {
180 static unsigned long last_check = 0; 182 static unsigned long last_check = 0;
181 static int messages = 0; 183 static int messages = 0;
182 static DEFINE_SPINLOCK(lock); 184 static DEFINE_SPINLOCK(lock);
183 unsigned long flags; 185 unsigned long flags;
184 unsigned long now; 186 unsigned long now;
185 unsigned long elapsed; 187 unsigned long elapsed;
186 int retval = 0; 188 int retval = 0;
187 189
188 if (!audit_rate_limit) return 1; 190 if (!audit_rate_limit) return 1;
189 191
190 spin_lock_irqsave(&lock, flags); 192 spin_lock_irqsave(&lock, flags);
191 if (++messages < audit_rate_limit) { 193 if (++messages < audit_rate_limit) {
192 retval = 1; 194 retval = 1;
193 } else { 195 } else {
194 now = jiffies; 196 now = jiffies;
195 elapsed = now - last_check; 197 elapsed = now - last_check;
196 if (elapsed > HZ) { 198 if (elapsed > HZ) {
197 last_check = now; 199 last_check = now;
198 messages = 0; 200 messages = 0;
199 retval = 1; 201 retval = 1;
200 } 202 }
201 } 203 }
202 spin_unlock_irqrestore(&lock, flags); 204 spin_unlock_irqrestore(&lock, flags);
203 205
204 return retval; 206 return retval;
205 } 207 }
206 208
207 /** 209 /**
208 * audit_log_lost - conditionally log lost audit message event 210 * audit_log_lost - conditionally log lost audit message event
209 * @message: the message stating reason for lost audit message 211 * @message: the message stating reason for lost audit message
210 * 212 *
211 * Emit at least 1 message per second, even if audit_rate_check is 213 * Emit at least 1 message per second, even if audit_rate_check is
212 * throttling. 214 * throttling.
213 * Always increment the lost messages counter. 215 * Always increment the lost messages counter.
214 */ 216 */
215 void audit_log_lost(const char *message) 217 void audit_log_lost(const char *message)
216 { 218 {
217 static unsigned long last_msg = 0; 219 static unsigned long last_msg = 0;
218 static DEFINE_SPINLOCK(lock); 220 static DEFINE_SPINLOCK(lock);
219 unsigned long flags; 221 unsigned long flags;
220 unsigned long now; 222 unsigned long now;
221 int print; 223 int print;
222 224
223 atomic_inc(&audit_lost); 225 atomic_inc(&audit_lost);
224 226
225 print = (audit_failure == AUDIT_FAIL_PANIC || !audit_rate_limit); 227 print = (audit_failure == AUDIT_FAIL_PANIC || !audit_rate_limit);
226 228
227 if (!print) { 229 if (!print) {
228 spin_lock_irqsave(&lock, flags); 230 spin_lock_irqsave(&lock, flags);
229 now = jiffies; 231 now = jiffies;
230 if (now - last_msg > HZ) { 232 if (now - last_msg > HZ) {
231 print = 1; 233 print = 1;
232 last_msg = now; 234 last_msg = now;
233 } 235 }
234 spin_unlock_irqrestore(&lock, flags); 236 spin_unlock_irqrestore(&lock, flags);
235 } 237 }
236 238
237 if (print) { 239 if (print) {
238 if (printk_ratelimit()) 240 if (printk_ratelimit())
239 printk(KERN_WARNING 241 printk(KERN_WARNING
240 "audit: audit_lost=%d audit_rate_limit=%d " 242 "audit: audit_lost=%d audit_rate_limit=%d "
241 "audit_backlog_limit=%d\n", 243 "audit_backlog_limit=%d\n",
242 atomic_read(&audit_lost), 244 atomic_read(&audit_lost),
243 audit_rate_limit, 245 audit_rate_limit,
244 audit_backlog_limit); 246 audit_backlog_limit);
245 audit_panic(message); 247 audit_panic(message);
246 } 248 }
247 } 249 }
248 250
249 static int audit_log_config_change(char *function_name, int new, int old, 251 static int audit_log_config_change(char *function_name, int new, int old,
250 uid_t loginuid, u32 sid, int allow_changes) 252 uid_t loginuid, u32 sid, int allow_changes)
251 { 253 {
252 struct audit_buffer *ab; 254 struct audit_buffer *ab;
253 int rc = 0; 255 int rc = 0;
254 256
255 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); 257 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
256 audit_log_format(ab, "%s=%d old=%d by auid=%u", function_name, new, 258 audit_log_format(ab, "%s=%d old=%d by auid=%u", function_name, new,
257 old, loginuid); 259 old, loginuid);
258 if (sid) { 260 if (sid) {
259 char *ctx = NULL; 261 char *ctx = NULL;
260 u32 len; 262 u32 len;
261 263
262 rc = selinux_sid_to_string(sid, &ctx, &len); 264 rc = selinux_sid_to_string(sid, &ctx, &len);
263 if (rc) { 265 if (rc) {
264 audit_log_format(ab, " sid=%u", sid); 266 audit_log_format(ab, " sid=%u", sid);
265 allow_changes = 0; /* Something weird, deny request */ 267 allow_changes = 0; /* Something weird, deny request */
266 } else { 268 } else {
267 audit_log_format(ab, " subj=%s", ctx); 269 audit_log_format(ab, " subj=%s", ctx);
268 kfree(ctx); 270 kfree(ctx);
269 } 271 }
270 } 272 }
271 audit_log_format(ab, " res=%d", allow_changes); 273 audit_log_format(ab, " res=%d", allow_changes);
272 audit_log_end(ab); 274 audit_log_end(ab);
273 return rc; 275 return rc;
274 } 276 }
275 277
276 static int audit_do_config_change(char *function_name, int *to_change, 278 static int audit_do_config_change(char *function_name, int *to_change,
277 int new, uid_t loginuid, u32 sid) 279 int new, uid_t loginuid, u32 sid)
278 { 280 {
279 int allow_changes, rc = 0, old = *to_change; 281 int allow_changes, rc = 0, old = *to_change;
280 282
281 /* check if we are locked */ 283 /* check if we are locked */
282 if (audit_enabled == AUDIT_LOCKED) 284 if (audit_enabled == AUDIT_LOCKED)
283 allow_changes = 0; 285 allow_changes = 0;
284 else 286 else
285 allow_changes = 1; 287 allow_changes = 1;
286 288
287 if (audit_enabled != AUDIT_OFF) { 289 if (audit_enabled != AUDIT_OFF) {
288 rc = audit_log_config_change(function_name, new, old, 290 rc = audit_log_config_change(function_name, new, old,
289 loginuid, sid, allow_changes); 291 loginuid, sid, allow_changes);
290 if (rc) 292 if (rc)
291 allow_changes = 0; 293 allow_changes = 0;
292 } 294 }
293 295
294 /* If we are allowed, make the change */ 296 /* If we are allowed, make the change */
295 if (allow_changes == 1) 297 if (allow_changes == 1)
296 *to_change = new; 298 *to_change = new;
297 /* Not allowed, update reason */ 299 /* Not allowed, update reason */
298 else if (rc == 0) 300 else if (rc == 0)
299 rc = -EPERM; 301 rc = -EPERM;
300 return rc; 302 return rc;
301 } 303 }
302 304
303 static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sid) 305 static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sid)
304 { 306 {
305 return audit_do_config_change("audit_rate_limit", &audit_rate_limit, 307 return audit_do_config_change("audit_rate_limit", &audit_rate_limit,
306 limit, loginuid, sid); 308 limit, loginuid, sid);
307 } 309 }
308 310
309 static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid) 311 static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid)
310 { 312 {
311 return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit, 313 return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit,
312 limit, loginuid, sid); 314 limit, loginuid, sid);
313 } 315 }
314 316
315 static int audit_set_enabled(int state, uid_t loginuid, u32 sid) 317 static int audit_set_enabled(int state, uid_t loginuid, u32 sid)
316 { 318 {
317 int rc; 319 int rc;
318 if (state < AUDIT_OFF || state > AUDIT_LOCKED) 320 if (state < AUDIT_OFF || state > AUDIT_LOCKED)
319 return -EINVAL; 321 return -EINVAL;
320 322
321 rc = audit_do_config_change("audit_enabled", &audit_enabled, state, 323 rc = audit_do_config_change("audit_enabled", &audit_enabled, state,
322 loginuid, sid); 324 loginuid, sid);
323 325
324 if (!rc) 326 if (!rc)
325 audit_ever_enabled |= !!state; 327 audit_ever_enabled |= !!state;
326 328
327 return rc; 329 return rc;
328 } 330 }
329 331
330 static int audit_set_failure(int state, uid_t loginuid, u32 sid) 332 static int audit_set_failure(int state, uid_t loginuid, u32 sid)
331 { 333 {
332 if (state != AUDIT_FAIL_SILENT 334 if (state != AUDIT_FAIL_SILENT
333 && state != AUDIT_FAIL_PRINTK 335 && state != AUDIT_FAIL_PRINTK
334 && state != AUDIT_FAIL_PANIC) 336 && state != AUDIT_FAIL_PANIC)
335 return -EINVAL; 337 return -EINVAL;
336 338
337 return audit_do_config_change("audit_failure", &audit_failure, state, 339 return audit_do_config_change("audit_failure", &audit_failure, state,
338 loginuid, sid); 340 loginuid, sid);
339 } 341 }
340 342
341 static int kauditd_thread(void *dummy) 343 static int kauditd_thread(void *dummy)
342 { 344 {
343 struct sk_buff *skb; 345 struct sk_buff *skb;
344 346
345 set_freezable(); 347 set_freezable();
346 while (!kthread_should_stop()) { 348 while (!kthread_should_stop()) {
347 skb = skb_dequeue(&audit_skb_queue); 349 skb = skb_dequeue(&audit_skb_queue);
348 wake_up(&audit_backlog_wait); 350 wake_up(&audit_backlog_wait);
349 if (skb) { 351 if (skb) {
350 if (audit_pid) { 352 if (audit_pid) {
351 int err = netlink_unicast(audit_sock, skb, audit_pid, 0); 353 int err = netlink_unicast(audit_sock, skb, audit_pid, 0);
352 if (err < 0) { 354 if (err < 0) {
353 BUG_ON(err != -ECONNREFUSED); /* Shoudn't happen */ 355 BUG_ON(err != -ECONNREFUSED); /* Shoudn't happen */
354 printk(KERN_ERR "audit: *NO* daemon at audit_pid=%d\n", audit_pid); 356 printk(KERN_ERR "audit: *NO* daemon at audit_pid=%d\n", audit_pid);
357 audit_log_lost("auditd dissapeared\n");
355 audit_pid = 0; 358 audit_pid = 0;
356 } 359 }
357 } else { 360 } else {
358 if (printk_ratelimit()) 361 if (printk_ratelimit())
359 printk(KERN_NOTICE "%s\n", skb->data + 362 printk(KERN_NOTICE "%s\n", skb->data +
360 NLMSG_SPACE(0)); 363 NLMSG_SPACE(0));
361 else 364 else
362 audit_log_lost("printk limit exceeded\n"); 365 audit_log_lost("printk limit exceeded\n");
363 kfree_skb(skb); 366 kfree_skb(skb);
364 } 367 }
365 } else { 368 } else {
366 DECLARE_WAITQUEUE(wait, current); 369 DECLARE_WAITQUEUE(wait, current);
367 set_current_state(TASK_INTERRUPTIBLE); 370 set_current_state(TASK_INTERRUPTIBLE);
368 add_wait_queue(&kauditd_wait, &wait); 371 add_wait_queue(&kauditd_wait, &wait);
369 372
370 if (!skb_queue_len(&audit_skb_queue)) { 373 if (!skb_queue_len(&audit_skb_queue)) {
371 try_to_freeze(); 374 try_to_freeze();
372 schedule(); 375 schedule();
373 } 376 }
374 377
375 __set_current_state(TASK_RUNNING); 378 __set_current_state(TASK_RUNNING);
376 remove_wait_queue(&kauditd_wait, &wait); 379 remove_wait_queue(&kauditd_wait, &wait);
377 } 380 }
378 } 381 }
379 return 0; 382 return 0;
380 } 383 }
381 384
382 static int audit_prepare_user_tty(pid_t pid, uid_t loginuid) 385 static int audit_prepare_user_tty(pid_t pid, uid_t loginuid)
383 { 386 {
384 struct task_struct *tsk; 387 struct task_struct *tsk;
385 int err; 388 int err;
386 389
387 read_lock(&tasklist_lock); 390 read_lock(&tasklist_lock);
388 tsk = find_task_by_pid(pid); 391 tsk = find_task_by_pid(pid);
389 err = -ESRCH; 392 err = -ESRCH;
390 if (!tsk) 393 if (!tsk)
391 goto out; 394 goto out;
392 err = 0; 395 err = 0;
393 396
394 spin_lock_irq(&tsk->sighand->siglock); 397 spin_lock_irq(&tsk->sighand->siglock);
395 if (!tsk->signal->audit_tty) 398 if (!tsk->signal->audit_tty)
396 err = -EPERM; 399 err = -EPERM;
397 spin_unlock_irq(&tsk->sighand->siglock); 400 spin_unlock_irq(&tsk->sighand->siglock);
398 if (err) 401 if (err)
399 goto out; 402 goto out;
400 403
401 tty_audit_push_task(tsk, loginuid); 404 tty_audit_push_task(tsk, loginuid);
402 out: 405 out:
403 read_unlock(&tasklist_lock); 406 read_unlock(&tasklist_lock);
404 return err; 407 return err;
405 } 408 }
406 409
407 int audit_send_list(void *_dest) 410 int audit_send_list(void *_dest)
408 { 411 {
409 struct audit_netlink_list *dest = _dest; 412 struct audit_netlink_list *dest = _dest;
410 int pid = dest->pid; 413 int pid = dest->pid;
411 struct sk_buff *skb; 414 struct sk_buff *skb;
412 415
413 /* wait for parent to finish and send an ACK */ 416 /* wait for parent to finish and send an ACK */
414 mutex_lock(&audit_cmd_mutex); 417 mutex_lock(&audit_cmd_mutex);
415 mutex_unlock(&audit_cmd_mutex); 418 mutex_unlock(&audit_cmd_mutex);
416 419
417 while ((skb = __skb_dequeue(&dest->q)) != NULL) 420 while ((skb = __skb_dequeue(&dest->q)) != NULL)
418 netlink_unicast(audit_sock, skb, pid, 0); 421 netlink_unicast(audit_sock, skb, pid, 0);
419 422
420 kfree(dest); 423 kfree(dest);
421 424
422 return 0; 425 return 0;
423 } 426 }
424 427
425 #ifdef CONFIG_AUDIT_TREE 428 #ifdef CONFIG_AUDIT_TREE
426 static int prune_tree_thread(void *unused) 429 static int prune_tree_thread(void *unused)
427 { 430 {
428 mutex_lock(&audit_cmd_mutex); 431 mutex_lock(&audit_cmd_mutex);
429 audit_prune_trees(); 432 audit_prune_trees();
430 mutex_unlock(&audit_cmd_mutex); 433 mutex_unlock(&audit_cmd_mutex);
431 return 0; 434 return 0;
432 } 435 }
433 436
434 void audit_schedule_prune(void) 437 void audit_schedule_prune(void)
435 { 438 {
436 kthread_run(prune_tree_thread, NULL, "audit_prune_tree"); 439 kthread_run(prune_tree_thread, NULL, "audit_prune_tree");
437 } 440 }
438 #endif 441 #endif
439 442
440 struct sk_buff *audit_make_reply(int pid, int seq, int type, int done, 443 struct sk_buff *audit_make_reply(int pid, int seq, int type, int done,
441 int multi, void *payload, int size) 444 int multi, void *payload, int size)
442 { 445 {
443 struct sk_buff *skb; 446 struct sk_buff *skb;
444 struct nlmsghdr *nlh; 447 struct nlmsghdr *nlh;
445 int len = NLMSG_SPACE(size); 448 int len = NLMSG_SPACE(size);
446 void *data; 449 void *data;
447 int flags = multi ? NLM_F_MULTI : 0; 450 int flags = multi ? NLM_F_MULTI : 0;
448 int t = done ? NLMSG_DONE : type; 451 int t = done ? NLMSG_DONE : type;
449 452
450 skb = alloc_skb(len, GFP_KERNEL); 453 skb = alloc_skb(len, GFP_KERNEL);
451 if (!skb) 454 if (!skb)
452 return NULL; 455 return NULL;
453 456
454 nlh = NLMSG_PUT(skb, pid, seq, t, size); 457 nlh = NLMSG_PUT(skb, pid, seq, t, size);
455 nlh->nlmsg_flags = flags; 458 nlh->nlmsg_flags = flags;
456 data = NLMSG_DATA(nlh); 459 data = NLMSG_DATA(nlh);
457 memcpy(data, payload, size); 460 memcpy(data, payload, size);
458 return skb; 461 return skb;
459 462
460 nlmsg_failure: /* Used by NLMSG_PUT */ 463 nlmsg_failure: /* Used by NLMSG_PUT */
461 if (skb) 464 if (skb)
462 kfree_skb(skb); 465 kfree_skb(skb);
463 return NULL; 466 return NULL;
464 } 467 }
465 468
466 /** 469 /**
467 * audit_send_reply - send an audit reply message via netlink 470 * audit_send_reply - send an audit reply message via netlink
468 * @pid: process id to send reply to 471 * @pid: process id to send reply to
469 * @seq: sequence number 472 * @seq: sequence number
470 * @type: audit message type 473 * @type: audit message type
471 * @done: done (last) flag 474 * @done: done (last) flag
472 * @multi: multi-part message flag 475 * @multi: multi-part message flag
473 * @payload: payload data 476 * @payload: payload data
474 * @size: payload size 477 * @size: payload size
475 * 478 *
476 * Allocates an skb, builds the netlink message, and sends it to the pid. 479 * Allocates an skb, builds the netlink message, and sends it to the pid.
477 * No failure notifications. 480 * No failure notifications.
478 */ 481 */
479 void audit_send_reply(int pid, int seq, int type, int done, int multi, 482 void audit_send_reply(int pid, int seq, int type, int done, int multi,
480 void *payload, int size) 483 void *payload, int size)
481 { 484 {
482 struct sk_buff *skb; 485 struct sk_buff *skb;
483 skb = audit_make_reply(pid, seq, type, done, multi, payload, size); 486 skb = audit_make_reply(pid, seq, type, done, multi, payload, size);
484 if (!skb) 487 if (!skb)
485 return; 488 return;
486 /* Ignore failure. It'll only happen if the sender goes away, 489 /* Ignore failure. It'll only happen if the sender goes away,
487 because our timeout is set to infinite. */ 490 because our timeout is set to infinite. */
488 netlink_unicast(audit_sock, skb, pid, 0); 491 netlink_unicast(audit_sock, skb, pid, 0);
489 return; 492 return;
490 } 493 }
491 494
492 /* 495 /*
493 * Check for appropriate CAP_AUDIT_ capabilities on incoming audit 496 * Check for appropriate CAP_AUDIT_ capabilities on incoming audit
494 * control messages. 497 * control messages.
495 */ 498 */
496 static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type) 499 static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
497 { 500 {
498 int err = 0; 501 int err = 0;
499 502
500 switch (msg_type) { 503 switch (msg_type) {
501 case AUDIT_GET: 504 case AUDIT_GET:
502 case AUDIT_LIST: 505 case AUDIT_LIST:
503 case AUDIT_LIST_RULES: 506 case AUDIT_LIST_RULES:
504 case AUDIT_SET: 507 case AUDIT_SET:
505 case AUDIT_ADD: 508 case AUDIT_ADD:
506 case AUDIT_ADD_RULE: 509 case AUDIT_ADD_RULE:
507 case AUDIT_DEL: 510 case AUDIT_DEL:
508 case AUDIT_DEL_RULE: 511 case AUDIT_DEL_RULE:
509 case AUDIT_SIGNAL_INFO: 512 case AUDIT_SIGNAL_INFO:
510 case AUDIT_TTY_GET: 513 case AUDIT_TTY_GET:
511 case AUDIT_TTY_SET: 514 case AUDIT_TTY_SET:
512 case AUDIT_TRIM: 515 case AUDIT_TRIM:
513 case AUDIT_MAKE_EQUIV: 516 case AUDIT_MAKE_EQUIV:
514 if (security_netlink_recv(skb, CAP_AUDIT_CONTROL)) 517 if (security_netlink_recv(skb, CAP_AUDIT_CONTROL))
515 err = -EPERM; 518 err = -EPERM;
516 break; 519 break;
517 case AUDIT_USER: 520 case AUDIT_USER:
518 case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG: 521 case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:
519 case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2: 522 case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2:
520 if (security_netlink_recv(skb, CAP_AUDIT_WRITE)) 523 if (security_netlink_recv(skb, CAP_AUDIT_WRITE))
521 err = -EPERM; 524 err = -EPERM;
522 break; 525 break;
523 default: /* bad msg */ 526 default: /* bad msg */
524 err = -EINVAL; 527 err = -EINVAL;
525 } 528 }
526 529
527 return err; 530 return err;
528 } 531 }
529 532
530 static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type, 533 static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
531 u32 pid, u32 uid, uid_t auid, u32 sid) 534 u32 pid, u32 uid, uid_t auid, u32 sid)
532 { 535 {
533 int rc = 0; 536 int rc = 0;
534 char *ctx = NULL; 537 char *ctx = NULL;
535 u32 len; 538 u32 len;
536 539
537 if (!audit_enabled) { 540 if (!audit_enabled) {
538 *ab = NULL; 541 *ab = NULL;
539 return rc; 542 return rc;
540 } 543 }
541 544
542 *ab = audit_log_start(NULL, GFP_KERNEL, msg_type); 545 *ab = audit_log_start(NULL, GFP_KERNEL, msg_type);
543 audit_log_format(*ab, "user pid=%d uid=%u auid=%u", 546 audit_log_format(*ab, "user pid=%d uid=%u auid=%u",
544 pid, uid, auid); 547 pid, uid, auid);
545 if (sid) { 548 if (sid) {
546 rc = selinux_sid_to_string(sid, &ctx, &len); 549 rc = selinux_sid_to_string(sid, &ctx, &len);
547 if (rc) 550 if (rc)
548 audit_log_format(*ab, " ssid=%u", sid); 551 audit_log_format(*ab, " ssid=%u", sid);
549 else 552 else
550 audit_log_format(*ab, " subj=%s", ctx); 553 audit_log_format(*ab, " subj=%s", ctx);
551 kfree(ctx); 554 kfree(ctx);
552 } 555 }
553 556
554 return rc; 557 return rc;
555 } 558 }
556 559
557 static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) 560 static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
558 { 561 {
559 u32 uid, pid, seq, sid; 562 u32 uid, pid, seq, sid;
560 void *data; 563 void *data;
561 struct audit_status *status_get, status_set; 564 struct audit_status *status_get, status_set;
562 int err; 565 int err;
563 struct audit_buffer *ab; 566 struct audit_buffer *ab;
564 u16 msg_type = nlh->nlmsg_type; 567 u16 msg_type = nlh->nlmsg_type;
565 uid_t loginuid; /* loginuid of sender */ 568 uid_t loginuid; /* loginuid of sender */
566 struct audit_sig_info *sig_data; 569 struct audit_sig_info *sig_data;
567 char *ctx = NULL; 570 char *ctx = NULL;
568 u32 len; 571 u32 len;
569 572
570 err = audit_netlink_ok(skb, msg_type); 573 err = audit_netlink_ok(skb, msg_type);
571 if (err) 574 if (err)
572 return err; 575 return err;
573 576
574 /* As soon as there's any sign of userspace auditd, 577 /* As soon as there's any sign of userspace auditd,
575 * start kauditd to talk to it */ 578 * start kauditd to talk to it */
576 if (!kauditd_task) 579 if (!kauditd_task)
577 kauditd_task = kthread_run(kauditd_thread, NULL, "kauditd"); 580 kauditd_task = kthread_run(kauditd_thread, NULL, "kauditd");
578 if (IS_ERR(kauditd_task)) { 581 if (IS_ERR(kauditd_task)) {
579 err = PTR_ERR(kauditd_task); 582 err = PTR_ERR(kauditd_task);
580 kauditd_task = NULL; 583 kauditd_task = NULL;
581 return err; 584 return err;
582 } 585 }
583 586
584 pid = NETLINK_CREDS(skb)->pid; 587 pid = NETLINK_CREDS(skb)->pid;
585 uid = NETLINK_CREDS(skb)->uid; 588 uid = NETLINK_CREDS(skb)->uid;
586 loginuid = NETLINK_CB(skb).loginuid; 589 loginuid = NETLINK_CB(skb).loginuid;
587 sid = NETLINK_CB(skb).sid; 590 sid = NETLINK_CB(skb).sid;
588 seq = nlh->nlmsg_seq; 591 seq = nlh->nlmsg_seq;
589 data = NLMSG_DATA(nlh); 592 data = NLMSG_DATA(nlh);
590 593
591 switch (msg_type) { 594 switch (msg_type) {
592 case AUDIT_GET: 595 case AUDIT_GET:
593 status_set.enabled = audit_enabled; 596 status_set.enabled = audit_enabled;
594 status_set.failure = audit_failure; 597 status_set.failure = audit_failure;
595 status_set.pid = audit_pid; 598 status_set.pid = audit_pid;
596 status_set.rate_limit = audit_rate_limit; 599 status_set.rate_limit = audit_rate_limit;
597 status_set.backlog_limit = audit_backlog_limit; 600 status_set.backlog_limit = audit_backlog_limit;
598 status_set.lost = atomic_read(&audit_lost); 601 status_set.lost = atomic_read(&audit_lost);
599 status_set.backlog = skb_queue_len(&audit_skb_queue); 602 status_set.backlog = skb_queue_len(&audit_skb_queue);
600 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_GET, 0, 0, 603 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_GET, 0, 0,
601 &status_set, sizeof(status_set)); 604 &status_set, sizeof(status_set));
602 break; 605 break;
603 case AUDIT_SET: 606 case AUDIT_SET:
604 if (nlh->nlmsg_len < sizeof(struct audit_status)) 607 if (nlh->nlmsg_len < sizeof(struct audit_status))
605 return -EINVAL; 608 return -EINVAL;
606 status_get = (struct audit_status *)data; 609 status_get = (struct audit_status *)data;
607 if (status_get->mask & AUDIT_STATUS_ENABLED) { 610 if (status_get->mask & AUDIT_STATUS_ENABLED) {
608 err = audit_set_enabled(status_get->enabled, 611 err = audit_set_enabled(status_get->enabled,
609 loginuid, sid); 612 loginuid, sid);
610 if (err < 0) return err; 613 if (err < 0) return err;
611 } 614 }
612 if (status_get->mask & AUDIT_STATUS_FAILURE) { 615 if (status_get->mask & AUDIT_STATUS_FAILURE) {
613 err = audit_set_failure(status_get->failure, 616 err = audit_set_failure(status_get->failure,
614 loginuid, sid); 617 loginuid, sid);
615 if (err < 0) return err; 618 if (err < 0) return err;
616 } 619 }
617 if (status_get->mask & AUDIT_STATUS_PID) { 620 if (status_get->mask & AUDIT_STATUS_PID) {
618 int new_pid = status_get->pid; 621 int new_pid = status_get->pid;
619 622
620 if (audit_enabled != AUDIT_OFF) 623 if (audit_enabled != AUDIT_OFF)
621 audit_log_config_change("audit_pid", new_pid, 624 audit_log_config_change("audit_pid", new_pid,
622 audit_pid, loginuid, 625 audit_pid, loginuid,
623 sid, 1); 626 sid, 1);
624 627
625 audit_pid = new_pid; 628 audit_pid = new_pid;
626 } 629 }
627 if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) 630 if (status_get->mask & AUDIT_STATUS_RATE_LIMIT)
628 err = audit_set_rate_limit(status_get->rate_limit, 631 err = audit_set_rate_limit(status_get->rate_limit,
629 loginuid, sid); 632 loginuid, sid);
630 if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) 633 if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
631 err = audit_set_backlog_limit(status_get->backlog_limit, 634 err = audit_set_backlog_limit(status_get->backlog_limit,
632 loginuid, sid); 635 loginuid, sid);
633 break; 636 break;
634 case AUDIT_USER: 637 case AUDIT_USER:
635 case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG: 638 case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:
636 case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2: 639 case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2:
637 if (!audit_enabled && msg_type != AUDIT_USER_AVC) 640 if (!audit_enabled && msg_type != AUDIT_USER_AVC)
638 return 0; 641 return 0;
639 642
640 err = audit_filter_user(&NETLINK_CB(skb), msg_type); 643 err = audit_filter_user(&NETLINK_CB(skb), msg_type);
641 if (err == 1) { 644 if (err == 1) {
642 err = 0; 645 err = 0;
643 if (msg_type == AUDIT_USER_TTY) { 646 if (msg_type == AUDIT_USER_TTY) {
644 err = audit_prepare_user_tty(pid, loginuid); 647 err = audit_prepare_user_tty(pid, loginuid);
645 if (err) 648 if (err)
646 break; 649 break;
647 } 650 }
648 audit_log_common_recv_msg(&ab, msg_type, pid, uid, 651 audit_log_common_recv_msg(&ab, msg_type, pid, uid,
649 loginuid, sid); 652 loginuid, sid);
650 653
651 if (msg_type != AUDIT_USER_TTY) 654 if (msg_type != AUDIT_USER_TTY)
652 audit_log_format(ab, " msg='%.1024s'", 655 audit_log_format(ab, " msg='%.1024s'",
653 (char *)data); 656 (char *)data);
654 else { 657 else {
655 int size; 658 int size;
656 659
657 audit_log_format(ab, " msg="); 660 audit_log_format(ab, " msg=");
658 size = nlmsg_len(nlh); 661 size = nlmsg_len(nlh);
659 audit_log_n_untrustedstring(ab, size, 662 audit_log_n_untrustedstring(ab, size,
660 data); 663 data);
661 } 664 }
662 audit_set_pid(ab, pid); 665 audit_set_pid(ab, pid);
663 audit_log_end(ab); 666 audit_log_end(ab);
664 } 667 }
665 break; 668 break;
666 case AUDIT_ADD: 669 case AUDIT_ADD:
667 case AUDIT_DEL: 670 case AUDIT_DEL:
668 if (nlmsg_len(nlh) < sizeof(struct audit_rule)) 671 if (nlmsg_len(nlh) < sizeof(struct audit_rule))
669 return -EINVAL; 672 return -EINVAL;
670 if (audit_enabled == AUDIT_LOCKED) { 673 if (audit_enabled == AUDIT_LOCKED) {
671 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid, 674 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
672 uid, loginuid, sid); 675 uid, loginuid, sid);
673 676
674 audit_log_format(ab, " audit_enabled=%d res=0", 677 audit_log_format(ab, " audit_enabled=%d res=0",
675 audit_enabled); 678 audit_enabled);
676 audit_log_end(ab); 679 audit_log_end(ab);
677 return -EPERM; 680 return -EPERM;
678 } 681 }
679 /* fallthrough */ 682 /* fallthrough */
680 case AUDIT_LIST: 683 case AUDIT_LIST:
681 err = audit_receive_filter(nlh->nlmsg_type, NETLINK_CB(skb).pid, 684 err = audit_receive_filter(nlh->nlmsg_type, NETLINK_CB(skb).pid,
682 uid, seq, data, nlmsg_len(nlh), 685 uid, seq, data, nlmsg_len(nlh),
683 loginuid, sid); 686 loginuid, sid);
684 break; 687 break;
685 case AUDIT_ADD_RULE: 688 case AUDIT_ADD_RULE:
686 case AUDIT_DEL_RULE: 689 case AUDIT_DEL_RULE:
687 if (nlmsg_len(nlh) < sizeof(struct audit_rule_data)) 690 if (nlmsg_len(nlh) < sizeof(struct audit_rule_data))
688 return -EINVAL; 691 return -EINVAL;
689 if (audit_enabled == AUDIT_LOCKED) { 692 if (audit_enabled == AUDIT_LOCKED) {
690 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid, 693 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
691 uid, loginuid, sid); 694 uid, loginuid, sid);
692 695
693 audit_log_format(ab, " audit_enabled=%d res=0", 696 audit_log_format(ab, " audit_enabled=%d res=0",
694 audit_enabled); 697 audit_enabled);
695 audit_log_end(ab); 698 audit_log_end(ab);
696 return -EPERM; 699 return -EPERM;
697 } 700 }
698 /* fallthrough */ 701 /* fallthrough */
699 case AUDIT_LIST_RULES: 702 case AUDIT_LIST_RULES:
700 err = audit_receive_filter(nlh->nlmsg_type, NETLINK_CB(skb).pid, 703 err = audit_receive_filter(nlh->nlmsg_type, NETLINK_CB(skb).pid,
701 uid, seq, data, nlmsg_len(nlh), 704 uid, seq, data, nlmsg_len(nlh),
702 loginuid, sid); 705 loginuid, sid);
703 break; 706 break;
704 case AUDIT_TRIM: 707 case AUDIT_TRIM:
705 audit_trim_trees(); 708 audit_trim_trees();
706 709
707 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid, 710 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
708 uid, loginuid, sid); 711 uid, loginuid, sid);
709 712
710 audit_log_format(ab, " op=trim res=1"); 713 audit_log_format(ab, " op=trim res=1");
711 audit_log_end(ab); 714 audit_log_end(ab);
712 break; 715 break;
713 case AUDIT_MAKE_EQUIV: { 716 case AUDIT_MAKE_EQUIV: {
714 void *bufp = data; 717 void *bufp = data;
715 u32 sizes[2]; 718 u32 sizes[2];
716 size_t len = nlmsg_len(nlh); 719 size_t len = nlmsg_len(nlh);
717 char *old, *new; 720 char *old, *new;
718 721
719 err = -EINVAL; 722 err = -EINVAL;
720 if (len < 2 * sizeof(u32)) 723 if (len < 2 * sizeof(u32))
721 break; 724 break;
722 memcpy(sizes, bufp, 2 * sizeof(u32)); 725 memcpy(sizes, bufp, 2 * sizeof(u32));
723 bufp += 2 * sizeof(u32); 726 bufp += 2 * sizeof(u32);
724 len -= 2 * sizeof(u32); 727 len -= 2 * sizeof(u32);
725 old = audit_unpack_string(&bufp, &len, sizes[0]); 728 old = audit_unpack_string(&bufp, &len, sizes[0]);
726 if (IS_ERR(old)) { 729 if (IS_ERR(old)) {
727 err = PTR_ERR(old); 730 err = PTR_ERR(old);
728 break; 731 break;
729 } 732 }
730 new = audit_unpack_string(&bufp, &len, sizes[1]); 733 new = audit_unpack_string(&bufp, &len, sizes[1]);
731 if (IS_ERR(new)) { 734 if (IS_ERR(new)) {
732 err = PTR_ERR(new); 735 err = PTR_ERR(new);
733 kfree(old); 736 kfree(old);
734 break; 737 break;
735 } 738 }
736 /* OK, here comes... */ 739 /* OK, here comes... */
737 err = audit_tag_tree(old, new); 740 err = audit_tag_tree(old, new);
738 741
739 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid, 742 audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, pid,
740 uid, loginuid, sid); 743 uid, loginuid, sid);
741 744
742 audit_log_format(ab, " op=make_equiv old="); 745 audit_log_format(ab, " op=make_equiv old=");
743 audit_log_untrustedstring(ab, old); 746 audit_log_untrustedstring(ab, old);
744 audit_log_format(ab, " new="); 747 audit_log_format(ab, " new=");
745 audit_log_untrustedstring(ab, new); 748 audit_log_untrustedstring(ab, new);
746 audit_log_format(ab, " res=%d", !err); 749 audit_log_format(ab, " res=%d", !err);
747 audit_log_end(ab); 750 audit_log_end(ab);
748 kfree(old); 751 kfree(old);
749 kfree(new); 752 kfree(new);
750 break; 753 break;
751 } 754 }
752 case AUDIT_SIGNAL_INFO: 755 case AUDIT_SIGNAL_INFO:
753 err = selinux_sid_to_string(audit_sig_sid, &ctx, &len); 756 err = selinux_sid_to_string(audit_sig_sid, &ctx, &len);
754 if (err) 757 if (err)
755 return err; 758 return err;
756 sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL); 759 sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL);
757 if (!sig_data) { 760 if (!sig_data) {
758 kfree(ctx); 761 kfree(ctx);
759 return -ENOMEM; 762 return -ENOMEM;
760 } 763 }
761 sig_data->uid = audit_sig_uid; 764 sig_data->uid = audit_sig_uid;
762 sig_data->pid = audit_sig_pid; 765 sig_data->pid = audit_sig_pid;
763 memcpy(sig_data->ctx, ctx, len); 766 memcpy(sig_data->ctx, ctx, len);
764 kfree(ctx); 767 kfree(ctx);
765 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO, 768 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
766 0, 0, sig_data, sizeof(*sig_data) + len); 769 0, 0, sig_data, sizeof(*sig_data) + len);
767 kfree(sig_data); 770 kfree(sig_data);
768 break; 771 break;
769 case AUDIT_TTY_GET: { 772 case AUDIT_TTY_GET: {
770 struct audit_tty_status s; 773 struct audit_tty_status s;
771 struct task_struct *tsk; 774 struct task_struct *tsk;
772 775
773 read_lock(&tasklist_lock); 776 read_lock(&tasklist_lock);
774 tsk = find_task_by_pid(pid); 777 tsk = find_task_by_pid(pid);
775 if (!tsk) 778 if (!tsk)
776 err = -ESRCH; 779 err = -ESRCH;
777 else { 780 else {
778 spin_lock_irq(&tsk->sighand->siglock); 781 spin_lock_irq(&tsk->sighand->siglock);
779 s.enabled = tsk->signal->audit_tty != 0; 782 s.enabled = tsk->signal->audit_tty != 0;
780 spin_unlock_irq(&tsk->sighand->siglock); 783 spin_unlock_irq(&tsk->sighand->siglock);
781 } 784 }
782 read_unlock(&tasklist_lock); 785 read_unlock(&tasklist_lock);
783 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_TTY_GET, 0, 0, 786 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_TTY_GET, 0, 0,
784 &s, sizeof(s)); 787 &s, sizeof(s));
785 break; 788 break;
786 } 789 }
787 case AUDIT_TTY_SET: { 790 case AUDIT_TTY_SET: {
788 struct audit_tty_status *s; 791 struct audit_tty_status *s;
789 struct task_struct *tsk; 792 struct task_struct *tsk;
790 793
791 if (nlh->nlmsg_len < sizeof(struct audit_tty_status)) 794 if (nlh->nlmsg_len < sizeof(struct audit_tty_status))
792 return -EINVAL; 795 return -EINVAL;
793 s = data; 796 s = data;
794 if (s->enabled != 0 && s->enabled != 1) 797 if (s->enabled != 0 && s->enabled != 1)
795 return -EINVAL; 798 return -EINVAL;
796 read_lock(&tasklist_lock); 799 read_lock(&tasklist_lock);
797 tsk = find_task_by_pid(pid); 800 tsk = find_task_by_pid(pid);
798 if (!tsk) 801 if (!tsk)
799 err = -ESRCH; 802 err = -ESRCH;
800 else { 803 else {
801 spin_lock_irq(&tsk->sighand->siglock); 804 spin_lock_irq(&tsk->sighand->siglock);
802 tsk->signal->audit_tty = s->enabled != 0; 805 tsk->signal->audit_tty = s->enabled != 0;
803 spin_unlock_irq(&tsk->sighand->siglock); 806 spin_unlock_irq(&tsk->sighand->siglock);
804 } 807 }
805 read_unlock(&tasklist_lock); 808 read_unlock(&tasklist_lock);
806 break; 809 break;
807 } 810 }
808 default: 811 default:
809 err = -EINVAL; 812 err = -EINVAL;
810 break; 813 break;
811 } 814 }
812 815
813 return err < 0 ? err : 0; 816 return err < 0 ? err : 0;
814 } 817 }
815 818
816 /* 819 /*
817 * Get message from skb (based on rtnetlink_rcv_skb). Each message is 820 * Get message from skb (based on rtnetlink_rcv_skb). Each message is
818 * processed by audit_receive_msg. Malformed skbs with wrong length are 821 * processed by audit_receive_msg. Malformed skbs with wrong length are
819 * discarded silently. 822 * discarded silently.
820 */ 823 */
821 static void audit_receive_skb(struct sk_buff *skb) 824 static void audit_receive_skb(struct sk_buff *skb)
822 { 825 {
823 int err; 826 int err;
824 struct nlmsghdr *nlh; 827 struct nlmsghdr *nlh;
825 u32 rlen; 828 u32 rlen;
826 829
827 while (skb->len >= NLMSG_SPACE(0)) { 830 while (skb->len >= NLMSG_SPACE(0)) {
828 nlh = nlmsg_hdr(skb); 831 nlh = nlmsg_hdr(skb);
829 if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len) 832 if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len)
830 return; 833 return;
831 rlen = NLMSG_ALIGN(nlh->nlmsg_len); 834 rlen = NLMSG_ALIGN(nlh->nlmsg_len);
832 if (rlen > skb->len) 835 if (rlen > skb->len)
833 rlen = skb->len; 836 rlen = skb->len;
834 if ((err = audit_receive_msg(skb, nlh))) { 837 if ((err = audit_receive_msg(skb, nlh))) {
835 netlink_ack(skb, nlh, err); 838 netlink_ack(skb, nlh, err);
836 } else if (nlh->nlmsg_flags & NLM_F_ACK) 839 } else if (nlh->nlmsg_flags & NLM_F_ACK)
837 netlink_ack(skb, nlh, 0); 840 netlink_ack(skb, nlh, 0);
838 skb_pull(skb, rlen); 841 skb_pull(skb, rlen);
839 } 842 }
840 } 843 }
841 844
842 /* Receive messages from netlink socket. */ 845 /* Receive messages from netlink socket. */
843 static void audit_receive(struct sk_buff *skb) 846 static void audit_receive(struct sk_buff *skb)
844 { 847 {
845 mutex_lock(&audit_cmd_mutex); 848 mutex_lock(&audit_cmd_mutex);
846 audit_receive_skb(skb); 849 audit_receive_skb(skb);
847 mutex_unlock(&audit_cmd_mutex); 850 mutex_unlock(&audit_cmd_mutex);
848 } 851 }
849 852
850 #ifdef CONFIG_AUDITSYSCALL 853 #ifdef CONFIG_AUDITSYSCALL
851 static const struct inotify_operations audit_inotify_ops = { 854 static const struct inotify_operations audit_inotify_ops = {
852 .handle_event = audit_handle_ievent, 855 .handle_event = audit_handle_ievent,
853 .destroy_watch = audit_free_parent, 856 .destroy_watch = audit_free_parent,
854 }; 857 };
855 #endif 858 #endif
856 859
857 /* Initialize audit support at boot time. */ 860 /* Initialize audit support at boot time. */
858 static int __init audit_init(void) 861 static int __init audit_init(void)
859 { 862 {
860 int i; 863 int i;
861 864
862 printk(KERN_INFO "audit: initializing netlink socket (%s)\n", 865 printk(KERN_INFO "audit: initializing netlink socket (%s)\n",
863 audit_default ? "enabled" : "disabled"); 866 audit_default ? "enabled" : "disabled");
864 audit_sock = netlink_kernel_create(&init_net, NETLINK_AUDIT, 0, 867 audit_sock = netlink_kernel_create(&init_net, NETLINK_AUDIT, 0,
865 audit_receive, NULL, THIS_MODULE); 868 audit_receive, NULL, THIS_MODULE);
866 if (!audit_sock) 869 if (!audit_sock)
867 audit_panic("cannot initialize netlink socket"); 870 audit_panic("cannot initialize netlink socket");
868 else 871 else
869 audit_sock->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT; 872 audit_sock->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
870 873
871 skb_queue_head_init(&audit_skb_queue); 874 skb_queue_head_init(&audit_skb_queue);
872 audit_initialized = 1; 875 audit_initialized = 1;
873 audit_enabled = audit_default; 876 audit_enabled = audit_default;
874 audit_ever_enabled |= !!audit_default; 877 audit_ever_enabled |= !!audit_default;
875 878
876 /* Register the callback with selinux. This callback will be invoked 879 /* Register the callback with selinux. This callback will be invoked
877 * when a new policy is loaded. */ 880 * when a new policy is loaded. */
878 selinux_audit_set_callback(&selinux_audit_rule_update); 881 selinux_audit_set_callback(&selinux_audit_rule_update);
879 882
880 audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized"); 883 audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized");
881 884
882 #ifdef CONFIG_AUDITSYSCALL 885 #ifdef CONFIG_AUDITSYSCALL
883 audit_ih = inotify_init(&audit_inotify_ops); 886 audit_ih = inotify_init(&audit_inotify_ops);
884 if (IS_ERR(audit_ih)) 887 if (IS_ERR(audit_ih))
885 audit_panic("cannot initialize inotify handle"); 888 audit_panic("cannot initialize inotify handle");
886 #endif 889 #endif
887 890
888 for (i = 0; i < AUDIT_INODE_BUCKETS; i++) 891 for (i = 0; i < AUDIT_INODE_BUCKETS; i++)
889 INIT_LIST_HEAD(&audit_inode_hash[i]); 892 INIT_LIST_HEAD(&audit_inode_hash[i]);
890 893
891 return 0; 894 return 0;
892 } 895 }
893 __initcall(audit_init); 896 __initcall(audit_init);
894 897
895 /* Process kernel command-line parameter at boot time. audit=0 or audit=1. */ 898 /* Process kernel command-line parameter at boot time. audit=0 or audit=1. */
896 static int __init audit_enable(char *str) 899 static int __init audit_enable(char *str)
897 { 900 {
898 audit_default = !!simple_strtol(str, NULL, 0); 901 audit_default = !!simple_strtol(str, NULL, 0);
899 printk(KERN_INFO "audit: %s%s\n", 902 printk(KERN_INFO "audit: %s%s\n",
900 audit_default ? "enabled" : "disabled", 903 audit_default ? "enabled" : "disabled",
901 audit_initialized ? "" : " (after initialization)"); 904 audit_initialized ? "" : " (after initialization)");
902 if (audit_initialized) { 905 if (audit_initialized) {
903 audit_enabled = audit_default; 906 audit_enabled = audit_default;
904 audit_ever_enabled |= !!audit_default; 907 audit_ever_enabled |= !!audit_default;
905 } 908 }
906 return 1; 909 return 1;
907 } 910 }
908 911
909 __setup("audit=", audit_enable); 912 __setup("audit=", audit_enable);
910 913
911 static void audit_buffer_free(struct audit_buffer *ab) 914 static void audit_buffer_free(struct audit_buffer *ab)
912 { 915 {
913 unsigned long flags; 916 unsigned long flags;
914 917
915 if (!ab) 918 if (!ab)
916 return; 919 return;
917 920
918 if (ab->skb) 921 if (ab->skb)
919 kfree_skb(ab->skb); 922 kfree_skb(ab->skb);
920 923
921 spin_lock_irqsave(&audit_freelist_lock, flags); 924 spin_lock_irqsave(&audit_freelist_lock, flags);
922 if (audit_freelist_count > AUDIT_MAXFREE) 925 if (audit_freelist_count > AUDIT_MAXFREE)
923 kfree(ab); 926 kfree(ab);
924 else { 927 else {
925 audit_freelist_count++; 928 audit_freelist_count++;
926 list_add(&ab->list, &audit_freelist); 929 list_add(&ab->list, &audit_freelist);
927 } 930 }
928 spin_unlock_irqrestore(&audit_freelist_lock, flags); 931 spin_unlock_irqrestore(&audit_freelist_lock, flags);
929 } 932 }
930 933
931 static struct audit_buffer * audit_buffer_alloc(struct audit_context *ctx, 934 static struct audit_buffer * audit_buffer_alloc(struct audit_context *ctx,
932 gfp_t gfp_mask, int type) 935 gfp_t gfp_mask, int type)
933 { 936 {
934 unsigned long flags; 937 unsigned long flags;
935 struct audit_buffer *ab = NULL; 938 struct audit_buffer *ab = NULL;
936 struct nlmsghdr *nlh; 939 struct nlmsghdr *nlh;
937 940
938 spin_lock_irqsave(&audit_freelist_lock, flags); 941 spin_lock_irqsave(&audit_freelist_lock, flags);
939 if (!list_empty(&audit_freelist)) { 942 if (!list_empty(&audit_freelist)) {
940 ab = list_entry(audit_freelist.next, 943 ab = list_entry(audit_freelist.next,
941 struct audit_buffer, list); 944 struct audit_buffer, list);
942 list_del(&ab->list); 945 list_del(&ab->list);
943 --audit_freelist_count; 946 --audit_freelist_count;
944 } 947 }
945 spin_unlock_irqrestore(&audit_freelist_lock, flags); 948 spin_unlock_irqrestore(&audit_freelist_lock, flags);
946 949
947 if (!ab) { 950 if (!ab) {
948 ab = kmalloc(sizeof(*ab), gfp_mask); 951 ab = kmalloc(sizeof(*ab), gfp_mask);
949 if (!ab) 952 if (!ab)
950 goto err; 953 goto err;
951 } 954 }
952 955
953 ab->skb = alloc_skb(AUDIT_BUFSIZ, gfp_mask); 956 ab->skb = alloc_skb(AUDIT_BUFSIZ, gfp_mask);
954 if (!ab->skb) 957 if (!ab->skb)
955 goto err; 958 goto err;
956 959
957 ab->ctx = ctx; 960 ab->ctx = ctx;
958 ab->gfp_mask = gfp_mask; 961 ab->gfp_mask = gfp_mask;
959 nlh = (struct nlmsghdr *)skb_put(ab->skb, NLMSG_SPACE(0)); 962 nlh = (struct nlmsghdr *)skb_put(ab->skb, NLMSG_SPACE(0));
960 nlh->nlmsg_type = type; 963 nlh->nlmsg_type = type;
961 nlh->nlmsg_flags = 0; 964 nlh->nlmsg_flags = 0;
962 nlh->nlmsg_pid = 0; 965 nlh->nlmsg_pid = 0;
963 nlh->nlmsg_seq = 0; 966 nlh->nlmsg_seq = 0;
964 return ab; 967 return ab;
965 err: 968 err:
966 audit_buffer_free(ab); 969 audit_buffer_free(ab);
967 return NULL; 970 return NULL;
968 } 971 }
969 972
970 /** 973 /**
971 * audit_serial - compute a serial number for the audit record 974 * audit_serial - compute a serial number for the audit record
972 * 975 *
973 * Compute a serial number for the audit record. Audit records are 976 * Compute a serial number for the audit record. Audit records are
974 * written to user-space as soon as they are generated, so a complete 977 * written to user-space as soon as they are generated, so a complete
975 * audit record may be written in several pieces. The timestamp of the 978 * audit record may be written in several pieces. The timestamp of the
976 * record and this serial number are used by the user-space tools to 979 * record and this serial number are used by the user-space tools to
977 * determine which pieces belong to the same audit record. The 980 * determine which pieces belong to the same audit record. The
978 * (timestamp,serial) tuple is unique for each syscall and is live from 981 * (timestamp,serial) tuple is unique for each syscall and is live from
979 * syscall entry to syscall exit. 982 * syscall entry to syscall exit.
980 * 983 *
981 * NOTE: Another possibility is to store the formatted records off the 984 * NOTE: Another possibility is to store the formatted records off the
982 * audit context (for those records that have a context), and emit them 985 * audit context (for those records that have a context), and emit them
983 * all at syscall exit. However, this could delay the reporting of 986 * all at syscall exit. However, this could delay the reporting of
984 * significant errors until syscall exit (or never, if the system 987 * significant errors until syscall exit (or never, if the system
985 * halts). 988 * halts).
986 */ 989 */
987 unsigned int audit_serial(void) 990 unsigned int audit_serial(void)
988 { 991 {
989 static DEFINE_SPINLOCK(serial_lock); 992 static DEFINE_SPINLOCK(serial_lock);
990 static unsigned int serial = 0; 993 static unsigned int serial = 0;
991 994
992 unsigned long flags; 995 unsigned long flags;
993 unsigned int ret; 996 unsigned int ret;
994 997
995 spin_lock_irqsave(&serial_lock, flags); 998 spin_lock_irqsave(&serial_lock, flags);
996 do { 999 do {
997 ret = ++serial; 1000 ret = ++serial;
998 } while (unlikely(!ret)); 1001 } while (unlikely(!ret));
999 spin_unlock_irqrestore(&serial_lock, flags); 1002 spin_unlock_irqrestore(&serial_lock, flags);
1000 1003
1001 return ret; 1004 return ret;
1002 } 1005 }
1003 1006
1004 static inline void audit_get_stamp(struct audit_context *ctx, 1007 static inline void audit_get_stamp(struct audit_context *ctx,
1005 struct timespec *t, unsigned int *serial) 1008 struct timespec *t, unsigned int *serial)
1006 { 1009 {
1007 if (ctx) 1010 if (ctx)
1008 auditsc_get_stamp(ctx, t, serial); 1011 auditsc_get_stamp(ctx, t, serial);
1009 else { 1012 else {
1010 *t = CURRENT_TIME; 1013 *t = CURRENT_TIME;
1011 *serial = audit_serial(); 1014 *serial = audit_serial();
1012 } 1015 }
1013 } 1016 }
1014 1017
1015 /* Obtain an audit buffer. This routine does locking to obtain the 1018 /* Obtain an audit buffer. This routine does locking to obtain the
1016 * audit buffer, but then no locking is required for calls to 1019 * audit buffer, but then no locking is required for calls to
1017 * audit_log_*format. If the tsk is a task that is currently in a 1020 * audit_log_*format. If the tsk is a task that is currently in a
1018 * syscall, then the syscall is marked as auditable and an audit record 1021 * syscall, then the syscall is marked as auditable and an audit record
1019 * will be written at syscall exit. If there is no associated task, tsk 1022 * will be written at syscall exit. If there is no associated task, tsk
1020 * should be NULL. */ 1023 * should be NULL. */
1021 1024
1022 /** 1025 /**
1023 * audit_log_start - obtain an audit buffer 1026 * audit_log_start - obtain an audit buffer
1024 * @ctx: audit_context (may be NULL) 1027 * @ctx: audit_context (may be NULL)
1025 * @gfp_mask: type of allocation 1028 * @gfp_mask: type of allocation
1026 * @type: audit message type 1029 * @type: audit message type
1027 * 1030 *
1028 * Returns audit_buffer pointer on success or NULL on error. 1031 * Returns audit_buffer pointer on success or NULL on error.
1029 * 1032 *
1030 * Obtain an audit buffer. This routine does locking to obtain the 1033 * Obtain an audit buffer. This routine does locking to obtain the
1031 * audit buffer, but then no locking is required for calls to 1034 * audit buffer, but then no locking is required for calls to
1032 * audit_log_*format. If the task (ctx) is a task that is currently in a 1035 * audit_log_*format. If the task (ctx) is a task that is currently in a
1033 * syscall, then the syscall is marked as auditable and an audit record 1036 * syscall, then the syscall is marked as auditable and an audit record
1034 * will be written at syscall exit. If there is no associated task, then 1037 * will be written at syscall exit. If there is no associated task, then
1035 * task context (ctx) should be NULL. 1038 * task context (ctx) should be NULL.
1036 */ 1039 */
1037 struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, 1040 struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask,
1038 int type) 1041 int type)
1039 { 1042 {
1040 struct audit_buffer *ab = NULL; 1043 struct audit_buffer *ab = NULL;
1041 struct timespec t; 1044 struct timespec t;
1042 unsigned int uninitialized_var(serial); 1045 unsigned int uninitialized_var(serial);
1043 int reserve; 1046 int reserve;
1044 unsigned long timeout_start = jiffies; 1047 unsigned long timeout_start = jiffies;
1045 1048
1046 if (!audit_initialized) 1049 if (!audit_initialized)
1047 return NULL; 1050 return NULL;
1048 1051
1049 if (unlikely(audit_filter_type(type))) 1052 if (unlikely(audit_filter_type(type)))
1050 return NULL; 1053 return NULL;
1051 1054
1052 if (gfp_mask & __GFP_WAIT) 1055 if (gfp_mask & __GFP_WAIT)
1053 reserve = 0; 1056 reserve = 0;
1054 else 1057 else
1055 reserve = 5; /* Allow atomic callers to go up to five 1058 reserve = 5; /* Allow atomic callers to go up to five
1056 entries over the normal backlog limit */ 1059 entries over the normal backlog limit */
1057 1060
1058 while (audit_backlog_limit 1061 while (audit_backlog_limit
1059 && skb_queue_len(&audit_skb_queue) > audit_backlog_limit + reserve) { 1062 && skb_queue_len(&audit_skb_queue) > audit_backlog_limit + reserve) {
1060 if (gfp_mask & __GFP_WAIT && audit_backlog_wait_time 1063 if (gfp_mask & __GFP_WAIT && audit_backlog_wait_time
1061 && time_before(jiffies, timeout_start + audit_backlog_wait_time)) { 1064 && time_before(jiffies, timeout_start + audit_backlog_wait_time)) {
1062 1065
1063 /* Wait for auditd to drain the queue a little */ 1066 /* Wait for auditd to drain the queue a little */
1064 DECLARE_WAITQUEUE(wait, current); 1067 DECLARE_WAITQUEUE(wait, current);
1065 set_current_state(TASK_INTERRUPTIBLE); 1068 set_current_state(TASK_INTERRUPTIBLE);
1066 add_wait_queue(&audit_backlog_wait, &wait); 1069 add_wait_queue(&audit_backlog_wait, &wait);
1067 1070
1068 if (audit_backlog_limit && 1071 if (audit_backlog_limit &&
1069 skb_queue_len(&audit_skb_queue) > audit_backlog_limit) 1072 skb_queue_len(&audit_skb_queue) > audit_backlog_limit)
1070 schedule_timeout(timeout_start + audit_backlog_wait_time - jiffies); 1073 schedule_timeout(timeout_start + audit_backlog_wait_time - jiffies);
1071 1074
1072 __set_current_state(TASK_RUNNING); 1075 __set_current_state(TASK_RUNNING);
1073 remove_wait_queue(&audit_backlog_wait, &wait); 1076 remove_wait_queue(&audit_backlog_wait, &wait);
1074 continue; 1077 continue;
1075 } 1078 }
1076 if (audit_rate_check() && printk_ratelimit()) 1079 if (audit_rate_check() && printk_ratelimit())
1077 printk(KERN_WARNING 1080 printk(KERN_WARNING
1078 "audit: audit_backlog=%d > " 1081 "audit: audit_backlog=%d > "
1079 "audit_backlog_limit=%d\n", 1082 "audit_backlog_limit=%d\n",
1080 skb_queue_len(&audit_skb_queue), 1083 skb_queue_len(&audit_skb_queue),
1081 audit_backlog_limit); 1084 audit_backlog_limit);
1082 audit_log_lost("backlog limit exceeded"); 1085 audit_log_lost("backlog limit exceeded");
1083 audit_backlog_wait_time = audit_backlog_wait_overflow; 1086 audit_backlog_wait_time = audit_backlog_wait_overflow;
1084 wake_up(&audit_backlog_wait); 1087 wake_up(&audit_backlog_wait);
1085 return NULL; 1088 return NULL;
1086 } 1089 }
1087 1090
1088 ab = audit_buffer_alloc(ctx, gfp_mask, type); 1091 ab = audit_buffer_alloc(ctx, gfp_mask, type);
1089 if (!ab) { 1092 if (!ab) {
1090 audit_log_lost("out of memory in audit_log_start"); 1093 audit_log_lost("out of memory in audit_log_start");
1091 return NULL; 1094 return NULL;
1092 } 1095 }
1093 1096
1094 audit_get_stamp(ab->ctx, &t, &serial); 1097 audit_get_stamp(ab->ctx, &t, &serial);
1095 1098
1096 audit_log_format(ab, "audit(%lu.%03lu:%u): ", 1099 audit_log_format(ab, "audit(%lu.%03lu:%u): ",
1097 t.tv_sec, t.tv_nsec/1000000, serial); 1100 t.tv_sec, t.tv_nsec/1000000, serial);
1098 return ab; 1101 return ab;
1099 } 1102 }
1100 1103
1101 /** 1104 /**
1102 * audit_expand - expand skb in the audit buffer 1105 * audit_expand - expand skb in the audit buffer
1103 * @ab: audit_buffer 1106 * @ab: audit_buffer
1104 * @extra: space to add at tail of the skb 1107 * @extra: space to add at tail of the skb
1105 * 1108 *
1106 * Returns 0 (no space) on failed expansion, or available space if 1109 * Returns 0 (no space) on failed expansion, or available space if
1107 * successful. 1110 * successful.
1108 */ 1111 */
1109 static inline int audit_expand(struct audit_buffer *ab, int extra) 1112 static inline int audit_expand(struct audit_buffer *ab, int extra)
1110 { 1113 {
1111 struct sk_buff *skb = ab->skb; 1114 struct sk_buff *skb = ab->skb;
1112 int oldtail = skb_tailroom(skb); 1115 int oldtail = skb_tailroom(skb);
1113 int ret = pskb_expand_head(skb, 0, extra, ab->gfp_mask); 1116 int ret = pskb_expand_head(skb, 0, extra, ab->gfp_mask);
1114 int newtail = skb_tailroom(skb); 1117 int newtail = skb_tailroom(skb);
1115 1118
1116 if (ret < 0) { 1119 if (ret < 0) {
1117 audit_log_lost("out of memory in audit_expand"); 1120 audit_log_lost("out of memory in audit_expand");
1118 return 0; 1121 return 0;
1119 } 1122 }
1120 1123
1121 skb->truesize += newtail - oldtail; 1124 skb->truesize += newtail - oldtail;
1122 return newtail; 1125 return newtail;
1123 } 1126 }
1124 1127
1125 /* 1128 /*
1126 * Format an audit message into the audit buffer. If there isn't enough 1129 * Format an audit message into the audit buffer. If there isn't enough
1127 * room in the audit buffer, more room will be allocated and vsnprint 1130 * room in the audit buffer, more room will be allocated and vsnprint
1128 * will be called a second time. Currently, we assume that a printk 1131 * will be called a second time. Currently, we assume that a printk
1129 * can't format message larger than 1024 bytes, so we don't either. 1132 * can't format message larger than 1024 bytes, so we don't either.
1130 */ 1133 */
1131 static void audit_log_vformat(struct audit_buffer *ab, const char *fmt, 1134 static void audit_log_vformat(struct audit_buffer *ab, const char *fmt,
1132 va_list args) 1135 va_list args)
1133 { 1136 {
1134 int len, avail; 1137 int len, avail;
1135 struct sk_buff *skb; 1138 struct sk_buff *skb;
1136 va_list args2; 1139 va_list args2;
1137 1140
1138 if (!ab) 1141 if (!ab)
1139 return; 1142 return;
1140 1143
1141 BUG_ON(!ab->skb); 1144 BUG_ON(!ab->skb);
1142 skb = ab->skb; 1145 skb = ab->skb;
1143 avail = skb_tailroom(skb); 1146 avail = skb_tailroom(skb);
1144 if (avail == 0) { 1147 if (avail == 0) {
1145 avail = audit_expand(ab, AUDIT_BUFSIZ); 1148 avail = audit_expand(ab, AUDIT_BUFSIZ);
1146 if (!avail) 1149 if (!avail)
1147 goto out; 1150 goto out;
1148 } 1151 }
1149 va_copy(args2, args); 1152 va_copy(args2, args);
1150 len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args); 1153 len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args);
1151 if (len >= avail) { 1154 if (len >= avail) {
1152 /* The printk buffer is 1024 bytes long, so if we get 1155 /* The printk buffer is 1024 bytes long, so if we get
1153 * here and AUDIT_BUFSIZ is at least 1024, then we can 1156 * here and AUDIT_BUFSIZ is at least 1024, then we can
1154 * log everything that printk could have logged. */ 1157 * log everything that printk could have logged. */
1155 avail = audit_expand(ab, 1158 avail = audit_expand(ab,
1156 max_t(unsigned, AUDIT_BUFSIZ, 1+len-avail)); 1159 max_t(unsigned, AUDIT_BUFSIZ, 1+len-avail));
1157 if (!avail) 1160 if (!avail)
1158 goto out; 1161 goto out;
1159 len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args2); 1162 len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args2);
1160 } 1163 }
1161 va_end(args2); 1164 va_end(args2);
1162 if (len > 0) 1165 if (len > 0)
1163 skb_put(skb, len); 1166 skb_put(skb, len);
1164 out: 1167 out:
1165 return; 1168 return;
1166 } 1169 }
1167 1170
1168 /** 1171 /**
1169 * audit_log_format - format a message into the audit buffer. 1172 * audit_log_format - format a message into the audit buffer.
1170 * @ab: audit_buffer 1173 * @ab: audit_buffer
1171 * @fmt: format string 1174 * @fmt: format string
1172 * @...: optional parameters matching @fmt string 1175 * @...: optional parameters matching @fmt string
1173 * 1176 *
1174 * All the work is done in audit_log_vformat. 1177 * All the work is done in audit_log_vformat.
1175 */ 1178 */
1176 void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) 1179 void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
1177 { 1180 {
1178 va_list args; 1181 va_list args;
1179 1182
1180 if (!ab) 1183 if (!ab)
1181 return; 1184 return;
1182 va_start(args, fmt); 1185 va_start(args, fmt);
1183 audit_log_vformat(ab, fmt, args); 1186 audit_log_vformat(ab, fmt, args);
1184 va_end(args); 1187 va_end(args);
1185 } 1188 }
1186 1189
1187 /** 1190 /**
1188 * audit_log_hex - convert a buffer to hex and append it to the audit skb 1191 * audit_log_hex - convert a buffer to hex and append it to the audit skb
1189 * @ab: the audit_buffer 1192 * @ab: the audit_buffer
1190 * @buf: buffer to convert to hex 1193 * @buf: buffer to convert to hex
1191 * @len: length of @buf to be converted 1194 * @len: length of @buf to be converted
1192 * 1195 *
1193 * No return value; failure to expand is silently ignored. 1196 * No return value; failure to expand is silently ignored.
1194 * 1197 *
1195 * This function will take the passed buf and convert it into a string of 1198 * This function will take the passed buf and convert it into a string of
1196 * ascii hex digits. The new string is placed onto the skb. 1199 * ascii hex digits. The new string is placed onto the skb.
1197 */ 1200 */
1198 void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, 1201 void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf,
1199 size_t len) 1202 size_t len)
1200 { 1203 {
1201 int i, avail, new_len; 1204 int i, avail, new_len;
1202 unsigned char *ptr; 1205 unsigned char *ptr;
1203 struct sk_buff *skb; 1206 struct sk_buff *skb;
1204 static const unsigned char *hex = "0123456789ABCDEF"; 1207 static const unsigned char *hex = "0123456789ABCDEF";
1205 1208
1206 if (!ab) 1209 if (!ab)
1207 return; 1210 return;
1208 1211
1209 BUG_ON(!ab->skb); 1212 BUG_ON(!ab->skb);
1210 skb = ab->skb; 1213 skb = ab->skb;
1211 avail = skb_tailroom(skb); 1214 avail = skb_tailroom(skb);
1212 new_len = len<<1; 1215 new_len = len<<1;
1213 if (new_len >= avail) { 1216 if (new_len >= avail) {
1214 /* Round the buffer request up to the next multiple */ 1217 /* Round the buffer request up to the next multiple */
1215 new_len = AUDIT_BUFSIZ*(((new_len-avail)/AUDIT_BUFSIZ) + 1); 1218 new_len = AUDIT_BUFSIZ*(((new_len-avail)/AUDIT_BUFSIZ) + 1);
1216 avail = audit_expand(ab, new_len); 1219 avail = audit_expand(ab, new_len);
1217 if (!avail) 1220 if (!avail)
1218 return; 1221 return;
1219 } 1222 }
1220 1223
1221 ptr = skb_tail_pointer(skb); 1224 ptr = skb_tail_pointer(skb);
1222 for (i=0; i<len; i++) { 1225 for (i=0; i<len; i++) {
1223 *ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */ 1226 *ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */
1224 *ptr++ = hex[buf[i] & 0x0F]; /* Lower nibble */ 1227 *ptr++ = hex[buf[i] & 0x0F]; /* Lower nibble */
1225 } 1228 }
1226 *ptr = 0; 1229 *ptr = 0;
1227 skb_put(skb, len << 1); /* new string is twice the old string */ 1230 skb_put(skb, len << 1); /* new string is twice the old string */
1228 } 1231 }
1229 1232
1230 /* 1233 /*
1231 * Format a string of no more than slen characters into the audit buffer, 1234 * Format a string of no more than slen characters into the audit buffer,
1232 * enclosed in quote marks. 1235 * enclosed in quote marks.
1233 */ 1236 */
1234 static void audit_log_n_string(struct audit_buffer *ab, size_t slen, 1237 static void audit_log_n_string(struct audit_buffer *ab, size_t slen,
1235 const char *string) 1238 const char *string)
1236 { 1239 {
1237 int avail, new_len; 1240 int avail, new_len;
1238 unsigned char *ptr; 1241 unsigned char *ptr;
1239 struct sk_buff *skb; 1242 struct sk_buff *skb;
1240 1243
1241 if (!ab) 1244 if (!ab)
1242 return; 1245 return;
1243 1246
1244 BUG_ON(!ab->skb); 1247 BUG_ON(!ab->skb);
1245 skb = ab->skb; 1248 skb = ab->skb;
1246 avail = skb_tailroom(skb); 1249 avail = skb_tailroom(skb);
1247 new_len = slen + 3; /* enclosing quotes + null terminator */ 1250 new_len = slen + 3; /* enclosing quotes + null terminator */
1248 if (new_len > avail) { 1251 if (new_len > avail) {
1249 avail = audit_expand(ab, new_len); 1252 avail = audit_expand(ab, new_len);
1250 if (!avail) 1253 if (!avail)
1251 return; 1254 return;
1252 } 1255 }
1253 ptr = skb_tail_pointer(skb); 1256 ptr = skb_tail_pointer(skb);
1254 *ptr++ = '"'; 1257 *ptr++ = '"';
1255 memcpy(ptr, string, slen); 1258 memcpy(ptr, string, slen);
1256 ptr += slen; 1259 ptr += slen;
1257 *ptr++ = '"'; 1260 *ptr++ = '"';
1258 *ptr = 0; 1261 *ptr = 0;
1259 skb_put(skb, slen + 2); /* don't include null terminator */ 1262 skb_put(skb, slen + 2); /* don't include null terminator */
1260 } 1263 }
1261 1264
1262 /** 1265 /**
1263 * audit_string_contains_control - does a string need to be logged in hex 1266 * audit_string_contains_control - does a string need to be logged in hex
1264 * @string - string to be checked 1267 * @string - string to be checked
1265 * @len - max length of the string to check 1268 * @len - max length of the string to check
1266 */ 1269 */
1267 int audit_string_contains_control(const char *string, size_t len) 1270 int audit_string_contains_control(const char *string, size_t len)
1268 { 1271 {
1269 const unsigned char *p; 1272 const unsigned char *p;
1270 for (p = string; p < (const unsigned char *)string + len && *p; p++) { 1273 for (p = string; p < (const unsigned char *)string + len && *p; p++) {
1271 if (*p == '"' || *p < 0x21 || *p > 0x7f) 1274 if (*p == '"' || *p < 0x21 || *p > 0x7f)
1272 return 1; 1275 return 1;
1273 } 1276 }
1274 return 0; 1277 return 0;
1275 } 1278 }
1276 1279
1277 /** 1280 /**
1278 * audit_log_n_untrustedstring - log a string that may contain random characters 1281 * audit_log_n_untrustedstring - log a string that may contain random characters
1279 * @ab: audit_buffer 1282 * @ab: audit_buffer
1280 * @len: lenth of string (not including trailing null) 1283 * @len: lenth of string (not including trailing null)
1281 * @string: string to be logged 1284 * @string: string to be logged
1282 * 1285 *
1283 * This code will escape a string that is passed to it if the string 1286 * This code will escape a string that is passed to it if the string
1284 * contains a control character, unprintable character, double quote mark, 1287 * contains a control character, unprintable character, double quote mark,
1285 * or a space. Unescaped strings will start and end with a double quote mark. 1288 * or a space. Unescaped strings will start and end with a double quote mark.
1286 * Strings that are escaped are printed in hex (2 digits per char). 1289 * Strings that are escaped are printed in hex (2 digits per char).
1287 * 1290 *
1288 * The caller specifies the number of characters in the string to log, which may 1291 * The caller specifies the number of characters in the string to log, which may
1289 * or may not be the entire string. 1292 * or may not be the entire string.
1290 */ 1293 */
1291 void audit_log_n_untrustedstring(struct audit_buffer *ab, size_t len, 1294 void audit_log_n_untrustedstring(struct audit_buffer *ab, size_t len,
1292 const char *string) 1295 const char *string)
1293 { 1296 {
1294 if (audit_string_contains_control(string, len)) 1297 if (audit_string_contains_control(string, len))
1295 audit_log_hex(ab, string, len); 1298 audit_log_hex(ab, string, len);
1296 else 1299 else
1297 audit_log_n_string(ab, len, string); 1300 audit_log_n_string(ab, len, string);
1298 } 1301 }
1299 1302
1300 /** 1303 /**
1301 * audit_log_untrustedstring - log a string that may contain random characters 1304 * audit_log_untrustedstring - log a string that may contain random characters
1302 * @ab: audit_buffer 1305 * @ab: audit_buffer
1303 * @string: string to be logged 1306 * @string: string to be logged
1304 * 1307 *
1305 * Same as audit_log_n_untrustedstring(), except that strlen is used to 1308 * Same as audit_log_n_untrustedstring(), except that strlen is used to
1306 * determine string length. 1309 * determine string length.
1307 */ 1310 */
1308 void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) 1311 void audit_log_untrustedstring(struct audit_buffer *ab, const char *string)
1309 { 1312 {
1310 audit_log_n_untrustedstring(ab, strlen(string), string); 1313 audit_log_n_untrustedstring(ab, strlen(string), string);
1311 } 1314 }
1312 1315
1313 /* This is a helper-function to print the escaped d_path */ 1316 /* This is a helper-function to print the escaped d_path */
1314 void audit_log_d_path(struct audit_buffer *ab, const char *prefix, 1317 void audit_log_d_path(struct audit_buffer *ab, const char *prefix,
1315 struct path *path) 1318 struct path *path)
1316 { 1319 {
1317 char *p, *pathname; 1320 char *p, *pathname;
1318 1321
1319 if (prefix) 1322 if (prefix)
1320 audit_log_format(ab, " %s", prefix); 1323 audit_log_format(ab, " %s", prefix);
1321 1324
1322 /* We will allow 11 spaces for ' (deleted)' to be appended */ 1325 /* We will allow 11 spaces for ' (deleted)' to be appended */
1323 pathname = kmalloc(PATH_MAX+11, ab->gfp_mask); 1326 pathname = kmalloc(PATH_MAX+11, ab->gfp_mask);
1324 if (!pathname) { 1327 if (!pathname) {
1325 audit_log_format(ab, "<no memory>"); 1328 audit_log_format(ab, "<no memory>");
1326 return; 1329 return;
1327 } 1330 }
1328 p = d_path(path, pathname, PATH_MAX+11); 1331 p = d_path(path, pathname, PATH_MAX+11);
1329 if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */ 1332 if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */
1330 /* FIXME: can we save some information here? */ 1333 /* FIXME: can we save some information here? */
1331 audit_log_format(ab, "<too long>"); 1334 audit_log_format(ab, "<too long>");
1332 } else 1335 } else
1333 audit_log_untrustedstring(ab, p); 1336 audit_log_untrustedstring(ab, p);
1334 kfree(pathname); 1337 kfree(pathname);
1335 } 1338 }
1336 1339
1337 /** 1340 /**
1338 * audit_log_end - end one audit record 1341 * audit_log_end - end one audit record
1339 * @ab: the audit_buffer 1342 * @ab: the audit_buffer
1340 * 1343 *
1341 * The netlink_* functions cannot be called inside an irq context, so 1344 * The netlink_* functions cannot be called inside an irq context, so
1342 * the audit buffer is placed on a queue and a tasklet is scheduled to 1345 * the audit buffer is placed on a queue and a tasklet is scheduled to
1343 * remove them from the queue outside the irq context. May be called in 1346 * remove them from the queue outside the irq context. May be called in
1344 * any context. 1347 * any context.
1345 */ 1348 */
1346 void audit_log_end(struct audit_buffer *ab) 1349 void audit_log_end(struct audit_buffer *ab)
1347 { 1350 {
1348 if (!ab) 1351 if (!ab)
1349 return; 1352 return;
1350 if (!audit_rate_check()) { 1353 if (!audit_rate_check()) {
1351 audit_log_lost("rate limit exceeded"); 1354 audit_log_lost("rate limit exceeded");
1352 } else { 1355 } else {
1353 if (audit_pid) { 1356 if (audit_pid) {
1354 struct nlmsghdr *nlh = nlmsg_hdr(ab->skb); 1357 struct nlmsghdr *nlh = nlmsg_hdr(ab->skb);
1355 nlh->nlmsg_len = ab->skb->len - NLMSG_SPACE(0); 1358 nlh->nlmsg_len = ab->skb->len - NLMSG_SPACE(0);
1356 skb_queue_tail(&audit_skb_queue, ab->skb); 1359 skb_queue_tail(&audit_skb_queue, ab->skb);
1357 ab->skb = NULL; 1360 ab->skb = NULL;
1358 wake_up_interruptible(&kauditd_wait); 1361 wake_up_interruptible(&kauditd_wait);
1359 } else if (printk_ratelimit()) { 1362 } else if (printk_ratelimit()) {
1360 struct nlmsghdr *nlh = nlmsg_hdr(ab->skb); 1363 struct nlmsghdr *nlh = nlmsg_hdr(ab->skb);
1361 printk(KERN_NOTICE "type=%d %s\n", nlh->nlmsg_type, ab->skb->data + NLMSG_SPACE(0)); 1364 printk(KERN_NOTICE "type=%d %s\n", nlh->nlmsg_type, ab->skb->data + NLMSG_SPACE(0));
1362 } else { 1365 } else {
1363 audit_log_lost("printk limit exceeded\n"); 1366 audit_log_lost("printk limit exceeded\n");
1364 } 1367 }
1365 } 1368 }
1366 audit_buffer_free(ab); 1369 audit_buffer_free(ab);
1367 } 1370 }
1368 1371
1369 /** 1372 /**
1370 * audit_log - Log an audit record 1373 * audit_log - Log an audit record
1371 * @ctx: audit context 1374 * @ctx: audit context
1372 * @gfp_mask: type of allocation 1375 * @gfp_mask: type of allocation
1373 * @type: audit message type 1376 * @type: audit message type
1374 * @fmt: format string to use 1377 * @fmt: format string to use
1375 * @...: variable parameters matching the format string 1378 * @...: variable parameters matching the format string
1376 * 1379 *
1377 * This is a convenience function that calls audit_log_start, 1380 * This is a convenience function that calls audit_log_start,
1378 * audit_log_vformat, and audit_log_end. It may be called 1381 * audit_log_vformat, and audit_log_end. It may be called
1379 * in any context. 1382 * in any context.
1380 */ 1383 */
1381 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type, 1384 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
1382 const char *fmt, ...) 1385 const char *fmt, ...)
1383 { 1386 {
1384 struct audit_buffer *ab; 1387 struct audit_buffer *ab;
1385 va_list args; 1388 va_list args;
1386 1389
1387 ab = audit_log_start(ctx, gfp_mask, type); 1390 ab = audit_log_start(ctx, gfp_mask, type);
1388 if (ab) { 1391 if (ab) {
1389 va_start(args, fmt); 1392 va_start(args, fmt);
1390 audit_log_vformat(ab, fmt, args); 1393 audit_log_vformat(ab, fmt, args);
1391 va_end(args); 1394 va_end(args);
1392 audit_log_end(ab); 1395 audit_log_end(ab);
1393 } 1396 }
1394 } 1397 }
1395 1398
1396 EXPORT_SYMBOL(audit_log_start); 1399 EXPORT_SYMBOL(audit_log_start);
1397 EXPORT_SYMBOL(audit_log_end); 1400 EXPORT_SYMBOL(audit_log_end);
1398 EXPORT_SYMBOL(audit_log_format); 1401 EXPORT_SYMBOL(audit_log_format);
1399 EXPORT_SYMBOL(audit_log); 1402 EXPORT_SYMBOL(audit_log);
1400 1403