sanitize audit_log_capset()
* no allocations * return void * don't duplicate checked for dummy context Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro
parent
157cf649a7
commit
57f71a0af4
3 changed files with 21 additions and 36 deletions
|
|
@ -457,7 +457,7 @@ extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
|
|||
extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
|
||||
const struct cred *new,
|
||||
const struct cred *old);
|
||||
extern int __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
|
||||
extern void __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
|
||||
|
||||
static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
|
||||
{
|
||||
|
|
@ -504,12 +504,11 @@ static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
|
|||
return 0;
|
||||
}
|
||||
|
||||
static inline int audit_log_capset(pid_t pid, const struct cred *new,
|
||||
static inline void audit_log_capset(pid_t pid, const struct cred *new,
|
||||
const struct cred *old)
|
||||
{
|
||||
if (unlikely(!audit_dummy_context()))
|
||||
return __audit_log_capset(pid, new, old);
|
||||
return 0;
|
||||
__audit_log_capset(pid, new, old);
|
||||
}
|
||||
|
||||
extern int audit_n_rules;
|
||||
|
|
@ -544,7 +543,7 @@ extern int audit_signals;
|
|||
#define audit_mq_notify(d,n) ((void)0)
|
||||
#define audit_mq_getsetattr(d,s) ((void)0)
|
||||
#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
|
||||
#define audit_log_capset(pid, ncr, ocr) ({ 0; })
|
||||
#define audit_log_capset(pid, ncr, ocr) ((void)0)
|
||||
#define audit_ptrace(t) ((void)0)
|
||||
#define audit_n_rules 0
|
||||
#define audit_signals 0
|
||||
|
|
|
|||
|
|
@ -235,6 +235,10 @@ struct audit_context {
|
|||
mode_t mode;
|
||||
struct mq_attr attr;
|
||||
} mq_open;
|
||||
struct {
|
||||
pid_t pid;
|
||||
struct audit_cap_data cap;
|
||||
} capset;
|
||||
};
|
||||
int fds[2];
|
||||
|
||||
|
|
@ -1291,6 +1295,12 @@ static void show_special(struct audit_context *context, int *call_panic)
|
|||
attr->mq_flags, attr->mq_maxmsg,
|
||||
attr->mq_msgsize, attr->mq_curmsgs);
|
||||
break; }
|
||||
case AUDIT_CAPSET: {
|
||||
audit_log_format(ab, "pid=%d", context->capset.pid);
|
||||
audit_log_cap(ab, "cap_pi", &context->capset.cap.inheritable);
|
||||
audit_log_cap(ab, "cap_pp", &context->capset.cap.permitted);
|
||||
audit_log_cap(ab, "cap_pe", &context->capset.cap.effective);
|
||||
break; }
|
||||
}
|
||||
audit_log_end(ab);
|
||||
}
|
||||
|
|
@ -1392,14 +1402,6 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
|
|||
audit_log_cap(ab, "new_pe", &axs->new_pcap.effective);
|
||||
break; }
|
||||
|
||||
case AUDIT_CAPSET: {
|
||||
struct audit_aux_data_capset *axs = (void *)aux;
|
||||
audit_log_format(ab, "pid=%d", axs->pid);
|
||||
audit_log_cap(ab, "cap_pi", &axs->cap.inheritable);
|
||||
audit_log_cap(ab, "cap_pp", &axs->cap.permitted);
|
||||
audit_log_cap(ab, "cap_pe", &axs->cap.effective);
|
||||
break; }
|
||||
|
||||
}
|
||||
audit_log_end(ab);
|
||||
}
|
||||
|
|
@ -2456,29 +2458,15 @@ int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
|
|||
* Record the aguments userspace sent to sys_capset for later printing by the
|
||||
* audit system if applicable
|
||||
*/
|
||||
int __audit_log_capset(pid_t pid,
|
||||
void __audit_log_capset(pid_t pid,
|
||||
const struct cred *new, const struct cred *old)
|
||||
{
|
||||
struct audit_aux_data_capset *ax;
|
||||
struct audit_context *context = current->audit_context;
|
||||
|
||||
if (likely(!audit_enabled || !context || context->dummy))
|
||||
return 0;
|
||||
|
||||
ax = kmalloc(sizeof(*ax), GFP_KERNEL);
|
||||
if (!ax)
|
||||
return -ENOMEM;
|
||||
|
||||
ax->d.type = AUDIT_CAPSET;
|
||||
ax->d.next = context->aux;
|
||||
context->aux = (void *)ax;
|
||||
|
||||
ax->pid = pid;
|
||||
ax->cap.effective = new->cap_effective;
|
||||
ax->cap.inheritable = new->cap_effective;
|
||||
ax->cap.permitted = new->cap_permitted;
|
||||
|
||||
return 0;
|
||||
context->capset.pid = pid;
|
||||
context->capset.cap.effective = new->cap_effective;
|
||||
context->capset.cap.inheritable = new->cap_effective;
|
||||
context->capset.cap.permitted = new->cap_permitted;
|
||||
context->type = AUDIT_CAPSET;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -280,9 +280,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
|
|||
if (ret < 0)
|
||||
goto error;
|
||||
|
||||
ret = audit_log_capset(pid, new, current_cred());
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
audit_log_capset(pid, new, current_cred());
|
||||
|
||||
return commit_creds(new);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue