sanitize audit_log_capset()
* no allocations * return void * don't duplicate checked for dummy context Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro
parent
157cf649a7
commit
57f71a0af4
3 changed files with 21 additions and 36 deletions
|
|
@ -457,7 +457,7 @@ extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
|
||||||
extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
|
extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
|
||||||
const struct cred *new,
|
const struct cred *new,
|
||||||
const struct cred *old);
|
const struct cred *old);
|
||||||
extern int __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
|
extern void __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
|
||||||
|
|
||||||
static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
|
static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
|
||||||
{
|
{
|
||||||
|
|
@ -504,12 +504,11 @@ static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int audit_log_capset(pid_t pid, const struct cred *new,
|
static inline void audit_log_capset(pid_t pid, const struct cred *new,
|
||||||
const struct cred *old)
|
const struct cred *old)
|
||||||
{
|
{
|
||||||
if (unlikely(!audit_dummy_context()))
|
if (unlikely(!audit_dummy_context()))
|
||||||
return __audit_log_capset(pid, new, old);
|
__audit_log_capset(pid, new, old);
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
extern int audit_n_rules;
|
extern int audit_n_rules;
|
||||||
|
|
@ -544,7 +543,7 @@ extern int audit_signals;
|
||||||
#define audit_mq_notify(d,n) ((void)0)
|
#define audit_mq_notify(d,n) ((void)0)
|
||||||
#define audit_mq_getsetattr(d,s) ((void)0)
|
#define audit_mq_getsetattr(d,s) ((void)0)
|
||||||
#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
|
#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
|
||||||
#define audit_log_capset(pid, ncr, ocr) ({ 0; })
|
#define audit_log_capset(pid, ncr, ocr) ((void)0)
|
||||||
#define audit_ptrace(t) ((void)0)
|
#define audit_ptrace(t) ((void)0)
|
||||||
#define audit_n_rules 0
|
#define audit_n_rules 0
|
||||||
#define audit_signals 0
|
#define audit_signals 0
|
||||||
|
|
|
||||||
|
|
@ -235,6 +235,10 @@ struct audit_context {
|
||||||
mode_t mode;
|
mode_t mode;
|
||||||
struct mq_attr attr;
|
struct mq_attr attr;
|
||||||
} mq_open;
|
} mq_open;
|
||||||
|
struct {
|
||||||
|
pid_t pid;
|
||||||
|
struct audit_cap_data cap;
|
||||||
|
} capset;
|
||||||
};
|
};
|
||||||
int fds[2];
|
int fds[2];
|
||||||
|
|
||||||
|
|
@ -1291,6 +1295,12 @@ static void show_special(struct audit_context *context, int *call_panic)
|
||||||
attr->mq_flags, attr->mq_maxmsg,
|
attr->mq_flags, attr->mq_maxmsg,
|
||||||
attr->mq_msgsize, attr->mq_curmsgs);
|
attr->mq_msgsize, attr->mq_curmsgs);
|
||||||
break; }
|
break; }
|
||||||
|
case AUDIT_CAPSET: {
|
||||||
|
audit_log_format(ab, "pid=%d", context->capset.pid);
|
||||||
|
audit_log_cap(ab, "cap_pi", &context->capset.cap.inheritable);
|
||||||
|
audit_log_cap(ab, "cap_pp", &context->capset.cap.permitted);
|
||||||
|
audit_log_cap(ab, "cap_pe", &context->capset.cap.effective);
|
||||||
|
break; }
|
||||||
}
|
}
|
||||||
audit_log_end(ab);
|
audit_log_end(ab);
|
||||||
}
|
}
|
||||||
|
|
@ -1392,14 +1402,6 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
|
||||||
audit_log_cap(ab, "new_pe", &axs->new_pcap.effective);
|
audit_log_cap(ab, "new_pe", &axs->new_pcap.effective);
|
||||||
break; }
|
break; }
|
||||||
|
|
||||||
case AUDIT_CAPSET: {
|
|
||||||
struct audit_aux_data_capset *axs = (void *)aux;
|
|
||||||
audit_log_format(ab, "pid=%d", axs->pid);
|
|
||||||
audit_log_cap(ab, "cap_pi", &axs->cap.inheritable);
|
|
||||||
audit_log_cap(ab, "cap_pp", &axs->cap.permitted);
|
|
||||||
audit_log_cap(ab, "cap_pe", &axs->cap.effective);
|
|
||||||
break; }
|
|
||||||
|
|
||||||
}
|
}
|
||||||
audit_log_end(ab);
|
audit_log_end(ab);
|
||||||
}
|
}
|
||||||
|
|
@ -2456,29 +2458,15 @@ int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
|
||||||
* Record the aguments userspace sent to sys_capset for later printing by the
|
* Record the aguments userspace sent to sys_capset for later printing by the
|
||||||
* audit system if applicable
|
* audit system if applicable
|
||||||
*/
|
*/
|
||||||
int __audit_log_capset(pid_t pid,
|
void __audit_log_capset(pid_t pid,
|
||||||
const struct cred *new, const struct cred *old)
|
const struct cred *new, const struct cred *old)
|
||||||
{
|
{
|
||||||
struct audit_aux_data_capset *ax;
|
|
||||||
struct audit_context *context = current->audit_context;
|
struct audit_context *context = current->audit_context;
|
||||||
|
context->capset.pid = pid;
|
||||||
if (likely(!audit_enabled || !context || context->dummy))
|
context->capset.cap.effective = new->cap_effective;
|
||||||
return 0;
|
context->capset.cap.inheritable = new->cap_effective;
|
||||||
|
context->capset.cap.permitted = new->cap_permitted;
|
||||||
ax = kmalloc(sizeof(*ax), GFP_KERNEL);
|
context->type = AUDIT_CAPSET;
|
||||||
if (!ax)
|
|
||||||
return -ENOMEM;
|
|
||||||
|
|
||||||
ax->d.type = AUDIT_CAPSET;
|
|
||||||
ax->d.next = context->aux;
|
|
||||||
context->aux = (void *)ax;
|
|
||||||
|
|
||||||
ax->pid = pid;
|
|
||||||
ax->cap.effective = new->cap_effective;
|
|
||||||
ax->cap.inheritable = new->cap_effective;
|
|
||||||
ax->cap.permitted = new->cap_permitted;
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -280,9 +280,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
ret = audit_log_capset(pid, new, current_cred());
|
audit_log_capset(pid, new, current_cred());
|
||||||
if (ret < 0)
|
|
||||||
return ret;
|
|
||||||
|
|
||||||
return commit_creds(new);
|
return commit_creds(new);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue