sanitize audit_ipc_set_perm()
* get rid of allocations * make it return void * simplify callers Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
a33e675100
commit
e816f370cb
3 changed files with 32 additions and 45 deletions
|
@ -444,7 +444,7 @@ extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
|
||||||
#define audit_get_sessionid(t) ((t)->sessionid)
|
#define audit_get_sessionid(t) ((t)->sessionid)
|
||||||
extern void audit_log_task_context(struct audit_buffer *ab);
|
extern void audit_log_task_context(struct audit_buffer *ab);
|
||||||
extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
|
extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
|
||||||
extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
|
extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
|
||||||
extern int audit_bprm(struct linux_binprm *bprm);
|
extern int audit_bprm(struct linux_binprm *bprm);
|
||||||
extern void audit_socketcall(int nargs, unsigned long *args);
|
extern void audit_socketcall(int nargs, unsigned long *args);
|
||||||
extern int audit_sockaddr(int len, void *addr);
|
extern int audit_sockaddr(int len, void *addr);
|
||||||
|
@ -471,11 +471,10 @@ static inline int audit_fd_pair(int fd1, int fd2)
|
||||||
return __audit_fd_pair(fd1, fd2);
|
return __audit_fd_pair(fd1, fd2);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
|
static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
|
||||||
{
|
{
|
||||||
if (unlikely(!audit_dummy_context()))
|
if (unlikely(!audit_dummy_context()))
|
||||||
return __audit_ipc_set_perm(qbytes, uid, gid, mode);
|
__audit_ipc_set_perm(qbytes, uid, gid, mode);
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
|
static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
|
||||||
{
|
{
|
||||||
|
@ -546,7 +545,7 @@ extern int audit_signals;
|
||||||
#define audit_get_sessionid(t) (-1)
|
#define audit_get_sessionid(t) (-1)
|
||||||
#define audit_log_task_context(b) do { ; } while (0)
|
#define audit_log_task_context(b) do { ; } while (0)
|
||||||
#define audit_ipc_obj(i) ((void)0)
|
#define audit_ipc_obj(i) ((void)0)
|
||||||
#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
|
#define audit_ipc_set_perm(q,u,g,m) ((void)0)
|
||||||
#define audit_bprm(p) ({ 0; })
|
#define audit_bprm(p) ({ 0; })
|
||||||
#define audit_socketcall(n,a) ((void)0)
|
#define audit_socketcall(n,a) ((void)0)
|
||||||
#define audit_fd_pair(n,a) ({ 0; })
|
#define audit_fd_pair(n,a) ({ 0; })
|
||||||
|
|
|
@ -803,13 +803,9 @@ struct kern_ipc_perm *ipcctl_pre_down(struct ipc_ids *ids, int id, int cmd,
|
||||||
}
|
}
|
||||||
|
|
||||||
audit_ipc_obj(ipcp);
|
audit_ipc_obj(ipcp);
|
||||||
|
if (cmd == IPC_SET)
|
||||||
if (cmd == IPC_SET) {
|
audit_ipc_set_perm(extra_perm, perm->uid,
|
||||||
err = audit_ipc_set_perm(extra_perm, perm->uid,
|
|
||||||
perm->gid, perm->mode);
|
perm->gid, perm->mode);
|
||||||
if (err)
|
|
||||||
goto out_unlock;
|
|
||||||
}
|
|
||||||
|
|
||||||
euid = current_euid();
|
euid = current_euid();
|
||||||
if (euid == ipcp->cuid ||
|
if (euid == ipcp->cuid ||
|
||||||
|
@ -817,7 +813,6 @@ struct kern_ipc_perm *ipcctl_pre_down(struct ipc_ids *ids, int id, int cmd,
|
||||||
return ipcp;
|
return ipcp;
|
||||||
|
|
||||||
err = -EPERM;
|
err = -EPERM;
|
||||||
out_unlock:
|
|
||||||
ipc_unlock(ipcp);
|
ipc_unlock(ipcp);
|
||||||
out_up:
|
out_up:
|
||||||
up_write(&ids->rw_mutex);
|
up_write(&ids->rw_mutex);
|
||||||
|
|
|
@ -151,16 +151,6 @@ struct audit_aux_data_mq_getsetattr {
|
||||||
struct mq_attr mqstat;
|
struct mq_attr mqstat;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct audit_aux_data_ipcctl {
|
|
||||||
struct audit_aux_data d;
|
|
||||||
struct ipc_perm p;
|
|
||||||
unsigned long qbytes;
|
|
||||||
uid_t uid;
|
|
||||||
gid_t gid;
|
|
||||||
mode_t mode;
|
|
||||||
u32 osid;
|
|
||||||
};
|
|
||||||
|
|
||||||
struct audit_aux_data_execve {
|
struct audit_aux_data_execve {
|
||||||
struct audit_aux_data d;
|
struct audit_aux_data d;
|
||||||
int argc;
|
int argc;
|
||||||
|
@ -252,6 +242,11 @@ struct audit_context {
|
||||||
gid_t gid;
|
gid_t gid;
|
||||||
mode_t mode;
|
mode_t mode;
|
||||||
u32 osid;
|
u32 osid;
|
||||||
|
int has_perm;
|
||||||
|
uid_t perm_uid;
|
||||||
|
gid_t perm_gid;
|
||||||
|
mode_t perm_mode;
|
||||||
|
unsigned long qbytes;
|
||||||
} ipc;
|
} ipc;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -1260,6 +1255,19 @@ static void show_special(struct audit_context *context, int *call_panic)
|
||||||
security_release_secctx(ctx, len);
|
security_release_secctx(ctx, len);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (context->ipc.has_perm) {
|
||||||
|
audit_log_end(ab);
|
||||||
|
ab = audit_log_start(context, GFP_KERNEL,
|
||||||
|
AUDIT_IPC_SET_PERM);
|
||||||
|
audit_log_format(ab,
|
||||||
|
"qbytes=%lx ouid=%u ogid=%u mode=%#o",
|
||||||
|
context->ipc.qbytes,
|
||||||
|
context->ipc.perm_uid,
|
||||||
|
context->ipc.perm_gid,
|
||||||
|
context->ipc.perm_mode);
|
||||||
|
if (!ab)
|
||||||
|
return;
|
||||||
|
}
|
||||||
break; }
|
break; }
|
||||||
}
|
}
|
||||||
audit_log_end(ab);
|
audit_log_end(ab);
|
||||||
|
@ -1379,13 +1387,6 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
|
||||||
axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs);
|
axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs);
|
||||||
break; }
|
break; }
|
||||||
|
|
||||||
case AUDIT_IPC_SET_PERM: {
|
|
||||||
struct audit_aux_data_ipcctl *axi = (void *)aux;
|
|
||||||
audit_log_format(ab,
|
|
||||||
"qbytes=%lx ouid=%u ogid=%u mode=%#o",
|
|
||||||
axi->qbytes, axi->uid, axi->gid, axi->mode);
|
|
||||||
break; }
|
|
||||||
|
|
||||||
case AUDIT_EXECVE: {
|
case AUDIT_EXECVE: {
|
||||||
struct audit_aux_data_execve *axi = (void *)aux;
|
struct audit_aux_data_execve *axi = (void *)aux;
|
||||||
audit_log_execve_info(context, &ab, axi);
|
audit_log_execve_info(context, &ab, axi);
|
||||||
|
@ -2352,6 +2353,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
|
||||||
context->ipc.uid = ipcp->uid;
|
context->ipc.uid = ipcp->uid;
|
||||||
context->ipc.gid = ipcp->gid;
|
context->ipc.gid = ipcp->gid;
|
||||||
context->ipc.mode = ipcp->mode;
|
context->ipc.mode = ipcp->mode;
|
||||||
|
context->ipc.has_perm = 0;
|
||||||
security_ipc_getsecid(ipcp, &context->ipc.osid);
|
security_ipc_getsecid(ipcp, &context->ipc.osid);
|
||||||
context->type = AUDIT_IPC;
|
context->type = AUDIT_IPC;
|
||||||
}
|
}
|
||||||
|
@ -2363,26 +2365,17 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
|
||||||
* @gid: msgq group id
|
* @gid: msgq group id
|
||||||
* @mode: msgq mode (permissions)
|
* @mode: msgq mode (permissions)
|
||||||
*
|
*
|
||||||
* Returns 0 for success or NULL context or < 0 on error.
|
* Called only after audit_ipc_obj().
|
||||||
*/
|
*/
|
||||||
int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
|
void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
|
||||||
{
|
{
|
||||||
struct audit_aux_data_ipcctl *ax;
|
|
||||||
struct audit_context *context = current->audit_context;
|
struct audit_context *context = current->audit_context;
|
||||||
|
|
||||||
ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
|
context->ipc.qbytes = qbytes;
|
||||||
if (!ax)
|
context->ipc.perm_uid = uid;
|
||||||
return -ENOMEM;
|
context->ipc.perm_gid = gid;
|
||||||
|
context->ipc.perm_mode = mode;
|
||||||
ax->qbytes = qbytes;
|
context->ipc.has_perm = 1;
|
||||||
ax->uid = uid;
|
|
||||||
ax->gid = gid;
|
|
||||||
ax->mode = mode;
|
|
||||||
|
|
||||||
ax->d.type = AUDIT_IPC_SET_PERM;
|
|
||||||
ax->d.next = context->aux;
|
|
||||||
context->aux = (void *)ax;
|
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_bprm(struct linux_binprm *bprm)
|
int audit_bprm(struct linux_binprm *bprm)
|
||||||
|
|
Loading…
Reference in a new issue