From 7e51aa4486bcf72daeb5d30227c4c01563f37044 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 2 Apr 2014 16:00:58 -0400 Subject: audit: drop unused struct audit_rule definition The kernel only uses struct audit_rule_data. We dropped support for struct audit_rule a long time ago. Drop the definition in the header file. Signed-off-by: Eric Paris --- include/uapi/linux/audit.h | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'include') diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h index cf6714752b69..df71b1d2cbb8 100644 --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@ -444,17 +444,4 @@ struct audit_rule_data { char buf[0]; /* string fields buffer */ }; -/* audit_rule is supported to maintain backward compatibility with - * userspace. It supports integer fields only and corresponds to - * AUDIT_ADD, AUDIT_DEL and AUDIT_LIST requests. - */ -struct audit_rule { /* for AUDIT_LIST, AUDIT_ADD, and AUDIT_DEL */ - __u32 flags; /* AUDIT_PER_{TASK,CALL}, AUDIT_PREPEND */ - __u32 action; /* AUDIT_NEVER, AUDIT_POSSIBLE, AUDIT_ALWAYS */ - __u32 field_count; - __u32 mask[AUDIT_BITMASK_SIZE]; - __u32 fields[AUDIT_MAX_FIELDS]; - __u32 values[AUDIT_MAX_FIELDS]; -}; - #endif /* _UAPI_LINUX_AUDIT_H_ */ -- cgit v1.2.3 From 1002d94d30765b1faf0840adef9ed7e6b7aa5783 Mon Sep 17 00:00:00 2001 From: Richard Guy Briggs Date: Fri, 28 Feb 2014 15:34:19 -0500 Subject: syscall.h: fix doc text for syscall_get_arch() syscall_get_arch() used to take a task as a argument. It now uses current. Fix the doc text. Signed-off-by: Richard Guy Briggs Signed-off-by: Eric Paris --- include/asm-generic/syscall.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/asm-generic/syscall.h b/include/asm-generic/syscall.h index d401e5463fb0..0c938a4354f6 100644 --- a/include/asm-generic/syscall.h +++ b/include/asm-generic/syscall.h @@ -147,7 +147,7 @@ void syscall_set_arguments(struct task_struct *task, struct pt_regs *regs, * * Returns the AUDIT_ARCH_* based on the system call convention in use. * - * It's only valid to call this when @task is stopped on entry to a system + * It's only valid to call this when current is stopped on entry to a system * call, due to %TIF_SYSCALL_TRACE, %TIF_SYSCALL_AUDIT, or %TIF_SECCOMP. * * Architectures which permit CONFIG_HAVE_ARCH_SECCOMP_FILTER must -- cgit v1.2.3 From ce5d112827e5c2e9864323d0efd7ec2a62c6dce0 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 11 Mar 2014 13:50:46 -0400 Subject: ARCH: AUDIT: implement syscall_get_arch for all arches For all arches which support audit implement syscall_get_arch() They are all pretty easy and straight forward, stolen from how the call to audit_syscall_entry() determines the arch. Based-on-patch-by: Richard Briggs Signed-off-by: Eric Paris Cc: linux-ia64@vger.kernel.org Cc: microblaze-uclinux@itee.uq.edu.au Cc: linux-mips@linux-mips.org Cc: linux@lists.openrisc.net Cc: linux-parisc@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Cc: sparclinux@vger.kernel.org --- include/uapi/linux/audit.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h index df71b1d2cbb8..4d100c841c80 100644 --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@ -351,6 +351,7 @@ enum { #define AUDIT_ARCH_IA64 (EM_IA_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) #define AUDIT_ARCH_M32R (EM_M32R) #define AUDIT_ARCH_M68K (EM_68K) +#define AUDIT_ARCH_MICROBLAZE (EM_MICROBLAZE) #define AUDIT_ARCH_MIPS (EM_MIPS) #define AUDIT_ARCH_MIPSEL (EM_MIPS|__AUDIT_ARCH_LE) #define AUDIT_ARCH_MIPS64 (EM_MIPS|__AUDIT_ARCH_64BIT) -- cgit v1.2.3 From 91397401bb5072f71e8ce8744ad0bdec3e875a91 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 11 Mar 2014 13:29:28 -0400 Subject: ARCH: AUDIT: audit_syscall_entry() should not require the arch We have a function where the arch can be queried, syscall_get_arch(). So rather than have every single piece of arch specific code use and/or duplicate syscall_get_arch(), just have the audit code use the syscall_get_arch() code. Based-on-patch-by: Richard Briggs Signed-off-by: Eric Paris Cc: linux-alpha@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org Cc: linux-ia64@vger.kernel.org Cc: microblaze-uclinux@itee.uq.edu.au Cc: linux-mips@linux-mips.org Cc: linux@lists.openrisc.net Cc: linux-parisc@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Cc: linux-s390@vger.kernel.org Cc: linux-sh@vger.kernel.org Cc: sparclinux@vger.kernel.org Cc: user-mode-linux-devel@lists.sourceforge.net Cc: linux-xtensa@linux-xtensa.org Cc: x86@kernel.org --- include/linux/audit.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/linux/audit.h b/include/linux/audit.h index 22cfddb75566..bb1c3ab611bf 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -26,6 +26,7 @@ #include #include #include +#include struct audit_sig_info { uid_t uid; @@ -141,12 +142,12 @@ static inline void audit_free(struct task_struct *task) if (unlikely(task->audit_context)) __audit_free(task); } -static inline void audit_syscall_entry(int arch, int major, unsigned long a0, +static inline void audit_syscall_entry(int major, unsigned long a0, unsigned long a1, unsigned long a2, unsigned long a3) { if (unlikely(current->audit_context)) - __audit_syscall_entry(arch, major, a0, a1, a2, a3); + __audit_syscall_entry(syscall_get_arch(), major, a0, a1, a2, a3); } static inline void audit_syscall_exit(void *pt_regs) { @@ -322,7 +323,7 @@ static inline int audit_alloc(struct task_struct *task) } static inline void audit_free(struct task_struct *task) { } -static inline void audit_syscall_entry(int arch, int major, unsigned long a0, +static inline void audit_syscall_entry(int major, unsigned long a0, unsigned long a1, unsigned long a2, unsigned long a3) { } -- cgit v1.2.3 From a9ebe0b98896b276a3a1664da5f40d3b7c92f316 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 22 Apr 2014 11:46:16 -0400 Subject: audit: fix build error when asm/syscall.h does not exist avr32 does not have an asm/syscall.h file. We need the syscall_get_arch() definition from that file for all arch's which support CONFIG_AUDITSYSCALL. Obviously avr32 is not one of those arch's. Move the include inside the CONFIG_AUDITSYSCALL such that we only do the include if we need the results. When the syscall_get_arch() call is moved inside __audit_syscall_entry() this include can be dropped entirely. But that is going to require some assembly changes on x86* in a patch that is not ready for the tree... Reported-by: Paul Gortmaker Signed-off-by: Eric Paris --- include/linux/audit.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/linux/audit.h b/include/linux/audit.h index bb1c3ab611bf..783157b289e8 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -26,7 +26,6 @@ #include #include #include -#include struct audit_sig_info { uid_t uid; @@ -110,6 +109,8 @@ extern void audit_log_session_info(struct audit_buffer *ab); #endif #ifdef CONFIG_AUDITSYSCALL +#include /* for syscall_get_arch() */ + /* These are defined in auditsc.c */ /* Public API */ extern int audit_alloc(struct task_struct *task); -- cgit v1.2.3 From b4f0d3755c5e9cc86292d5fd78261903b4f23d4a Mon Sep 17 00:00:00 2001 From: Richard Guy Briggs Date: Tue, 4 Mar 2014 10:38:06 -0500 Subject: audit: x86: drop arch from __audit_syscall_entry() interface Since the arch is found locally in __audit_syscall_entry(), there is no need to pass it in as a parameter. Delete it from the parameter list. x86* was the only arch to call __audit_syscall_entry() directly and did so from assembly code. Signed-off-by: Richard Guy Briggs Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: x86@kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-audit@redhat.com Signed-off-by: Eric Paris --- As this patch relies on changes in the audit tree, I think it appropriate to send it through my tree rather than the x86 tree. --- include/linux/audit.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/linux/audit.h b/include/linux/audit.h index 783157b289e8..1ae00891aff9 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -115,8 +115,7 @@ extern void audit_log_session_info(struct audit_buffer *ab); /* Public API */ extern int audit_alloc(struct task_struct *task); extern void __audit_free(struct task_struct *task); -extern void __audit_syscall_entry(int arch, - int major, unsigned long a0, unsigned long a1, +extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1, unsigned long a2, unsigned long a3); extern void __audit_syscall_exit(int ret_success, long ret_value); extern struct filename *__audit_reusename(const __user char *uptr); @@ -148,7 +147,7 @@ static inline void audit_syscall_entry(int major, unsigned long a0, unsigned long a3) { if (unlikely(current->audit_context)) - __audit_syscall_entry(syscall_get_arch(), major, a0, a1, a2, a3); + __audit_syscall_entry(major, a0, a1, a2, a3); } static inline void audit_syscall_exit(void *pt_regs) { -- cgit v1.2.3 From 219ca39427bf6c46c4e1473493e33bc00635e99b Mon Sep 17 00:00:00 2001 From: Richard Guy Briggs Date: Wed, 26 Mar 2014 07:26:47 -0400 Subject: audit: use union for audit_field values since they are mutually exclusive Since only one of val, uid, gid and lsm* are used at any given time, combine them to reduce the size of the struct audit_field. Signed-off-by: Richard Guy Briggs --- include/linux/audit.h | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/linux/audit.h b/include/linux/audit.h index 1ae00891aff9..36dffeccebdb 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -66,12 +66,16 @@ struct audit_krule { struct audit_field { u32 type; - u32 val; - kuid_t uid; - kgid_t gid; + union { + u32 val; + kuid_t uid; + kgid_t gid; + struct { + char *lsm_str; + void *lsm_rule; + }; + }; u32 op; - char *lsm_str; - void *lsm_rule; }; extern int is_audit_feature_set(int which); -- cgit v1.2.3 From 29075feaf1f55e6b1aa4054b44bc141e8d5eab0b Mon Sep 17 00:00:00 2001 From: Guenter Roeck Date: Fri, 26 Sep 2014 09:05:39 -0700 Subject: next: openrisc: Fix build openrisc:defconfig fails to build in next-20140926 with the following error. In file included from arch/openrisc/kernel/signal.c:31:0: ./arch/openrisc/include/asm/syscall.h: In function 'syscall_get_arch': ./arch/openrisc/include/asm/syscall.h:77:9: error: 'EM_OPENRISC' undeclared Fix by moving EM_OPENRISC to include/uapi/linux/elf-em.h. Fixes: ce5d112827e5 ("ARCH: AUDIT: implement syscall_get_arch for all arches") Cc: Eric Paris Cc: Stefan Kristiansson Cc: Geert Uytterhoeven Cc: Stephen Rothwell Signed-off-by: Guenter Roeck Signed-off-by: Eric Paris --- include/uapi/linux/elf-em.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/uapi/linux/elf-em.h b/include/uapi/linux/elf-em.h index 01529bd96438..aa90bc98b6e2 100644 --- a/include/uapi/linux/elf-em.h +++ b/include/uapi/linux/elf-em.h @@ -32,6 +32,7 @@ #define EM_V850 87 /* NEC v850 */ #define EM_M32R 88 /* Renesas M32R */ #define EM_MN10300 89 /* Panasonic/MEI MN10300, AM33 */ +#define EM_OPENRISC 92 /* OpenRISC 32-bit embedded processor */ #define EM_BLACKFIN 106 /* ADI Blackfin Processor */ #define EM_TI_C6000 140 /* TI C6X DSPs */ #define EM_AARCH64 183 /* ARM 64 bit */ -- cgit v1.2.3