diff options
| -rw-r--r-- | kernel/audit.c | 9 | ||||
| -rw-r--r-- | kernel/audit_tree.c | 2 | ||||
| -rw-r--r-- | kernel/auditfilter.c | 16 | ||||
| -rw-r--r-- | kernel/auditsc.c | 33 | 
4 files changed, 32 insertions, 28 deletions
| diff --git a/kernel/audit.c b/kernel/audit.c index ce6d8ea3131e..9442c3533ba9 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -766,6 +766,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)  				audit_log_format(ab, " msg=");  				size = nlmsg_len(nlh); +				if (size > 0 && +				    ((unsigned char *)data)[size - 1] == '\0') +					size--;  				audit_log_n_untrustedstring(ab, data, size);  			}  			audit_set_pid(ab, pid); @@ -1382,7 +1385,7 @@ void audit_log_n_string(struct audit_buffer *ab, const char *string,  int audit_string_contains_control(const char *string, size_t len)  {  	const unsigned char *p; -	for (p = string; p < (const unsigned char *)string + len && *p; p++) { +	for (p = string; p < (const unsigned char *)string + len; p++) {  		if (*p == '"' || *p < 0x21 || *p > 0x7e)  			return 1;  	} @@ -1437,13 +1440,13 @@ void audit_log_d_path(struct audit_buffer *ab, const char *prefix,  	/* We will allow 11 spaces for ' (deleted)' to be appended */  	pathname = kmalloc(PATH_MAX+11, ab->gfp_mask);  	if (!pathname) { -		audit_log_format(ab, "<no memory>"); +		audit_log_string(ab, "<no_memory>");  		return;  	}  	p = d_path(path, pathname, PATH_MAX+11);  	if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */  		/* FIXME: can we save some information here? */ -		audit_log_format(ab, "<too long>"); +		audit_log_string(ab, "<too_long>");  	} else  		audit_log_untrustedstring(ab, p);  	kfree(pathname); diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c index 8ad9545b8db9..917ab9525568 100644 --- a/kernel/audit_tree.c +++ b/kernel/audit_tree.c @@ -385,6 +385,7 @@ static int tag_chunk(struct inode *inode, struct audit_tree *tree)  	mutex_lock(&inode->inotify_mutex);  	if (inotify_clone_watch(&old->watch, &chunk->watch) < 0) {  		mutex_unlock(&inode->inotify_mutex); +		put_inotify_watch(&old->watch);  		free_chunk(chunk);  		return -ENOSPC;  	} @@ -394,6 +395,7 @@ static int tag_chunk(struct inode *inode, struct audit_tree *tree)  		chunk->dead = 1;  		inotify_evict_watch(&chunk->watch);  		mutex_unlock(&inode->inotify_mutex); +		put_inotify_watch(&old->watch);  		put_inotify_watch(&chunk->watch);  		return 0;  	} diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index fbf24d121d97..a6fe71fd5d1b 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -135,18 +135,18 @@ static void audit_remove_watch(struct audit_watch *watch)  static inline void audit_free_rule(struct audit_entry *e)  {  	int i; - +	struct audit_krule *erule = &e->rule;  	/* some rules don't have associated watches */ -	if (e->rule.watch) -		audit_put_watch(e->rule.watch); -	if (e->rule.fields) -		for (i = 0; i < e->rule.field_count; i++) { -			struct audit_field *f = &e->rule.fields[i]; +	if (erule->watch) +		audit_put_watch(erule->watch); +	if (erule->fields) +		for (i = 0; i < erule->field_count; i++) { +			struct audit_field *f = &erule->fields[i];  			kfree(f->lsm_str);  			security_audit_rule_free(f->lsm_rule);  		} -	kfree(e->rule.fields); -	kfree(e->rule.filterkey); +	kfree(erule->fields); +	kfree(erule->filterkey);  	kfree(e);  } diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 2bfc64786765..7d6ac7c1f414 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -329,6 +329,14 @@ static int audit_match_filetype(struct audit_context *ctx, int which)   */  #ifdef CONFIG_AUDIT_TREE +static void audit_set_auditable(struct audit_context *ctx) +{ +	if (!ctx->prio) { +		ctx->prio = 1; +		ctx->current_state = AUDIT_RECORD_CONTEXT; +	} +} +  static int put_tree_ref(struct audit_context *ctx, struct audit_chunk *chunk)  {  	struct audit_tree_refs *p = ctx->trees; @@ -742,17 +750,9 @@ void audit_filter_inodes(struct task_struct *tsk, struct audit_context *ctx)  	rcu_read_unlock();  } -static void audit_set_auditable(struct audit_context *ctx) -{ -	if (!ctx->prio) { -		ctx->prio = 1; -		ctx->current_state = AUDIT_RECORD_CONTEXT; -	} -} -  static inline struct audit_context *audit_get_context(struct task_struct *tsk,  						      int return_valid, -						      int return_code) +						      long return_code)  {  	struct audit_context *context = tsk->audit_context; @@ -1024,7 +1024,7 @@ static int audit_log_single_execve_arg(struct audit_context *context,  {  	char arg_num_len_buf[12];  	const char __user *tmp_p = p; -	/* how many digits are in arg_num? 3 is the length of a=\n */ +	/* how many digits are in arg_num? 3 is the length of " a=" */  	size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 3;  	size_t len, len_left, to_send;  	size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN; @@ -1110,7 +1110,7 @@ static int audit_log_single_execve_arg(struct audit_context *context,  		 * so we can be sure nothing was lost.  		 */  		if ((i == 0) && (too_long)) -			audit_log_format(*ab, "a%d_len=%zu ", arg_num, +			audit_log_format(*ab, " a%d_len=%zu", arg_num,  					 has_cntl ? 2*len : len);  		/* @@ -1130,7 +1130,7 @@ static int audit_log_single_execve_arg(struct audit_context *context,  		buf[to_send] = '\0';  		/* actually log it */ -		audit_log_format(*ab, "a%d", arg_num); +		audit_log_format(*ab, " a%d", arg_num);  		if (too_long)  			audit_log_format(*ab, "[%d]", i);  		audit_log_format(*ab, "="); @@ -1138,7 +1138,6 @@ static int audit_log_single_execve_arg(struct audit_context *context,  			audit_log_n_hex(*ab, buf, to_send);  		else  			audit_log_format(*ab, "\"%s\"", buf); -		audit_log_format(*ab, "\n");  		p += to_send;  		len_left -= to_send; @@ -1166,7 +1165,7 @@ static void audit_log_execve_info(struct audit_context *context,  	p = (const char __user *)axi->mm->arg_start; -	audit_log_format(*ab, "argc=%d ", axi->argc); +	audit_log_format(*ab, "argc=%d", axi->argc);  	/*  	 * we need some kernel buffer to hold the userspace args.  Just @@ -1479,7 +1478,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts  			case 0:  				/* name was specified as a relative path and the  				 * directory component is the cwd */ -				audit_log_d_path(ab, " name=", &context->pwd); +				audit_log_d_path(ab, "name=", &context->pwd);  				break;  			default:  				/* log the name's directory component */ @@ -2150,7 +2149,7 @@ int audit_set_loginuid(struct task_struct *task, uid_t loginuid)   * __audit_mq_open - record audit data for a POSIX MQ open   * @oflag: open flag   * @mode: mode bits - * @u_attr: queue attributes + * @attr: queue attributes   *   */  void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr) @@ -2197,7 +2196,7 @@ void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,  /**   * __audit_mq_notify - record audit data for a POSIX MQ notify   * @mqdes: MQ descriptor - * @u_notification: Notification event + * @notification: Notification event   *   */ | 
