Skip to content

Commit 13d826e

Browse files
cschauflerpcmoore
cschaufler
authored and
pcmoore
committed
audit: change context data from secid to lsm_prop
Change the LSM data stored in the audit transactions from a secid to an LSM prop. This is done in struct audit_context and struct audit_aux_data_pids. Several cases of scaffolding can be removed. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> [PM: subj line tweak] Signed-off-by: Paul Moore <paul@paul-moore.com>
1 parent b0654ca commit 13d826e

File tree

3 files changed

+13
-21
lines changed

3 files changed

+13
-21
lines changed

kernel/audit.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -144,7 +144,7 @@ struct audit_context {
144144
kuid_t target_auid;
145145
kuid_t target_uid;
146146
unsigned int target_sessionid;
147-
u32 target_sid;
147+
struct lsm_prop target_ref;
148148
char target_comm[TASK_COMM_LEN];
149149

150150
struct audit_tree_refs *trees, *first_trees;

kernel/auditfilter.c

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1370,7 +1370,6 @@ int audit_filter(int msgtype, unsigned int listtype)
13701370
case AUDIT_SUBJ_SEN:
13711371
case AUDIT_SUBJ_CLR:
13721372
if (f->lsm_rule) {
1373-
/* scaffolding */
13741373
security_current_getlsmprop_subj(&prop);
13751374
result = security_audit_rule_match(
13761375
&prop, f->type, f->op,

kernel/auditsc.c

Lines changed: 12 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -100,7 +100,7 @@ struct audit_aux_data_pids {
100100
kuid_t target_auid[AUDIT_AUX_PIDS];
101101
kuid_t target_uid[AUDIT_AUX_PIDS];
102102
unsigned int target_sessionid[AUDIT_AUX_PIDS];
103-
u32 target_sid[AUDIT_AUX_PIDS];
103+
struct lsm_prop target_ref[AUDIT_AUX_PIDS];
104104
char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN];
105105
int pid_count;
106106
};
@@ -1019,7 +1019,7 @@ static void audit_reset_context(struct audit_context *ctx)
10191019
ctx->target_pid = 0;
10201020
ctx->target_auid = ctx->target_uid = KUIDT_INIT(0);
10211021
ctx->target_sessionid = 0;
1022-
ctx->target_sid = 0;
1022+
lsmprop_init(&ctx->target_ref);
10231023
ctx->target_comm[0] = '\0';
10241024
unroll_tree_refs(ctx, NULL, 0);
10251025
WARN_ON(!list_empty(&ctx->killed_trees));
@@ -1093,8 +1093,9 @@ static inline void audit_free_context(struct audit_context *context)
10931093
}
10941094

10951095
static int audit_log_pid_context(struct audit_context *context, pid_t pid,
1096-
kuid_t auid, kuid_t uid, unsigned int sessionid,
1097-
u32 sid, char *comm)
1096+
kuid_t auid, kuid_t uid,
1097+
unsigned int sessionid, struct lsm_prop *prop,
1098+
char *comm)
10981099
{
10991100
struct audit_buffer *ab;
11001101
char *ctx = NULL;
@@ -1108,8 +1109,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
11081109
audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid,
11091110
from_kuid(&init_user_ns, auid),
11101111
from_kuid(&init_user_ns, uid), sessionid);
1111-
if (sid) {
1112-
if (security_secid_to_secctx(sid, &ctx, &len)) {
1112+
if (lsmprop_is_set(prop)) {
1113+
if (security_lsmprop_to_secctx(prop, &ctx, &len)) {
11131114
audit_log_format(ab, " obj=(none)");
11141115
rc = 1;
11151116
} else {
@@ -1778,7 +1779,7 @@ static void audit_log_exit(void)
17781779
axs->target_auid[i],
17791780
axs->target_uid[i],
17801781
axs->target_sessionid[i],
1781-
axs->target_sid[i],
1782+
&axs->target_ref[i],
17821783
axs->target_comm[i]))
17831784
call_panic = 1;
17841785
}
@@ -1787,7 +1788,7 @@ static void audit_log_exit(void)
17871788
audit_log_pid_context(context, context->target_pid,
17881789
context->target_auid, context->target_uid,
17891790
context->target_sessionid,
1790-
context->target_sid, context->target_comm))
1791+
&context->target_ref, context->target_comm))
17911792
call_panic = 1;
17921793

17931794
if (context->pwd.dentry && context->pwd.mnt) {
@@ -2722,15 +2723,12 @@ int __audit_sockaddr(int len, void *a)
27222723
void __audit_ptrace(struct task_struct *t)
27232724
{
27242725
struct audit_context *context = audit_context();
2725-
struct lsm_prop prop;
27262726

27272727
context->target_pid = task_tgid_nr(t);
27282728
context->target_auid = audit_get_loginuid(t);
27292729
context->target_uid = task_uid(t);
27302730
context->target_sessionid = audit_get_sessionid(t);
2731-
security_task_getlsmprop_obj(t, &prop);
2732-
/* scaffolding */
2733-
context->target_sid = prop.scaffold.secid;
2731+
security_task_getlsmprop_obj(t, &context->target_ref);
27342732
memcpy(context->target_comm, t->comm, TASK_COMM_LEN);
27352733
}
27362734

@@ -2746,7 +2744,6 @@ int audit_signal_info_syscall(struct task_struct *t)
27462744
struct audit_aux_data_pids *axp;
27472745
struct audit_context *ctx = audit_context();
27482746
kuid_t t_uid = task_uid(t);
2749-
struct lsm_prop prop;
27502747

27512748
if (!audit_signals || audit_dummy_context())
27522749
return 0;
@@ -2758,9 +2755,7 @@ int audit_signal_info_syscall(struct task_struct *t)
27582755
ctx->target_auid = audit_get_loginuid(t);
27592756
ctx->target_uid = t_uid;
27602757
ctx->target_sessionid = audit_get_sessionid(t);
2761-
security_task_getlsmprop_obj(t, &prop);
2762-
/* scaffolding */
2763-
ctx->target_sid = prop.scaffold.secid;
2758+
security_task_getlsmprop_obj(t, &ctx->target_ref);
27642759
memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);
27652760
return 0;
27662761
}
@@ -2781,9 +2776,7 @@ int audit_signal_info_syscall(struct task_struct *t)
27812776
axp->target_auid[axp->pid_count] = audit_get_loginuid(t);
27822777
axp->target_uid[axp->pid_count] = t_uid;
27832778
axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t);
2784-
security_task_getlsmprop_obj(t, &prop);
2785-
/* scaffolding */
2786-
axp->target_sid[axp->pid_count] = prop.scaffold.secid;
2779+
security_task_getlsmprop_obj(t, &axp->target_ref[axp->pid_count]);
27872780
memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN);
27882781
axp->pid_count++;
27892782

0 commit comments

Comments
 (0)