linux-toradex.git/kernel/audit.c, branch tegra-10.9.9 Linux kernel for Apalis and Colibri modules Audit: send signal info if selinux is disabled 2009-09-24T07:50:26+00:00 Eric Paris eparis@redhat.com 2009-09-23T17:46:00+00:00 939cbf260c1abce6cad4b95ea4ba9f5132b660b3 Audit will not respond to signal requests if selinux is disabled since it is unable to translate the 0 sid from the sending process to a context. This patch just doesn't send the context info if there isn't any. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Audit will not respond to signal requests if selinux is disabled since it is
unable to translate the 0 sid from the sending process to a context.  This
patch just doesn't send the context info if there isn't any.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Fix rule eviction order for AUDIT_DIR 2009-06-24T04:02:38+00:00 Al Viro viro@zeniv.linux.org.uk 2009-06-24T04:02:38+00:00 916d75761c971b6e630a26bd4ba472e90ac9a4b9 If syscall removes the root of subtree being watched, we definitely do not want the rules refering that subtree to be destroyed without the syscall in question having a chance to match them. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
If syscall removes the root of subtree being watched, we
definitely do not want the rules refering that subtree
to be destroyed without the syscall in question having
a chance to match them.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Audit: clean up all op= output to include string quoting 2009-06-24T04:00:52+00:00 Eric Paris eparis@redhat.com 2009-06-11T18:31:37+00:00 9d9609851003ebed15957f0f2ce18492739ee124 A number of places in the audit system we send an op= followed by a string that includes spaces. Somehow this works but it's just wrong. This patch moves all of those that I could find to be quoted. Example: Change From: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1 subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op=remove rule key="number2" list=4 res=0 Change To: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1 subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op="remove rule" key="number2" list=4 res=0 Signed-off-by: Eric Paris <eparis@redhat.com> 
A number of places in the audit system we send an op= followed by a string
that includes spaces.  Somehow this works but it's just wrong.  This patch
moves all of those that I could find to be quoted.

Example:

Change From: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op=remove rule
key="number2" list=4 res=0

Change To: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op="remove rule"
key="number2" list=4 res=0

Signed-off-by: Eric Paris <eparis@redhat.com>
audit: seperate audit inode watches into a subfile 2009-06-24T03:50:59+00:00 Eric Paris eparis@redhat.com 2009-06-11T18:31:36+00:00 cfcad62c74abfef83762dc05a556d21bdf3980a2 In preparation for converting audit to use fsnotify instead of inotify we seperate the inode watching code into it's own file. This is similar to how the audit tree watching code is already seperated into audit_tree.c Signed-off-by: Eric Paris <eparis@redhat.com> 
In preparation for converting audit to use fsnotify instead of inotify we
seperate the inode watching code into it's own file.  This is similar to
how the audit tree watching code is already seperated into audit_tree.c

Signed-off-by: Eric Paris <eparis@redhat.com>
Audit: clean up audit_receive_skb 2009-06-24T03:50:40+00:00 Eric Paris eparis@redhat.com 2009-06-11T18:31:35+00:00 ea7ae60bfe39aeedfb29571c47280bf0067ee5f3 audit_receive_skb is hard to clearly parse what it is doing to the netlink message. Clean the function up so it is easy and clear to see what is going on. Signed-off-by: Eric Paris <eparis@redhat.com> 
audit_receive_skb is hard to clearly parse what it is doing to the netlink
message.  Clean the function up so it is easy and clear to see what is going
on.

Signed-off-by: Eric Paris <eparis@redhat.com>
Audit: cleanup netlink mesg handling 2009-06-24T03:50:39+00:00 Eric Paris eparis@redhat.com 2009-06-11T18:31:35+00:00 ee080e6ce93d5993390bccf68c1df5efd9351276 The audit handling of netlink messages is all over the place. Clean things up, use predetermined macros, generally make it more readable. Signed-off-by: Eric Paris <eparis@redhat.com> 
The audit handling of netlink messages is all over the place.  Clean things
up, use predetermined macros, generally make it more readable.

Signed-off-by: Eric Paris <eparis@redhat.com>
Audit: unify the printk of an skb when auditd not around 2009-06-24T03:50:37+00:00 Eric Paris eparis@redhat.com 2009-06-11T18:31:35+00:00 038cbcf65fd6a30c79e3917690b8c46321a27915 Remove code duplication of skb printk when auditd is not around in userspace to deal with this message. Signed-off-by: Eric Paris <eparis@redhat.com> 
Remove code duplication of skb printk when auditd is not around in userspace
to deal with this message.

Signed-off-by: Eric Paris <eparis@redhat.com>
Audit: remove spaces from audit_log_d_path 2009-04-05T17:49:04+00:00 Eric Paris eparis@redhat.com 2009-03-10T22:00:14+00:00 def57543418a5f47debae28a0a9dea2effc11692 audit_log_d_path had spaces in the strings which would be emitted on the error paths. This patch simply replaces those spaces with an _ or removes the needless spaces entirely. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
audit_log_d_path had spaces in the strings which would be emitted on the
error paths.  This patch simply replaces those spaces with an _ or removes
the needless spaces entirely.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
audit: ignore terminating NUL in AUDIT_USER_TTY messages 2009-04-05T17:43:36+00:00 Miloslav Trmac mitr@redhat.com 2009-03-19T13:52:47+00:00 55ad2f8d340678397de5916b9cd960f17ebd7150 AUDIT_USER_TTY, like all other messages sent from user-space, is sent NUL-terminated. Unlike other user-space audit messages, which come only from trusted sources, AUDIT_USER_TTY messages are processed using audit_log_n_untrustedstring(). This patch modifies AUDIT_USER_TTY handling to ignore the trailing NUL and use the "quoted_string" representation of the message if possible. Signed-off-by: Miloslav Trmac <mitr@redhat.com> Cc: Eric Paris <eparis@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
AUDIT_USER_TTY, like all other messages sent from user-space, is sent
NUL-terminated.  Unlike other user-space audit messages, which come only
from trusted sources, AUDIT_USER_TTY messages are processed using
audit_log_n_untrustedstring().

This patch modifies AUDIT_USER_TTY handling to ignore the trailing NUL
and use the "quoted_string" representation of the message if possible.

Signed-off-by: Miloslav Trmac <mitr@redhat.com>
Cc: Eric Paris <eparis@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Audit: fix handling of 'strings' with NULL characters 2009-04-05T17:43:24+00:00 Miloslav Trmac mitr@redhat.com 2009-03-19T13:48:27+00:00 b3897f567100d18e0597f638b911d23aa5e0dd23 currently audit_log_n_untrustedstring() uses audit_string_contains_control() to check if the 'string' has any control characters. If the 'string' has an embedded NULL audit_string_contains_control() will return that the data has no control characters and will then pass the string to audit_log_n_string with the total length, not the length up to the first NULL. audit_log_n_string() does a memcpy of the entire length and so the actual audit record emitted may then contain a NULL and then whatever random memory is after the NULL. Since we want to log the entire octet stream (if we can't trust the data to be a string we can't trust that a NULL isn't actually a part of it) we should just consider NULL as a control character. If the caller is certain they want to stop at the first NULL they should be using audit_log_untrustedstring. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
currently audit_log_n_untrustedstring() uses audit_string_contains_control()
to check if the 'string' has any control characters.  If the 'string' has an
embedded NULL audit_string_contains_control() will return that the data has
no control characters and will then pass the string to audit_log_n_string
with the total length, not the length up to the first NULL.
audit_log_n_string() does a memcpy of the entire length and so the actual
audit record emitted may then contain a NULL and then whatever random memory
is after the NULL.

Since we want to log the entire octet stream (if we can't trust the data
to be a string we can't trust that a NULL isn't actually a part of it)
we should just consider NULL as a control character.  If the caller is
certain they want to stop at the first NULL they should be using
audit_log_untrustedstring.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>