diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-02-02 08:37:03 +1100 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-02-02 08:37:03 +1100 |
| commit | dd5f5fed6c9458a7aa81eeef3732cc3a9891cfdf (patch) | |
| tree | 06b81942dc218763889efe65faf08aeb23e71f03 /net | |
| parent | 3e01dfce1387f8bec41018f0d7b42fd88ad4163f (diff) | |
| parent | 7759db82774802885f96c250b36c3dfe317e62ff (diff) | |
Merge branch 'audit.b46' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b46' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[AUDIT] Add uid, gid fields to ANOM_PROMISCUOUS message
[AUDIT] ratelimit printk messages audit
[patch 2/2] audit: complement va_copy with va_end()
[patch 1/2] kernel/audit.c: warning fix
[AUDIT] create context if auditing was ever enabled
[AUDIT] clean up audit_receive_msg()
[AUDIT] make audit=0 really stop audit messages
[AUDIT] break large execve argument logging into smaller messages
[AUDIT] include audit type in audit message when using printk
[AUDIT] do not panic on exclude messages in audit_log_pid_context()
[AUDIT] Add End of Event record
[AUDIT] add session id to audit messages
[AUDIT] collect uid, loginuid, and comm in OBJ_PID records
[AUDIT] return EINTR not ERESTART*
[PATCH] get rid of loginuid races
[PATCH] switch audit_get_loginuid() to task_struct *
Diffstat (limited to 'net')
| -rw-r--r-- | net/core/dev.c | 15 | ||||
| -rw-r--r-- | net/key/af_key.c | 14 | ||||
| -rw-r--r-- | net/netlink/af_netlink.c | 2 | ||||
| -rw-r--r-- | net/xfrm/xfrm_state.c | 2 |
4 files changed, 18 insertions, 15 deletions
diff --git a/net/core/dev.c b/net/core/dev.c index edaff2720e10..9549417250bb 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -2752,12 +2752,15 @@ static void __dev_set_promiscuity(struct net_device *dev, int inc) printk(KERN_INFO "device %s %s promiscuous mode\n", dev->name, (dev->flags & IFF_PROMISC) ? "entered" : "left"); - audit_log(current->audit_context, GFP_ATOMIC, - AUDIT_ANOM_PROMISCUOUS, - "dev=%s prom=%d old_prom=%d auid=%u", - dev->name, (dev->flags & IFF_PROMISC), - (old_flags & IFF_PROMISC), - audit_get_loginuid(current->audit_context)); + if (audit_enabled) + audit_log(current->audit_context, GFP_ATOMIC, + AUDIT_ANOM_PROMISCUOUS, + "dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u", + dev->name, (dev->flags & IFF_PROMISC), + (old_flags & IFF_PROMISC), + audit_get_loginuid(current), + current->uid, current->gid, + audit_get_sessionid(current)); if (dev->change_rx_flags) dev->change_rx_flags(dev, IFF_PROMISC); diff --git a/net/key/af_key.c b/net/key/af_key.c index 16b72b5570c3..45c3c27d279a 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -1466,7 +1466,7 @@ static int pfkey_add(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, err = xfrm_state_update(x); xfrm_audit_state_add(x, err ? 0 : 1, - audit_get_loginuid(current->audit_context), 0); + audit_get_loginuid(current), 0); if (err < 0) { x->km.state = XFRM_STATE_DEAD; @@ -1520,7 +1520,7 @@ static int pfkey_delete(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h km_state_notify(x, &c); out: xfrm_audit_state_delete(x, err ? 0 : 1, - audit_get_loginuid(current->audit_context), 0); + audit_get_loginuid(current), 0); xfrm_state_put(x); return err; @@ -1695,7 +1695,7 @@ static int pfkey_flush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hd if (proto == 0) return -EINVAL; - audit_info.loginuid = audit_get_loginuid(current->audit_context); + audit_info.loginuid = audit_get_loginuid(current); audit_info.secid = 0; err = xfrm_state_flush(proto, &audit_info); if (err) @@ -2273,7 +2273,7 @@ static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h hdr->sadb_msg_type != SADB_X_SPDUPDATE); xfrm_audit_policy_add(xp, err ? 0 : 1, - audit_get_loginuid(current->audit_context), 0); + audit_get_loginuid(current), 0); if (err) goto out; @@ -2356,7 +2356,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg return -ENOENT; xfrm_audit_policy_delete(xp, err ? 0 : 1, - audit_get_loginuid(current->audit_context), 0); + audit_get_loginuid(current), 0); if (err) goto out; @@ -2617,7 +2617,7 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h if (delete) { xfrm_audit_policy_delete(xp, err ? 0 : 1, - audit_get_loginuid(current->audit_context), 0); + audit_get_loginuid(current), 0); if (err) goto out; @@ -2694,7 +2694,7 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg struct xfrm_audit audit_info; int err; - audit_info.loginuid = audit_get_loginuid(current->audit_context); + audit_info.loginuid = audit_get_loginuid(current); audit_info.secid = 0; err = xfrm_policy_flush(XFRM_POLICY_TYPE_MAIN, &audit_info); if (err) diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index ff9fb6ba0c5c..1ab0da2632e1 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1238,7 +1238,7 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock, NETLINK_CB(skb).pid = nlk->pid; NETLINK_CB(skb).dst_group = dst_group; - NETLINK_CB(skb).loginuid = audit_get_loginuid(current->audit_context); + NETLINK_CB(skb).loginuid = audit_get_loginuid(current); selinux_get_task_sid(current, &(NETLINK_CB(skb).sid)); memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred)); diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 3ff76e84d548..7ba65e82941c 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -493,7 +493,7 @@ expired: km_state_expired(x, 1, 0); xfrm_audit_state_delete(x, err ? 0 : 1, - audit_get_loginuid(current->audit_context), 0); + audit_get_loginuid(current), 0); out: spin_unlock(&x->lock); |