[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/kernel/FC-4 linux-2.6.13-rc3-audit-git.patch,1.1,1.2



Author: dwmw2

Update of /cvs/dist/rpms/kernel/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv23565

Modified Files:
	linux-2.6.13-rc3-audit-git.patch 
Log Message:
today's updates

linux-2.6.13-rc3-audit-git.patch:
 MAINTAINERS                    |    8 +
 fs/namei.c                     |    2 
 include/linux/audit.h          |   36 ++++--
 kernel/audit.c                 |  102 ++++++++++++------
 kernel/auditsc.c               |  227 +++++++++++++++++++++++++++++------------
 security/selinux/avc.c         |    4 
 security/selinux/hooks.c       |    2 
 security/selinux/ss/services.c |    4 
 8 files changed, 271 insertions(+), 114 deletions(-)

Index: linux-2.6.13-rc3-audit-git.patch
===================================================================
RCS file: /cvs/dist/rpms/kernel/FC-4/linux-2.6.13-rc3-audit-git.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- linux-2.6.13-rc3-audit-git.patch	13 Jul 2005 15:22:20 -0000	1.1
+++ linux-2.6.13-rc3-audit-git.patch	14 Jul 2005 13:42:06 -0000	1.2
@@ -270,6 +270,15 @@
  	return 0;
  }
  __initcall(audit_init);
+@@ -560,7 +564,7 @@ static void audit_buffer_free(struct aud
+ }
+ 
+ static struct audit_buffer * audit_buffer_alloc(struct audit_context *ctx,
+-						int gfp_mask, int type)
++						unsigned int __nocast gfp_mask, int type)
+ {
+ 	unsigned long flags;
+ 	struct audit_buffer *ab = NULL;
 @@ -586,6 +590,7 @@ static struct audit_buffer * audit_buffe
  		goto err;
  
@@ -385,16 +394,17 @@
 diff --git a/kernel/auditsc.c b/kernel/auditsc.c
 --- a/kernel/auditsc.c
 +++ b/kernel/auditsc.c
-@@ -39,6 +39,8 @@
+@@ -39,6 +39,9 @@
  #include <linux/audit.h>
  #include <linux/personality.h>
  #include <linux/time.h>
 +#include <linux/kthread.h>
 +#include <linux/netlink.h>
++#include <linux/compiler.h>
  #include <asm/unistd.h>
  
  /* 0 = no checking
-@@ -95,6 +97,7 @@ struct audit_names {
+@@ -95,6 +98,7 @@ struct audit_names {
  	uid_t		uid;
  	gid_t		gid;
  	dev_t		rdev;
@@ -402,7 +412,7 @@
  };
  
  struct audit_aux_data {
-@@ -167,9 +170,16 @@ struct audit_context {
+@@ -167,9 +171,16 @@ struct audit_context {
  /* There are three lists of rules -- one to search at task creation
   * time, one to search at syscall entry time, and another to search at
   * syscall exit time. */
@@ -422,7 +432,7 @@
  
  struct audit_entry {
  	struct list_head  list;
-@@ -210,16 +220,15 @@ static int audit_compare_rule(struct aud
+@@ -210,16 +221,15 @@ static int audit_compare_rule(struct aud
  /* Note that audit_add_rule and audit_del_rule are called via
   * audit_receive() in audit.c, and are protected by
   * audit_netlink_sem. */
@@ -443,7 +453,7 @@
  }
  
  static void audit_free_rule(struct rcu_head *head)
-@@ -245,7 +254,7 @@ static inline int audit_del_rule(struct 
+@@ -245,7 +255,7 @@ static inline int audit_del_rule(struct 
  			return 0;
  		}
  	}
@@ -452,7 +462,7 @@
  }
  
  /* Copy rule from user-space to kernel-space.  Called during
-@@ -260,6 +269,8 @@ static int audit_copy_rule(struct audit_
+@@ -260,6 +270,8 @@ static int audit_copy_rule(struct audit_
  		return -1;
  	if (s->field_count < 0 || s->field_count > AUDIT_MAX_FIELDS)
  		return -1;
@@ -461,7 +471,7 @@
  
  	d->flags	= s->flags;
  	d->action	= s->action;
-@@ -272,27 +283,60 @@ static int audit_copy_rule(struct audit_
+@@ -272,27 +284,60 @@ static int audit_copy_rule(struct audit_
  	return 0;
  }
  
@@ -535,7 +545,7 @@
  		break;
  	case AUDIT_ADD:
  		if (!(entry = kmalloc(sizeof(*entry), GFP_KERNEL)))
-@@ -301,26 +345,20 @@ int audit_receive_filter(int type, int p
+@@ -301,26 +346,20 @@ int audit_receive_filter(int type, int p
  			kfree(entry);
  			return -EINVAL;
  		}
@@ -573,7 +583,7 @@
  		break;
  	default:
  		return -EINVAL;
-@@ -454,7 +492,7 @@ static enum audit_state audit_filter_tas
+@@ -454,7 +493,7 @@ static enum audit_state audit_filter_tas
  	enum audit_state   state;
  
  	rcu_read_lock();
@@ -582,17 +592,17 @@
  		if (audit_filter_rules(tsk, &e->rule, NULL, &state)) {
  			rcu_read_unlock();
  			return state;
-@@ -478,6 +516,9 @@ static enum audit_state audit_filter_sys
+@@ -478,6 +517,9 @@ static enum audit_state audit_filter_sys
  	int		   word = AUDIT_WORD(ctx->major);
  	int		   bit  = AUDIT_BIT(ctx->major);
  
-+	if (audit_pid && tsk->pid == audit_pid)
++	if (audit_pid && tsk->tgid == audit_pid)
 +		return AUDIT_DISABLED;
 +
  	rcu_read_lock();
  	list_for_each_entry_rcu(e, list, list) {
  		if ((e->rule.mask[word] & bit) == bit
-@@ -490,6 +531,64 @@ static enum audit_state audit_filter_sys
+@@ -490,6 +532,64 @@ static enum audit_state audit_filter_sys
  	return AUDIT_BUILD_CONTEXT;
  }
  
@@ -657,7 +667,7 @@
  /* This should be called with task_lock() held. */
  static inline struct audit_context *audit_get_context(struct task_struct *tsk,
  						      int return_valid,
-@@ -504,7 +603,7 @@ static inline struct audit_context *audi
+@@ -504,7 +604,7 @@ static inline struct audit_context *audi
  
  	if (context->in_syscall && !context->auditable) {
  		enum audit_state state;
@@ -666,16 +676,23 @@
  		if (state == AUDIT_RECORD_CONTEXT)
  			context->auditable = 1;
  	}
-@@ -685,7 +784,7 @@ static void audit_log_exit(struct audit_
+@@ -679,13 +779,13 @@ static void audit_log_task_info(struct a
+ 	up_read(&mm->mmap_sem);
+ }
+ 
+-static void audit_log_exit(struct audit_context *context)
++static void audit_log_exit(struct audit_context *context, unsigned int gfp_mask)
+ {
+ 	int i;
  	struct audit_buffer *ab;
  	struct audit_aux_data *aux;
  
 -	ab = audit_log_start(context, AUDIT_SYSCALL);
-+	ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL);
++	ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL);
  	if (!ab)
  		return;		/* audit_panic has been called */
  	audit_log_format(ab, "arch=%x syscall=%d",
-@@ -717,7 +816,7 @@ static void audit_log_exit(struct audit_
+@@ -717,7 +817,7 @@ static void audit_log_exit(struct audit_
  
  	for (aux = context->aux; aux; aux = aux->next) {
  
@@ -684,7 +701,7 @@
  		if (!ab)
  			continue; /* audit_panic has been called */
  
-@@ -754,14 +853,14 @@ static void audit_log_exit(struct audit_
+@@ -754,14 +854,14 @@ static void audit_log_exit(struct audit_
  	}
  
  	if (context->pwd && context->pwdmnt) {
@@ -701,7 +718,7 @@
  		if (!ab)
  			continue; /* audit_panic has been called */
  
-@@ -770,6 +869,8 @@ static void audit_log_exit(struct audit_
+@@ -770,6 +870,8 @@ static void audit_log_exit(struct audit_
  			audit_log_format(ab, " name=");
  			audit_log_untrustedstring(ab, context->names[i].name);
  		}
@@ -710,16 +727,22 @@
  		if (context->names[i].ino != (unsigned long)-1)
  			audit_log_format(ab, " inode=%lu dev=%02x:%02x mode=%#o"
  					     " ouid=%u ogid=%u rdev=%02x:%02x",
-@@ -800,7 +901,7 @@ void audit_free(struct task_struct *tsk)
+@@ -799,9 +901,11 @@ void audit_free(struct task_struct *tsk)
+ 		return;
  
  	/* Check for system calls that do not go through the exit
- 	 * function (e.g., exit_group), then free context block. */
+-	 * function (e.g., exit_group), then free context block. */
 -	if (context->in_syscall && context->auditable && context->pid != audit_pid)
+-		audit_log_exit(context);
++	 * function (e.g., exit_group), then free context block. 
++	 * We use GFP_ATOMIC here because we might be doing this 
++	 * in the context of the idle thread */
 +	if (context->in_syscall && context->auditable)
- 		audit_log_exit(context);
++		audit_log_exit(context, GFP_ATOMIC);
  
  	audit_free_context(context);
-@@ -876,7 +977,7 @@ void audit_syscall_entry(struct task_str
+ }
+@@ -876,7 +980,7 @@ void audit_syscall_entry(struct task_str
  
  	state = context->state;
  	if (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT)
@@ -728,16 +751,18 @@
  	if (likely(state == AUDIT_DISABLED))
  		return;
  
-@@ -905,7 +1006,7 @@ void audit_syscall_exit(struct task_stru
+@@ -905,8 +1009,8 @@ void audit_syscall_exit(struct task_stru
  	if (likely(!context))
  		return;
  
 -	if (context->in_syscall && context->auditable && context->pid != audit_pid)
+-		audit_log_exit(context);
 +	if (context->in_syscall && context->auditable)
- 		audit_log_exit(context);
++		audit_log_exit(context, GFP_KERNEL);
  
  	context->in_syscall = 0;
-@@ -996,7 +1097,7 @@ void audit_putname(const char *name)
+ 	context->auditable  = 0;
+@@ -996,7 +1100,7 @@ void audit_putname(const char *name)
  
  /* Store the inode and device from a lookup.  Called from
   * fs/namei.c:path_lookup(). */
@@ -746,7 +771,7 @@
  {
  	int idx;
  	struct audit_context *context = current->audit_context;
-@@ -1022,12 +1123,13 @@ void audit_inode(const char *name, const
+@@ -1022,12 +1126,13 @@ void audit_inode(const char *name, const
  		++context->ino_count;
  #endif
  	}
@@ -766,7 +791,7 @@
  }
  
  void auditsc_get_stamp(struct audit_context *ctx,
-@@ -1044,7 +1146,7 @@ int audit_set_loginuid(struct task_struc
+@@ -1044,7 +1149,7 @@ int audit_set_loginuid(struct task_struc
  	if (task->audit_context) {
  		struct audit_buffer *ab;
  
@@ -775,6 +800,15 @@
  		if (ab) {
  			audit_log_format(ab, "login pid=%d uid=%u "
  				"old auid=%u new auid=%u",
+@@ -1153,7 +1258,7 @@ void audit_signal_info(int sig, struct t
+ 	extern pid_t audit_sig_pid;
+ 	extern uid_t audit_sig_uid;
+ 
+-	if (unlikely(audit_pid && t->pid == audit_pid)) {
++	if (unlikely(audit_pid && t->tgid == audit_pid)) {
+ 		if (sig == SIGTERM || sig == SIGHUP) {
+ 			struct audit_context *ctx = current->audit_context;
+ 			audit_sig_pid = current->pid;
 diff --git a/security/selinux/avc.c b/security/selinux/avc.c
 --- a/security/selinux/avc.c
 +++ b/security/selinux/avc.c


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]