[RFC][PATCH] add security label to user messages

Timothy R. Chavez tinytim at us.ibm.com
Sat Jan 14 00:49:09 UTC 2006


Hello,

This is a quicky patch to add security label info to user messages,
please take a look over it and let me know if there are objections.
Thanks.

-tim

diff --git a/kernel/audit.c b/kernel/audit.c
index d95efd6..576078b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -54,6 +54,7 @@
 #include <net/sock.h>
 #include <linux/skbuff.h>
 #include <linux/netlink.h>
+#include <linux/sched.h>
 
 /* No auditing will take place until audit_initialized != 0.
  * (Initialization happens after skb_init is called.) */
@@ -136,6 +137,8 @@ struct audit_buffer {
 	gfp_t		     gfp_mask;
 };
 
+extern void audit_log_task_context(struct task_struct *tsk, struct audit_buffer *ab);
+
 static void audit_set_pid(struct audit_buffer *ab, pid_t pid)
 {
 	struct nlmsghdr *nlh = (struct nlmsghdr *)ab->skb->data;
@@ -391,6 +394,7 @@ static int audit_receive_msg(struct sk_b
 	u16			msg_type = nlh->nlmsg_type;
 	uid_t			loginuid; /* loginuid of sender */
 	struct audit_sig_info   sig_data;
+	struct task_struct	*tsk;
 
 	err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type);
 	if (err)
@@ -464,6 +468,13 @@ static int audit_receive_msg(struct sk_b
 						 "user pid=%d uid=%u auid=%u msg='%.1024s'",
 						 pid, uid, loginuid, (char *)data);
 				audit_set_pid(ab, pid);
+				read_lock(&tasklist_lock);
+				tsk = find_task_by_pid(pid);
+				if (tsk)
+					get_task_struct(tsk);
+				read_unlock(&tasklist_lock);
+				audit_log_task_context(tsk, ab);
+				put_task_struct(tsk);
 				audit_log_end(ab);
 			}
 		}
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 8f0a61c..689bac3 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -503,12 +503,12 @@ static inline void audit_free_context(st
 		printk(KERN_ERR "audit: freed %d contexts\n", count);
 }
 
-static void audit_log_task_context(struct audit_buffer *ab)
+void audit_log_task_context(struct task_struct *tsk, struct audit_buffer *ab)
 {
 	char *ctx = NULL;
 	ssize_t len = 0;
 
-	len = security_getprocattr(current, "current", NULL, 0);
+	len = security_getprocattr(tsk, "current", NULL, 0);
 	if (len < 0) {
 		if (len != -EINVAL)
 			goto error_path;
@@ -519,7 +519,7 @@ static void audit_log_task_context(struc
 	if (!ctx)
 		goto error_path;
 
-	len = security_getprocattr(current, "current", ctx, len);
+	len = security_getprocattr(tsk, "current", ctx, len);
 	if (len < 0 )
 		goto error_path;
 
@@ -559,7 +559,7 @@ static void audit_log_task_info(struct a
 		vma = vma->vm_next;
 	}
 	up_read(&mm->mmap_sem);
-	audit_log_task_context(ab);
+	audit_log_task_context(current, ab);
 }
 
 static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask)





More information about the Linux-audit mailing list