Skip to content

Commit

Permalink
---
Browse files Browse the repository at this point in the history
yaml
---
r: 8863
b: refs/heads/master
c: f6a789d
h: refs/heads/master
i:
  8861: e75d213
  8859: 9c6c985
  8855: e8dcd59
  8847: 0b05324
  8831: 31da5f0
v: v3
  • Loading branch information
David Woodhouse committed Jun 21, 2005
1 parent 9498a33 commit 1fb9314
Show file tree
Hide file tree
Showing 4 changed files with 48 additions and 10 deletions.
2 changes: 1 addition & 1 deletion [refs]
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
refs/heads/master: ae7b961b1c943367dfe179411f120d7bf8eaba89
refs/heads/master: f6a789d19858a951e7ff9e297a44b377c21b6c33
1 change: 1 addition & 0 deletions trunk/include/linux/audit.h
Original file line number Diff line number Diff line change
Expand Up @@ -281,6 +281,7 @@ extern void audit_send_reply(int pid, int seq, int type,
int done, int multi,
void *payload, int size);
extern void audit_log_lost(const char *message);
extern struct semaphore audit_netlink_sem;
#else
#define audit_log(c,t,f,...) do { ; } while (0)
#define audit_log_start(c,t) ({ NULL; })
Expand Down
2 changes: 1 addition & 1 deletion trunk/kernel/audit.c
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
/* The netlink socket is only to be read by 1 CPU, which lets us assume
* that list additions and deletions never happen simultaneously in
* auditsc.c */
static DECLARE_MUTEX(audit_netlink_sem);
DECLARE_MUTEX(audit_netlink_sem);

/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
* audit records. Since printk uses a 1024 byte buffer, this buffer
Expand Down
53 changes: 45 additions & 8 deletions trunk/kernel/auditsc.c
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
#include <linux/audit.h>
#include <linux/personality.h>
#include <linux/time.h>
#include <linux/kthread.h>
#include <asm/unistd.h>

/* 0 = no checking
Expand Down Expand Up @@ -281,24 +282,60 @@ static int audit_copy_rule(struct audit_rule *d, struct audit_rule *s)
return 0;
}

static int audit_list_rules(void *_dest)
{
int pid, seq;
int *dest = _dest;
struct audit_entry *entry;
int i;

pid = dest[0];
seq = dest[1];
kfree(dest);

down(&audit_netlink_sem);

/* The *_rcu iterators not needed here because we are
always called with audit_netlink_sem held. */
for (i=0; i<AUDIT_NR_FILTERS; i++) {
list_for_each_entry(entry, &audit_filter_list[i], list)
audit_send_reply(pid, seq, AUDIT_LIST, 0, 1,
&entry->rule, sizeof(entry->rule));
}
audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);

up(&audit_netlink_sem);
return 0;
}

int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
uid_t loginuid)
{
struct audit_entry *entry;
struct task_struct *tsk;
int *dest;
int err = 0;
int i;
unsigned listnr;

switch (type) {
case AUDIT_LIST:
/* The *_rcu iterators not needed here because we are
always called with audit_netlink_sem held. */
for (i=0; i<AUDIT_NR_FILTERS; i++) {
list_for_each_entry(entry, &audit_filter_list[i], list)
audit_send_reply(pid, seq, AUDIT_LIST, 0, 1,
&entry->rule, sizeof(entry->rule));
/* We can't just spew out the rules here because we might fill
* the available socket buffer space and deadlock waiting for
* auditctl to read from it... which isn't ever going to
* happen if we're actually running in the context of auditctl
* trying to _send_ the stuff */

dest = kmalloc(2 * sizeof(int), GFP_KERNEL);
if (!dest)
return -ENOMEM;
dest[0] = pid;
dest[1] = seq;

tsk = kthread_run(audit_list_rules, dest, "audit_list_rules");
if (IS_ERR(tsk)) {
kfree(dest);
err = PTR_ERR(tsk);
}
audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
break;
case AUDIT_ADD:
if (!(entry = kmalloc(sizeof(*entry), GFP_KERNEL)))
Expand Down

0 comments on commit 1fb9314

Please sign in to comment.