1. 30 Apr, 2013 2 commits
  2. 16 Apr, 2013 1 commit
  3. 11 Apr, 2013 1 commit
    • Eric Paris's avatar
      Audit: do not print error when LSMs disabled · ad395abe
      Eric Paris authored
      RHBZ: 785936
      
      If the audit system collects a record about one process sending a signal
      to another process it includes in that collection the 'secid' or 'an int
      used to represet an LSM label.'  If there is no LSM enabled it will
      collect a 0.  The problem is that when we attempt to print that record
      we ask the LSM to convert the secid back to a string.  Since there is no
      LSM it returns EOPNOTSUPP.
      
      Most code in the audit system checks if the secid is 0 and does not
      print LSM info in that case.  The signal information code however forgot
      that check.  Thus users will see a message in syslog indicating that
      converting the sid to string failed.  Add the right check.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      ad395abe
  4. 10 Apr, 2013 4 commits
  5. 08 Apr, 2013 1 commit
  6. 11 Jan, 2013 2 commits
  7. 29 Nov, 2012 1 commit
  8. 24 Oct, 2012 1 commit
  9. 13 Oct, 2012 3 commits
    • Jeff Layton's avatar
      audit: make audit_inode take struct filename · adb5c247
      Jeff Layton authored
      Keep a pointer to the audit_names "slot" in struct filename.
      
      Have all of the audit_inode callers pass a struct filename ponter to
      audit_inode instead of a string pointer. If the aname field is already
      populated, then we can skip walking the list altogether and just use it
      directly.
      Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      adb5c247
    • Jeff Layton's avatar
      audit: allow audit code to satisfy getname requests from its names_list · 7ac86265
      Jeff Layton authored
      Currently, if we call getname() on a userland string more than once,
      we'll get multiple copies of the string and multiple audit_names
      records.
      
      Add a function that will allow the audit_names code to satisfy getname
      requests using info from the audit_names list, avoiding a new allocation
      and audit_names records.
      Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      7ac86265
    • Jeff Layton's avatar
      vfs: define struct filename and have getname() return it · 91a27b2a
      Jeff Layton authored
      getname() is intended to copy pathname strings from userspace into a
      kernel buffer. The result is just a string in kernel space. It would
      however be quite helpful to be able to attach some ancillary info to
      the string.
      
      For instance, we could attach some audit-related info to reduce the
      amount of audit-related processing needed. When auditing is enabled,
      we could also call getname() on the string more than once and not
      need to recopy it from userspace.
      
      This patchset converts the getname()/putname() interfaces to return
      a struct instead of a string. For now, the struct just tracks the
      string in kernel space and the original userland pointer for it.
      
      Later, we'll add other information to the struct as it becomes
      convenient.
      Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      91a27b2a
  10. 12 Oct, 2012 8 commits
  11. 09 Oct, 2012 1 commit
  12. 18 Sep, 2012 3 commits
    • Eric W. Biederman's avatar
      userns: Convert audit to work with user namespaces enabled · cca080d9
      Eric W. Biederman authored
      - Explicitly format uids gids in audit messges in the initial user
        namespace. This is safe because auditd is restrected to be in
        the initial user namespace.
      
      - Convert audit_sig_uid into a kuid_t.
      
      - Enable building the audit code and user namespaces at the same time.
      
      The net result is that the audit subsystem now uses kuid_t and kgid_t whenever
      possible making it almost impossible to confuse a raw uid_t with a kuid_t
      preventing bugs.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      cca080d9
    • Eric W. Biederman's avatar
      userns: Convert the audit loginuid to be a kuid · e1760bd5
      Eric W. Biederman authored
      Always store audit loginuids in type kuid_t.
      
      Print loginuids by converting them into uids in the appropriate user
      namespace, and then printing the resulting uid.
      
      Modify audit_get_loginuid to return a kuid_t.
      
      Modify audit_set_loginuid to take a kuid_t.
      
      Modify /proc/<pid>/loginuid on read to convert the loginuid into the
      user namespace of the opener of the file.
      
      Modify /proc/<pid>/loginud on write to convert the loginuid
      rom the user namespace of the opener of the file.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Cc: Paul Moore <paul@paul-moore.com> ?
      Cc: David Miller <davem@davemloft.net>
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      e1760bd5
    • Eric W. Biederman's avatar
      audit: Add typespecific uid and gid comparators · ca57ec0f
      Eric W. Biederman authored
      The audit filter code guarantees that uid are always compared with
      uids and gids are always compared with gids, as the comparason
      operations are type specific.  Take advantage of this proper to define
      audit_uid_comparator and audit_gid_comparator which use the type safe
      comparasons from uidgid.h.
      
      Build on audit_uid_comparator and audit_gid_comparator and replace
      audit_compare_id with audit_compare_uid and audit_compare_gid.  This
      is one of those odd cases where being type safe and duplicating code
      leads to simpler shorter and more concise code.
      
      Don't allow bitmask operations in uid and gid comparisons in
      audit_data_to_entry.  Bitmask operations are already denined in
      audit_rule_to_entry.
      
      Convert constants in audit_rule_to_entry and audit_data_to_entry into
      kuids and kgids when appropriate.
      
      Convert the uid and gid field in struct audit_names to be of type
      kuid_t and kgid_t respectively, so that the new uid and gid comparators
      can be applied in a type safe manner.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      ca57ec0f
  13. 12 Sep, 2012 1 commit
  14. 14 Apr, 2012 1 commit
  15. 23 Jan, 2012 1 commit
  16. 17 Jan, 2012 9 commits