Merge branch 'audit.b54' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit...
authorLinus Torvalds <torvalds@linux-foundation.org>
Fri, 1 Aug 2008 18:23:09 +0000 (11:23 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Fri, 1 Aug 2008 18:23:09 +0000 (11:23 -0700)
* 'audit.b54' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
  [PATCH] Fix the bug of using AUDIT_STATUS_RATE_LIMIT when set fail, no error output.
  [PATCH] Fix the kernel panic of audit_filter_task when key field is set
  Re: [PATCH] the loginuid field should be output in all AUDIT_CONFIG_CHANGE audit messages
  kernel/audit.c control character detection is off-by-one
  [PATCH] Audit: Collect signal info when SIGUSR2 is sent to auditd

kernel/audit.c
kernel/auditfilter.c
kernel/auditsc.c

index e092f1c..4414e93 100644 (file)
@@ -707,12 +707,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                if (status_get->mask & AUDIT_STATUS_ENABLED) {
                        err = audit_set_enabled(status_get->enabled,
                                                loginuid, sessionid, sid);
-                       if (err < 0) return err;
+                       if (err < 0)
+                               return err;
                }
                if (status_get->mask & AUDIT_STATUS_FAILURE) {
                        err = audit_set_failure(status_get->failure,
                                                loginuid, sessionid, sid);
-                       if (err < 0) return err;
+                       if (err < 0)
+                               return err;
                }
                if (status_get->mask & AUDIT_STATUS_PID) {
                        int new_pid = status_get->pid;
@@ -725,9 +727,12 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                        audit_pid = new_pid;
                        audit_nlk_pid = NETLINK_CB(skb).pid;
                }
-               if (status_get->mask & AUDIT_STATUS_RATE_LIMIT)
+               if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {
                        err = audit_set_rate_limit(status_get->rate_limit,
                                                   loginuid, sessionid, sid);
+                       if (err < 0)
+                               return err;
+               }
                if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
                        err = audit_set_backlog_limit(status_get->backlog_limit,
                                                      loginuid, sessionid, sid);
@@ -1366,7 +1371,7 @@ int audit_string_contains_control(const char *string, size_t len)
 {
        const unsigned char *p;
        for (p = string; p < (const unsigned char *)string + len && *p; p++) {
-               if (*p == '"' || *p < 0x21 || *p > 0x7f)
+               if (*p == '"' || *p < 0x21 || *p > 0x7e)
                        return 1;
        }
        return 0;
index 98c50cc..b7d354e 100644 (file)
@@ -1022,8 +1022,11 @@ static void audit_update_watch(struct audit_parent *parent,
                        struct audit_buffer *ab;
                        ab = audit_log_start(NULL, GFP_KERNEL,
                                AUDIT_CONFIG_CHANGE);
+                       audit_log_format(ab, "auid=%u ses=%u",
+                               audit_get_loginuid(current),
+                               audit_get_sessionid(current));
                        audit_log_format(ab,
-                               "op=updated rules specifying path=");
+                               " op=updated rules specifying path=");
                        audit_log_untrustedstring(ab, owatch->path);
                        audit_log_format(ab, " with dev=%u ino=%lu\n",
                                 dev, ino);
@@ -1058,7 +1061,10 @@ static void audit_remove_parent_watches(struct audit_parent *parent)
                                struct audit_buffer *ab;
                                ab = audit_log_start(NULL, GFP_KERNEL,
                                        AUDIT_CONFIG_CHANGE);
-                               audit_log_format(ab, "op=remove rule path=");
+                               audit_log_format(ab, "auid=%u ses=%u",
+                                       audit_get_loginuid(current),
+                                       audit_get_sessionid(current));
+                               audit_log_format(ab, " op=remove rule path=");
                                audit_log_untrustedstring(ab, w->path);
                                if (r->filterkey) {
                                        audit_log_format(ab, " key=");
index 4699950..496c3dd 100644 (file)
@@ -610,7 +610,7 @@ static int audit_filter_rules(struct task_struct *tsk,
                if (!result)
                        return 0;
        }
-       if (rule->filterkey)
+       if (rule->filterkey && ctx)
                ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC);
        switch (rule->action) {
        case AUDIT_NEVER:    *state = AUDIT_DISABLED;       break;
@@ -2375,7 +2375,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
        struct audit_context *ctx = tsk->audit_context;
 
        if (audit_pid && t->tgid == audit_pid) {
-               if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1) {
+               if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) {
                        audit_sig_pid = tsk->pid;
                        if (tsk->loginuid != -1)
                                audit_sig_uid = tsk->loginuid;