mirror of
https://github.com/adulau/aha.git
synced 2024-12-28 03:36:19 +00:00
Merge git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: lsm: Use a compressed IPv6 string format in audit events Audit: send signal info if selinux is disabled Audit: rearrange audit_context to save 16 bytes per struct Audit: reorganize struct audit_watch to save 8 bytes
This commit is contained in:
commit
6d39b27f0a
4 changed files with 17 additions and 11 deletions
|
@ -855,18 +855,24 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case AUDIT_SIGNAL_INFO:
|
case AUDIT_SIGNAL_INFO:
|
||||||
err = security_secid_to_secctx(audit_sig_sid, &ctx, &len);
|
len = 0;
|
||||||
if (err)
|
if (audit_sig_sid) {
|
||||||
return err;
|
err = security_secid_to_secctx(audit_sig_sid, &ctx, &len);
|
||||||
|
if (err)
|
||||||
|
return err;
|
||||||
|
}
|
||||||
sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL);
|
sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL);
|
||||||
if (!sig_data) {
|
if (!sig_data) {
|
||||||
security_release_secctx(ctx, len);
|
if (audit_sig_sid)
|
||||||
|
security_release_secctx(ctx, len);
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
sig_data->uid = audit_sig_uid;
|
sig_data->uid = audit_sig_uid;
|
||||||
sig_data->pid = audit_sig_pid;
|
sig_data->pid = audit_sig_pid;
|
||||||
memcpy(sig_data->ctx, ctx, len);
|
if (audit_sig_sid) {
|
||||||
security_release_secctx(ctx, len);
|
memcpy(sig_data->ctx, ctx, len);
|
||||||
|
security_release_secctx(ctx, len);
|
||||||
|
}
|
||||||
audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
|
audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
|
||||||
0, 0, sig_data, sizeof(*sig_data) + len);
|
0, 0, sig_data, sizeof(*sig_data) + len);
|
||||||
kfree(sig_data);
|
kfree(sig_data);
|
||||||
|
|
|
@ -45,8 +45,8 @@
|
||||||
|
|
||||||
struct audit_watch {
|
struct audit_watch {
|
||||||
atomic_t count; /* reference count */
|
atomic_t count; /* reference count */
|
||||||
char *path; /* insertion path */
|
|
||||||
dev_t dev; /* associated superblock device */
|
dev_t dev; /* associated superblock device */
|
||||||
|
char *path; /* insertion path */
|
||||||
unsigned long ino; /* associated inode number */
|
unsigned long ino; /* associated inode number */
|
||||||
struct audit_parent *parent; /* associated parent */
|
struct audit_parent *parent; /* associated parent */
|
||||||
struct list_head wlist; /* entry in parent->watches list */
|
struct list_head wlist; /* entry in parent->watches list */
|
||||||
|
|
|
@ -168,12 +168,12 @@ struct audit_context {
|
||||||
int in_syscall; /* 1 if task is in a syscall */
|
int in_syscall; /* 1 if task is in a syscall */
|
||||||
enum audit_state state, current_state;
|
enum audit_state state, current_state;
|
||||||
unsigned int serial; /* serial number for record */
|
unsigned int serial; /* serial number for record */
|
||||||
struct timespec ctime; /* time of syscall entry */
|
|
||||||
int major; /* syscall number */
|
int major; /* syscall number */
|
||||||
|
struct timespec ctime; /* time of syscall entry */
|
||||||
unsigned long argv[4]; /* syscall arguments */
|
unsigned long argv[4]; /* syscall arguments */
|
||||||
int return_valid; /* return code is valid */
|
|
||||||
long return_code;/* syscall return code */
|
long return_code;/* syscall return code */
|
||||||
u64 prio;
|
u64 prio;
|
||||||
|
int return_valid; /* return code is valid */
|
||||||
int name_count;
|
int name_count;
|
||||||
struct audit_names names[AUDIT_NAMES];
|
struct audit_names names[AUDIT_NAMES];
|
||||||
char * filterkey; /* key for rule that triggered record */
|
char * filterkey; /* key for rule that triggered record */
|
||||||
|
@ -198,8 +198,8 @@ struct audit_context {
|
||||||
char target_comm[TASK_COMM_LEN];
|
char target_comm[TASK_COMM_LEN];
|
||||||
|
|
||||||
struct audit_tree_refs *trees, *first_trees;
|
struct audit_tree_refs *trees, *first_trees;
|
||||||
int tree_count;
|
|
||||||
struct list_head killed_trees;
|
struct list_head killed_trees;
|
||||||
|
int tree_count;
|
||||||
|
|
||||||
int type;
|
int type;
|
||||||
union {
|
union {
|
||||||
|
|
|
@ -187,7 +187,7 @@ static inline void print_ipv6_addr(struct audit_buffer *ab,
|
||||||
char *name1, char *name2)
|
char *name1, char *name2)
|
||||||
{
|
{
|
||||||
if (!ipv6_addr_any(addr))
|
if (!ipv6_addr_any(addr))
|
||||||
audit_log_format(ab, " %s=%pI6", name1, addr);
|
audit_log_format(ab, " %s=%pI6c", name1, addr);
|
||||||
if (port)
|
if (port)
|
||||||
audit_log_format(ab, " %s=%d", name2, ntohs(port));
|
audit_log_format(ab, " %s=%d", name2, ntohs(port));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue