mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-11-24 11:40:53 +07:00
audit: call audit_bprm() only once to add AUDIT_EXECVE information
Move the audit_bprm() call from search_binary_handler() to exec_binprm(). This allows us to get rid of the mm member of struct audit_aux_data_execve since bprm->mm will equal current->mm. This also mitigates the issue that ->argc could be modified by the load_binary() call in search_binary_handler(). audit_bprm() was being called to add an AUDIT_EXECVE record to the audit context every time search_binary_handler() was recursively called. Only one reference is necessary. Reported-by: Oleg Nesterov <onestero@redhat.com> Cc: Eric Paris <eparis@redhat.com> Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> --- This patch is against 3.11, but was developed on Oleg's post-3.11 patches that introduce exec_binprm().
This commit is contained in:
parent
d9cfea91e9
commit
9410d228a4
@ -1383,10 +1383,6 @@ int search_binary_handler(struct linux_binprm *bprm)
|
||||
if (retval)
|
||||
return retval;
|
||||
|
||||
retval = audit_bprm(bprm);
|
||||
if (retval)
|
||||
return retval;
|
||||
|
||||
/* Need to fetch pid before load_binary changes it */
|
||||
old_pid = current->pid;
|
||||
rcu_read_lock();
|
||||
@ -1408,6 +1404,7 @@ int search_binary_handler(struct linux_binprm *bprm)
|
||||
bprm->recursion_depth = depth;
|
||||
if (retval >= 0) {
|
||||
if (depth == 0) {
|
||||
audit_bprm(bprm);
|
||||
trace_sched_process_exec(current, old_pid, bprm);
|
||||
ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
|
||||
}
|
||||
|
@ -238,11 +238,10 @@ static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid
|
||||
if (unlikely(!audit_dummy_context()))
|
||||
__audit_ipc_set_perm(qbytes, uid, gid, mode);
|
||||
}
|
||||
static inline int audit_bprm(struct linux_binprm *bprm)
|
||||
static inline void audit_bprm(struct linux_binprm *bprm)
|
||||
{
|
||||
if (unlikely(!audit_dummy_context()))
|
||||
__audit_bprm(bprm);
|
||||
return 0;
|
||||
}
|
||||
static inline int audit_socketcall(int nargs, unsigned long *args)
|
||||
{
|
||||
@ -369,10 +368,8 @@ static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
|
||||
static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
|
||||
gid_t gid, umode_t mode)
|
||||
{ }
|
||||
static inline int audit_bprm(struct linux_binprm *bprm)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
static inline void audit_bprm(struct linux_binprm *bprm)
|
||||
{ }
|
||||
static inline int audit_socketcall(int nargs, unsigned long *args)
|
||||
{
|
||||
return 0;
|
||||
|
@ -199,7 +199,6 @@ struct audit_context {
|
||||
} mmap;
|
||||
struct {
|
||||
int argc;
|
||||
struct mm_struct *mm;
|
||||
} execve;
|
||||
};
|
||||
int fds[2];
|
||||
|
@ -1145,9 +1145,6 @@ static void audit_log_execve_info(struct audit_context *context,
|
||||
const char __user *p;
|
||||
char *buf;
|
||||
|
||||
if (context->execve.mm != current->mm)
|
||||
return; /* execve failed, no additional info */
|
||||
|
||||
p = (const char __user *)current->mm->arg_start;
|
||||
|
||||
audit_log_format(*ab, "argc=%d", context->execve.argc);
|
||||
@ -2144,7 +2141,6 @@ void __audit_bprm(struct linux_binprm *bprm)
|
||||
|
||||
context->type = AUDIT_EXECVE;
|
||||
context->execve.argc = bprm->argc;
|
||||
context->execve.mm = bprm->mm;
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user