• Richard Guy Briggs's avatar
    audit: use supplied gfp_mask from audit_buffer in kauditd_send_multicast_skb · 1110f350
    Richard Guy Briggs authored
    commit 54dc77d9 upstream.
    
    Eric Paris explains: Since kauditd_send_multicast_skb() gets called in
    audit_log_end(), which can come from any context (aka even a sleeping context)
    GFP_KERNEL can't be used.  Since the audit_buffer knows what context it should
    use, pass that down and use that.
    
    See: https://lkml.org/lkml/2014/12/16/542
    
    BUG: sleeping function called from invalid context at mm/slab.c:2849
    in_atomic(): 1, irqs_disabled(): 0, pid: 885, name: sulogin
    2 locks held by sulogin/885:
      #0:  (&sig->cred_guard_mutex){+.+.+.}, at: [<ffffffff91152e30>] prepare_bprm_creds+0x28/0x8b
      #1:  (tty_files_lock){+.+.+.}, at: [<ffffffff9123e787>] selinux_bprm_committing_creds+0x55/0x22b
    CPU: 1 PID: 885 Comm: sulogin Not tainted 3.18.0-next-20141216 #30
    Hardware name: Dell Inc. Latitude E6530/07Y85M, BIOS A15 06/20/2014
      ffff880223744f10 ffff88022410f9b8 ffffffff916ba529 0000000000000375
      ffff880223744f10 ffff88022410f9e8 ffffffff91063185 0000000000000006
      0000000000000000 0000000000000000 0000000000000000 ffff88022410fa38
    Call Trace:
      [<ffffffff916ba529>] dump_stack+0x50/0xa8
      [<ffffffff91063185>] ___might_sleep+0x1b6/0x1be
      [<ffffffff910632a6>] __might_sleep+0x119/0x128
      [<ffffffff91140720>] cache_alloc_debugcheck_before.isra.45+0x1d/0x1f
      [<ffffffff91141d81>] kmem_cache_alloc+0x43/0x1c9
      [<ffffffff914e148d>] __alloc_skb+0x42/0x1a3
      [<ffffffff914e2b62>] skb_copy+0x3e/0xa3
      [<ffffffff910c263e>] audit_log_end+0x83/0x100
      [<ffffffff9123b8d3>] ? avc_audit_pre_callback+0x103/0x103
      [<ffffffff91252a73>] common_lsm_audit+0x441/0x450
      [<ffffffff9123c163>] slow_avc_audit+0x63/0x67
      [<ffffffff9123c42c>] avc_has_perm+0xca/0xe3
      [<ffffffff9123dc2d>] inode_has_perm+0x5a/0x65
      [<ffffffff9123e7ca>] selinux_bprm_committing_creds+0x98/0x22b
      [<ffffffff91239e64>] security_bprm_committing_creds+0xe/0x10
      [<ffffffff911515e6>] install_exec_creds+0xe/0x79
      [<ffffffff911974cf>] load_elf_binary+0xe36/0x10d7
      [<ffffffff9115198e>] search_binary_handler+0x81/0x18c
      [<ffffffff91153376>] do_execveat_common.isra.31+0x4e3/0x7b7
      [<ffffffff91153669>] do_execve+0x1f/0x21
      [<ffffffff91153967>] SyS_execve+0x25/0x29
      [<ffffffff916c61a9>] stub_execve+0x69/0xa0
    Reported-by: default avatarValdis Kletnieks <Valdis.Kletnieks@vt.edu>
    Signed-off-by: default avatarRichard Guy Briggs <rgb@redhat.com>
    Tested-by: default avatarValdis Kletnieks <Valdis.Kletnieks@vt.edu>
    Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    1110f350
audit.c 52.7 KB