Commit 4a10a917 authored by Linus Torvalds's avatar Linus Torvalds

Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit

Pull audit updates from Paul Moore:
 "Four small audit patches for v4.2, all bug fixes.  Only 10 lines of
  change this time so very unremarkable, the patch subject lines pretty
  much tell the whole story"

* 'upstream' of git://git.infradead.org/users/pcmoore/audit:
  audit: Fix check of return value of strnlen_user()
  audit: obsolete audit_context check is removed in audit_filter_rules()
  audit: fix for typo in comment to function audit_log_link_denied()
  lsm: rename duplicate labels in LSM_AUDIT_DATA_TASK audit message type
parents e22619a2 0b08c5e5
...@@ -1904,7 +1904,7 @@ EXPORT_SYMBOL(audit_log_task_info); ...@@ -1904,7 +1904,7 @@ EXPORT_SYMBOL(audit_log_task_info);
/** /**
* audit_log_link_denied - report a link restriction denial * audit_log_link_denied - report a link restriction denial
* @operation: specific link opreation * @operation: specific link operation
* @link: the path that triggered the restriction * @link: the path that triggered the restriction
*/ */
void audit_log_link_denied(const char *operation, struct path *link) void audit_log_link_denied(const char *operation, struct path *link)
......
...@@ -599,9 +599,7 @@ static int audit_filter_rules(struct task_struct *tsk, ...@@ -599,9 +599,7 @@ static int audit_filter_rules(struct task_struct *tsk,
result = match_tree_refs(ctx, rule->tree); result = match_tree_refs(ctx, rule->tree);
break; break;
case AUDIT_LOGINUID: case AUDIT_LOGINUID:
result = 0; result = audit_uid_comparator(tsk->loginuid, f->op, f->uid);
if (ctx)
result = audit_uid_comparator(tsk->loginuid, f->op, f->uid);
break; break;
case AUDIT_LOGINUID_SET: case AUDIT_LOGINUID_SET:
result = audit_comparator(audit_loginuid_set(tsk), f->op, f->val); result = audit_comparator(audit_loginuid_set(tsk), f->op, f->val);
...@@ -1023,7 +1021,7 @@ static int audit_log_single_execve_arg(struct audit_context *context, ...@@ -1023,7 +1021,7 @@ static int audit_log_single_execve_arg(struct audit_context *context,
* for strings that are too long, we should not have created * for strings that are too long, we should not have created
* any. * any.
*/ */
if (unlikely((len == -1) || len > MAX_ARG_STRLEN - 1)) { if (unlikely((len == 0) || len > MAX_ARG_STRLEN - 1)) {
WARN_ON(1); WARN_ON(1);
send_sig(SIGKILL, current, 0); send_sig(SIGKILL, current, 0);
return -1; return -1;
......
...@@ -282,7 +282,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, ...@@ -282,7 +282,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
pid_t pid = task_pid_nr(tsk); pid_t pid = task_pid_nr(tsk);
if (pid) { if (pid) {
char comm[sizeof(tsk->comm)]; char comm[sizeof(tsk->comm)];
audit_log_format(ab, " pid=%d comm=", pid); audit_log_format(ab, " opid=%d ocomm=", pid);
audit_log_untrustedstring(ab, audit_log_untrustedstring(ab,
memcpy(comm, tsk->comm, sizeof(comm))); memcpy(comm, tsk->comm, sizeof(comm)));
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment