Piteball/android_kernel_samsung_msm8976
1
1
Fork 0
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-09-21 03:43:03 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/ipc
History
Jeff Layton 24dccf86dd audit: fix mq_open and mq_unlink to add the MQ root as a hidden parent audit_names record 
commit 79f6530cb59e2a0af6953742a33cc29e98ca631c upstream.

The old audit PATH records for mq_open looked like this:

  type=PATH msg=audit(1366282323.982:869): item=1 name=(null) inode=6777
  dev=00:0c mode=041777 ouid=0 ogid=0 rdev=00:00
  obj=system_u:object_r:tmpfs_t:s15:c0.c1023
  type=PATH msg=audit(1366282323.982:869): item=0 name="test_mq" inode=26732
  dev=00:0c mode=0100700 ouid=0 ogid=0 rdev=00:00
  obj=staff_u:object_r:user_tmpfs_t:s15:c0.c1023

...with the audit related changes that went into 3.7, they now look like this:

  type=PATH msg=audit(1366282236.776:3606): item=2 name=(null) inode=66655
  dev=00:0c mode=0100700 ouid=0 ogid=0 rdev=00:00
  obj=staff_u:object_r:user_tmpfs_t:s15:c0.c1023
  type=PATH msg=audit(1366282236.776:3606): item=1 name=(null) inode=6926
  dev=00:0c mode=041777 ouid=0 ogid=0 rdev=00:00
  obj=system_u:object_r:tmpfs_t:s15:c0.c1023
  type=PATH msg=audit(1366282236.776:3606): item=0 name="test_mq"

Both of these look wrong to me.  As Steve Grubb pointed out:

 "What we need is 1 PATH record that identifies the MQ.  The other PATH
  records probably should not be there."

Fix it to record the mq root as a parent, and flag it such that it
should be hidden from view when the names are logged, since the root of
the mq filesystem isn't terribly interesting.  With this change, we get
a single PATH record that looks more like this:

  type=PATH msg=audit(1368021604.836:484): item=0 name="test_mq" inode=16914
  dev=00:0c mode=0100644 ouid=0 ogid=0 rdev=00:00
  obj=unconfined_u:object_r:user_tmpfs_t:s0

In order to do this, a new audit_inode_parent_hidden() function is
added.  If we do it this way, then we avoid having the existing callers
of audit_inode needing to do any sort of flag conversion if auditing is
inactive.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reported-by: Jiri Jaburek <jjaburek@redhat.com>
Cc: Steve Grubb <sgrubb@redhat.com>
Cc: Eric Paris <eparis@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-12-04 10:57:03 -08:00
..
compat.c get rid of union semop in sys_semctl(2) arguments 2013-03-05 15:14:16 -05:00
compat_mq.c ipc: initialize structure memory to zero for compat functions 2010-10-27 18:03:13 -07:00
ipc_sysctl.c ipc, msg: forbid negative values for "msg{max,mnb,mni}" 2013-12-04 10:56:11 -08:00
ipcns_notifier.c
Makefile Add generic sys_ipc wrapper 2010-03-12 15:52:32 -08:00
mq_sysctl.c mqueue: separate mqueue default value from maximum value 2012-05-31 17:49:31 -07:00
mqueue.c audit: fix mq_open and mq_unlink to add the MQ root as a hidden parent audit_names record 2013-12-04 10:57:03 -08:00
msg.c ipc,msg: prevent race with rmid in msgsnd,msgrcv 2013-10-18 07:45:48 -07:00
msgutil.c ipc, msg: fix message length check for negative values 2013-12-04 10:56:10 -08:00
namespace.c ipc: drop ipc_lock_by_ptr 2013-10-18 07:45:48 -07:00
sem.c ipc/sem.c: synchronize semop and semctl with IPC_RMID 2013-12-04 10:56:12 -08:00
shm.c ipc,shm: fix shm_file deletion races 2013-11-29 11:11:41 -08:00
syscall.c get rid of union semop in sys_semctl(2) arguments 2013-03-05 15:14:16 -05:00
util.c ipc: update locking scheme comments 2013-12-04 10:56:12 -08:00
util.h ipc, msg: fix message length check for negative values 2013-12-04 10:56:10 -08:00