[PATCH] LOGIN message credentials

Mon Apr 25 17:55:51 UTC 2005

* Steve Grubb (sgrubb at redhat.com) wrote:
> Attached is a new patch that solves the issue of getting valid credentials 
> into the LOGIN message. The current code was assuming that the audit context 
> had already been copied. This is not always the case for LOGIN messages.
> 
> To solve the problem, the patch passes the task struct to the function that 
> emits the message where it can get valid credentials.

This doesn't look right (and it doesn't apply to a current tree). 
Here's what I think should go upstream?

thanks,
-chris

> diff -urB linux-2.6.9.orig/kernel/auditsc.c linux-2.6.9/kernel/auditsc.c
> --- linux-2.6.9.orig/kernel/auditsc.c	2005-04-25 13:09:43.920801480 -0400
> +++ linux-2.6.9/kernel/auditsc.c	2005-04-25 13:18:02.023078424 -0400
> @@ -1039,20 +1039,22 @@
>  
>  extern int audit_set_type(struct audit_buffer *ab, int type);
>  
> -int audit_set_loginuid(struct audit_context *ctx, uid_t loginuid)
> +int audit_set_loginuid(struct task_struct *task, uid_t loginuid)
>  {

Could just introduce a local here, eliminate some changes, keeps derefs
to a dull roar ;-)

> -	if (ctx) {
> +	if (task->audit_context) {
>  		struct audit_buffer *ab;
>  
>  		ab = audit_log_start(NULL);
>  		if (ab) {
>  			audit_log_format(ab, "login pid=%d uid=%u "
>  				"old loginuid=%u new loginuid=%u",
> -				ctx->pid, ctx->uid, ctx->loginuid, loginuid);
> +				task->audit_context->pid,
> +				task->audit_context->uid, 

This just propagated the bug ;-)
-

Pass task struct to audit_set_loginuid() to allow audit message to
accurately record pid and uid for cases when audit_context has yet to
be setup while setting loginuid.  Originally from Steve Grubb.

Signed-off-by: Steve Grubb <sgrubb at redhat.com>
Signed-off-by: Chris Wright <chrisw at osdl.org>
---

fs/proc/base.c: 39fd336cfdb9ca68c354a22f432e74c63a9bf732

--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -820,7 +820,7 @@ static ssize_t proc_loginuid_write(struc
 		goto out_free_page;
 
 	}
-	length = audit_set_loginuid(task->audit_context, loginuid);
+	length = audit_set_loginuid(task, loginuid);
 	if (likely(length == 0))
 		length = count;
 
include/linux/audit.h: 3628f7cfb1789c16ff9e5f6d20e76e9b6d69672e
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -147,7 +147,7 @@ extern int  audit_receive_filter(int typ
 				 void *data);
 extern void audit_get_stamp(struct audit_context *ctx,
 			    struct timespec *t, int *serial);
-extern int  audit_set_loginuid(struct audit_context *ctx, uid_t loginuid);
+extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);
 extern uid_t audit_get_loginuid(struct audit_context *ctx);
 extern int audit_ipc_perms(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
 #else
kernel/auditsc.c: 6f1931381bc9eae1ff454c943036c5b077c4a8a6
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -996,8 +996,10 @@ void audit_get_stamp(struct audit_contex
 
 extern int audit_set_type(struct audit_buffer *ab, int type);
 
-int audit_set_loginuid(struct audit_context *ctx, uid_t loginuid)
+int audit_set_loginuid(struct task_struct *task, uid_t loginuid)
 {
+	struct audit_context *ctx = task->audit_context;
+
 	if (ctx) {
 		struct audit_buffer *ab;
 
@@ -1005,7 +1007,7 @@ int audit_set_loginuid(struct audit_cont
 		if (ab) {
 			audit_log_format(ab, "login pid=%d uid=%u "
 				"old loginuid=%u new loginuid=%u",
-				ctx->pid, ctx->uid, ctx->loginuid, loginuid);
+				task->pid, task->uid, ctx->loginuid, loginuid);
 			audit_set_type(ab, AUDIT_LOGIN);
 			audit_log_end(ab);
 		}


