[PATCH] Add audit uid to netlink credentials
Alexey Kuznetsov
kuznet at ms2.inr.ac.ru
Wed Feb 9 14:19:46 UTC 2005
Hello!
> > Reception of netlink messages in the kernel happens in the context
> > of the sending process, so you can simply call
> > audit_get_loginuid(current->audit_context) in audit_receive_msg().
>
> Then why does netlink_sendmsg() need to save the effective capability
Yes, when kernel receives a message, it can be processed in context
of another process. This happens with rtnetlink, which queues messages
when someone holds netadmin semaphore and processing of backlog happens
in context of process which holds the semaphore.
Unfortunately, audit uses the same twisted way. Actually, if people
expected synchronous processing, it is better to replace
if (down_trylock(&audit_netlink_sem))
return;
with plain down(&audit_netlink_sem);
Alexey
More information about the Linux-audit
mailing list