[PATCH 2/3] Audit: collect inode information during audit_rng call

Eric Paris eparis at redhat.com
Thu Dec 9 21:43:59 UTC 2010 

audit_rng should collect information about the inode used to add/remove
random data.

Signed-off-by: Eric Paris <eparis at redhat.com>
---

 drivers/char/random.c |    8 ++++----
 include/linux/audit.h |    8 ++++----
 kernel/auditsc.c      |    4 +++-
 3 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 94ee4a6..ed1099a 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1049,7 +1049,7 @@ random_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos)
 	}
 
 out:
-	audit_rng("random", count);
+	audit_rng(file->f_path.dentry, "random", count);
 	return (count ? count : retval);
 }
 
@@ -1061,7 +1061,7 @@ urandom_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos)
 	count = extract_entropy_user(&nonblocking_pool, buf, nbytes);
 
 	if (count >= 0)
-		audit_rng("urandom", count);
+		audit_rng(file->f_path.dentry, "urandom", count);
 
 	return count;
 }
@@ -1111,12 +1111,12 @@ static ssize_t random_write(struct file *file, const char __user *buffer,
 	ret = write_pool(&blocking_pool, buffer, count);
 	if (ret)
 		return ret;
-	audit_rng("random", count);
+	audit_rng(file->f_path.dentry, "random", count);
 
 	ret = write_pool(&nonblocking_pool, buffer, count);
 	if (ret)
 		return ret;
-	audit_rng("urandom", count);
+	audit_rng(file->f_path.dentry, "urandom", count);
 	return (ssize_t)count;
 }
 
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 2f90d9e..ba47df6 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -430,7 +430,7 @@ extern void __audit_inode(const char *name, const struct dentry *dentry);
 extern void __audit_inode_child(const struct dentry *dentry,
 				const struct inode *parent);
 extern void __audit_ptrace(struct task_struct *t);
-extern int __audit_rng(const char *name, size_t len);
+extern int __audit_rng(struct dentry *dentry, const char *name, size_t len);
 
 static inline int audit_dummy_context(void)
 {
@@ -459,11 +459,11 @@ static inline void audit_ptrace(struct task_struct *t)
 		__audit_ptrace(t);
 }
 
-static inline int audit_rng(const char *name, size_t len)
+static inline int audit_rng(struct dentry *dentry, const char *name, size_t len)
 {
 	if (likely(audit_dummy_context()))
 		return 0;
-	return __audit_rng(name, len);
+	return __audit_rng(dentry, name, len);
 }
 
 				/* Private API (for audit.c only) */
@@ -584,7 +584,7 @@ extern int audit_signals;
 #define audit_log_capset(pid, ncr, ocr) ((void)0)
 #define audit_mmap_fd(fd, flags) ((void)0)
 #define audit_ptrace(t) ((void)0)
-#define audit_rng(c, l) (0)
+#define audit_rng(d, c, l) (0)
 #define audit_n_rules 0
 #define audit_signals 0
 #endif
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 5500adf..0880546 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2325,11 +2325,13 @@ int audit_bprm(struct linux_binprm *bprm)
 	return 0;
 }
 
-int __audit_rng(const char *name, size_t len)
+int __audit_rng(struct dentry *dentry, const char *name, size_t len)
 {
 	struct audit_aux_data_rng *ax;
 	struct audit_context *context = current->audit_context;
 
+	audit_inode(NULL, dentry);
+
 	ax = kmalloc(sizeof(*ax), GFP_KERNEL);
 	if (!ax)
 		return -ENOMEM;

More information about the Linux-audit mailing list