[PATCH 1/3] kernel/audit: consolidate handling of mm->exe_file
Paul Moore
paul at paul-moore.com
Thu Feb 19 03:23:45 UTC 2015
On Wed, Feb 18, 2015 at 7:10 PM, Davidlohr Bueso <dbueso at suse.de> wrote:
> From: Davidlohr Bueso <dave at stgolabs.net>
>
> This patch adds a audit_log_d_path_exe() helper function
> to share how we handle auditing of the exe_file's path.
> Used by both audit and auditsc. No functionality is changed.
>
> Cc: Paul Moore <paul at paul-moore.com>
> Cc: Eric Paris <eparis at redhat.com>
> Cc: linux-audit at redhat.com
> Signed-off-by: Davidlohr Bueso <dbueso at suse.de>
> ---
>
> Compile tested only.
>
> kernel/audit.c | 9 +--------
> kernel/audit.h | 14 ++++++++++++++
> kernel/auditsc.c | 9 +--------
> 3 files changed, 16 insertions(+), 16 deletions(-)
I'd prefer if the audit_log_d_path_exe() helper wasn't a static inline.
> --- a/kernel/audit.h
> +++ b/kernel/audit.h
> @@ -257,6 +257,20 @@ extern struct list_head audit_filter_list[];
>
> extern struct audit_entry *audit_dupe_rule(struct audit_krule *old);
>
> +static inline void audit_log_d_path_exe(struct audit_buffer *ab,
> + struct mm_struct *mm)
> +{
> + if (!mm) {
> + audit_log_format(ab, " exe=(null)");
> + return;
> + }
> +
> + down_read(&mm->mmap_sem);
> + if (mm->exe_file)
> + audit_log_d_path(ab, " exe=", &mm->exe_file->f_path);
> + up_read(&mm->mmap_sem);
> +}
> +
> /* audit watch functions */
> #ifdef CONFIG_AUDIT_WATCH
> extern void audit_put_watch(struct audit_watch *watch);
--
paul moore
www.paul-moore.com
More information about the Linux-audit
mailing list