[PATCH] audit: consistently record PIDs with task_tgid_nr()
Paul Moore
paul at paul-moore.com
Wed Aug 31 20:04:41 UTC 2016
On Tue, Aug 30, 2016 at 5:15 PM, Paul Moore <pmoore at redhat.com> wrote:
> On Tue, Aug 30, 2016 at 5:13 PM, Paul Moore <pmoore at redhat.com> wrote:
>> From: Paul Moore <paul at paul-moore.com>
>>
>> Unfortunately we record PIDs in audit records using a variety of
>> methods despite the correct way being the use of task_tgid_nr().
>> This patch converts all of these callers, except for the case of
>> AUDIT_SET in audit_receive_msg() (see the comment in the code).
>>
>> Reported-by: Jeff Vander Stoep <jeffv at google.com>
>> Signed-off-by: Paul Moore <paul at paul-moore.com>
>> ---
>> kernel/audit.c | 8 +++++++-
>> kernel/auditsc.c | 12 ++++++------
>> security/lsm_audit.c | 4 ++--
>> 3 files changed, 15 insertions(+), 9 deletions(-)
>
> I forgot to tag this with "RFC". This patch compiles but I haven't
> had a chance to test it yet so it isn't going into audit#next just
> yet; if you have any concerns, now is the time to voice them.
This patch passes our meager testsuite and I haven't heard any
objections so I'm pushing this to the audit#next branch.
--
paul moore
www.paul-moore.com
More information about the Linux-audit
mailing list