[RFC PATCH 3/4] audit: store the auditd PID as a pid struct instead of pid_t
Paul Moore
paul at paul-moore.com
Tue Apr 11 19:56:41 UTC 2017
On Mon, Apr 10, 2017 at 12:30 AM, Richard Guy Briggs <rgb at redhat.com> wrote:
> On 2017-03-21 14:59, Paul Moore wrote:
>> From: Paul Moore <paul at paul-moore.com>
>>
>> This is arguably the right thing to do, and will make it easier when
>> we start supporting multiple audit daemons in different namespaces.
>
> I had tried this several years ago inspired by Eric Biederman's work for
> the same reasons:
> https://www.redhat.com/archives/linux-audit/2014-February/msg00116.html
>
> A lot has changed since then... A couple of comments in-line...
>
>> Signed-off-by: Paul Moore <paul at paul-moore.com>
>> ---
>> kernel/audit.c | 84 ++++++++++++++++++++++++++++++++++++++------------------
>> kernel/audit.h | 2 +
>> 2 files changed, 58 insertions(+), 28 deletions(-)
>>
>> diff --git a/kernel/audit.c b/kernel/audit.c
>> index 6cbf47a372e8..b718bf3a73f8 100644
>> --- a/kernel/audit.c
>> +++ b/kernel/audit.c
>> @@ -58,6 +58,7 @@
>> #include <linux/rcupdate.h>
>> #include <linux/mutex.h>
>> #include <linux/gfp.h>
>> +#include <linux/pid.h>
>>
>> #include <linux/audit.h>
>>
>> @@ -117,7 +118,7 @@ struct audit_net {
>> * or the included spinlock for writing.
>> */
>> static struct auditd_connection {
>> - int pid;
>> + struct pid *pid;
>> u32 portid;
>> struct net *net;
>> spinlock_t lock;
>> @@ -221,18 +222,41 @@ struct audit_reply {
>> * Description:
>> * Return 1 if the task is a registered audit daemon, 0 otherwise.
>> */
>> -int auditd_test_task(const struct task_struct *task)
>> +int auditd_test_task(struct task_struct *task)
>
> Does the compiler complain if this is left as const?
Yep, it runs afoul with the task_tgid() call.
> Reviewed-by: Richard Guy Briggs <rgb at redhat.com>
Thanks. Merged.
--
paul moore
www.paul-moore.com
More information about the Linux-audit
mailing list