[PATCH] audit: use session_info helper
Paul Moore
paul at paul-moore.com
Mon Nov 19 17:36:50 UTC 2018
On Fri, Nov 16, 2018 at 4:30 PM Richard Guy Briggs <rgb at redhat.com> wrote:
> There are still a couple of places (mark and watch config changes) that
> open code auid and ses fields in sequence in records instead of using
> the audit_log_session_info() helper. Use the helper. Adjust the helper
> to accomodate being the first fields. Passes audit-testsuite.
>
> Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
> ---
> kernel/audit.c | 6 +++---
> kernel/audit_fsnotify.c | 5 ++---
> kernel/audit_watch.c | 5 ++---
> 3 files changed, 7 insertions(+), 9 deletions(-)
Merged with a spelling fix to the commit description. This is a
reminder to run checkpatch on your patches before submitting to the
list, it will catch spelling mistakes.
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 2a8058764aa6..6c53e373b828 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -400,7 +400,7 @@ static int audit_log_config_change(char *function_name, u32 new, u32 old,
> ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
> if (unlikely(!ab))
> return rc;
> - audit_log_format(ab, "%s=%u old=%u", function_name, new, old);
> + audit_log_format(ab, "%s=%u old=%u ", function_name, new, old);
> audit_log_session_info(ab);
> rc = audit_log_task_context(ab);
> if (rc)
> @@ -1067,7 +1067,7 @@ static void audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type)
> *ab = audit_log_start(NULL, GFP_KERNEL, msg_type);
> if (unlikely(!*ab))
> return;
> - audit_log_format(*ab, "pid=%d uid=%u", pid, uid);
> + audit_log_format(*ab, "pid=%d uid=%u ", pid, uid);
> audit_log_session_info(*ab);
> audit_log_task_context(*ab);
> }
> @@ -2042,7 +2042,7 @@ void audit_log_session_info(struct audit_buffer *ab)
> unsigned int sessionid = audit_get_sessionid(current);
> uid_t auid = from_kuid(&init_user_ns, audit_get_loginuid(current));
>
> - audit_log_format(ab, " auid=%u ses=%u", auid, sessionid);
> + audit_log_format(ab, "auid=%u ses=%u", auid, sessionid);
> }
>
> void audit_log_key(struct audit_buffer *ab, char *key)
> diff --git a/kernel/audit_fsnotify.c b/kernel/audit_fsnotify.c
> index fba78047fb37..f90ffa699e5b 100644
> --- a/kernel/audit_fsnotify.c
> +++ b/kernel/audit_fsnotify.c
> @@ -130,9 +130,8 @@ static void audit_mark_log_rule_change(struct audit_fsnotify_mark *audit_mark, c
> ab = audit_log_start(NULL, GFP_NOFS, AUDIT_CONFIG_CHANGE);
> if (unlikely(!ab))
> return;
> - audit_log_format(ab, "auid=%u ses=%u op=%s",
> - from_kuid(&init_user_ns, audit_get_loginuid(current)),
> - audit_get_sessionid(current), op);
> + audit_log_session_info(ab);
> + audit_log_format(ab, " op=%s", op);
> audit_log_format(ab, " path=");
> audit_log_untrustedstring(ab, audit_mark->path);
> audit_log_key(ab, rule->filterkey);
> diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
> index 787c7afdf829..568e48d1d0ab 100644
> --- a/kernel/audit_watch.c
> +++ b/kernel/audit_watch.c
> @@ -245,9 +245,8 @@ static void audit_watch_log_rule_change(struct audit_krule *r, struct audit_watc
> ab = audit_log_start(NULL, GFP_NOFS, AUDIT_CONFIG_CHANGE);
> if (!ab)
> return;
> - audit_log_format(ab, "auid=%u ses=%u op=%s",
> - from_kuid(&init_user_ns, audit_get_loginuid(current)),
> - audit_get_sessionid(current), op);
> + audit_log_session_info(ab);
> + audit_log_format(ab, "op=%s", op);
> audit_log_format(ab, " path=");
> audit_log_untrustedstring(ab, w->path);
> audit_log_key(ab, r->filterkey);
> --
> 1.8.3.1
>
--
paul moore
www.paul-moore.com
More information about the Linux-audit
mailing list