[PATCH 2/3] Audit: collect inode information during audit_rng call
audit_rng should collect information about the inode used to add/remove
random data.
Signed-off-by: Eric Paris <eparis(a)redhat.com>
---
drivers/char/random.c | 8 ++++----
include/linux/audit.h | 8 ++++----
kernel/auditsc.c | 4 +++-
3 files changed, 11 insertions(+), 9 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 94ee4a6..ed1099a 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1049,7 +1049,7 @@ random_read(struct file *file, char __user *buf, size_t nbytes,
loff_t *ppos)
}
out:
- audit_rng("random", count);
+ audit_rng(file->f_path.dentry, "random", count);
return (count ? count : retval);
}
@@ -1061,7 +1061,7 @@ urandom_read(struct file *file, char __user *buf, size_t nbytes,
loff_t *ppos)
count = extract_entropy_user(&nonblocking_pool, buf, nbytes);
if (count >= 0)
- audit_rng("urandom", count);
+ audit_rng(file->f_path.dentry, "urandom", count);
return count;
}
@@ -1111,12 +1111,12 @@ static ssize_t random_write(struct file *file, const char __user
*buffer,
ret = write_pool(&blocking_pool, buffer, count);
if (ret)
return ret;
- audit_rng("random", count);
+ audit_rng(file->f_path.dentry, "random", count);
ret = write_pool(&nonblocking_pool, buffer, count);
if (ret)
return ret;
- audit_rng("urandom", count);
+ audit_rng(file->f_path.dentry, "urandom", count);
return (ssize_t)count;
}
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 2f90d9e..ba47df6 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -430,7 +430,7 @@ extern void __audit_inode(const char *name, const struct dentry
*dentry);
extern void __audit_inode_child(const struct dentry *dentry,
const struct inode *parent);
extern void __audit_ptrace(struct task_struct *t);
-extern int __audit_rng(const char *name, size_t len);
+extern int __audit_rng(struct dentry *dentry, const char *name, size_t len);
static inline int audit_dummy_context(void)
{
@@ -459,11 +459,11 @@ static inline void audit_ptrace(struct task_struct *t)
__audit_ptrace(t);
}
-static inline int audit_rng(const char *name, size_t len)
+static inline int audit_rng(struct dentry *dentry, const char *name, size_t len)
{
if (likely(audit_dummy_context()))
return 0;
- return __audit_rng(name, len);
+ return __audit_rng(dentry, name, len);
}
/* Private API (for audit.c only) */
@@ -584,7 +584,7 @@ extern int audit_signals;
#define audit_log_capset(pid, ncr, ocr) ((void)0)
#define audit_mmap_fd(fd, flags) ((void)0)
#define audit_ptrace(t) ((void)0)
-#define audit_rng(c, l) (0)
+#define audit_rng(d, c, l) (0)
#define audit_n_rules 0
#define audit_signals 0
#endif
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 5500adf..0880546 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2325,11 +2325,13 @@ int audit_bprm(struct linux_binprm *bprm)
return 0;
}
-int __audit_rng(const char *name, size_t len)
+int __audit_rng(struct dentry *dentry, const char *name, size_t len)
{
struct audit_aux_data_rng *ax;
struct audit_context *context = current->audit_context;
+ audit_inode(NULL, dentry);
+
ax = kmalloc(sizeof(*ax), GFP_KERNEL);
if (!ax)
return -ENOMEM;