2:31 a.m.
data_len is already getting checked if it's less than 2 earlier in this
function.
Signed-off-by: Shreenidhi Shedi <sshedi(a)vmware.com>
---
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 7690c29d4..0749211d5 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1390,7 +1390,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
str);
} else {
audit_log_format(ab, " data=");
- if (data_len > 0 && str[data_len - 1] == '\0')
+ if (str[data_len - 1] == '\0')
data_len--;
audit_log_n_untrustedstring(ab, str, data_len);
}
--
2.36.1
2:31 a.m.
New subject: [PATCH 2/2] audit: fix most of the checkpatch.pl warnnings & errors
This commit fixes almost all styling issues reported by checkpatch.pl
script.
Signed-off-by: Shreenidhi Shedi <sshedi(a)vmware.com>
---
kernel/audit.c | 205 ++++++++++++++++++++++++++++++-------------------
1 file changed, 127 insertions(+), 78 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 0749211d5..b3a5f65ee 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -26,7 +26,7 @@
* information that must be passed to user-space.
*
* Audit userspace, documentation, tests, and bug/issue trackers:
- * https://github.com/linux-audit
+ * https://github.com/linux-audit
*/
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
@@ -62,16 +62,19 @@
#include "audit.h"
-/* No auditing will take place until audit_initialized == AUDIT_INITIALIZED.
- * (Initialization happens after skb_init is called.) */
+/*
+ * No auditing will take place until audit_initialized == AUDIT_INITIALIZED.
+ * (Initialization happens after skb_init is called.)
+ */
#define AUDIT_DISABLED -1
#define AUDIT_UNINITIALIZED 0
#define AUDIT_INITIALIZED 1
+
static int audit_initialized = AUDIT_UNINITIALIZED;
-u32 audit_enabled = AUDIT_OFF;
bool audit_ever_enabled = !!AUDIT_OFF;
+u32 audit_enabled = AUDIT_OFF;
EXPORT_SYMBOL_GPL(audit_enabled);
/* Default state when kernel boots without any parameters. */
@@ -111,13 +114,17 @@ struct auditd_connection {
static struct auditd_connection __rcu *auditd_conn;
static DEFINE_SPINLOCK(auditd_conn_lock);
-/* If audit_rate_limit is non-zero, limit the rate of sending audit records
+/*
+ * If audit_rate_limit is non-zero, limit the rate of sending audit records
* to that number per second. This prevents DoS attacks, but results in
- * audit records being dropped. */
+ * audit records being dropped.
+ */
static u32 audit_rate_limit;
-/* Number of outstanding audit_buffers allowed.
- * When set to zero, this means unlimited. */
+/*
+ * Number of outstanding audit_buffers allowed.
+ * When set to zero, this means unlimited.
+ */
static u32 audit_backlog_limit = 64;
#define AUDIT_BACKLOG_WAIT_TIME (60 * HZ)
static u32 audit_backlog_wait_time = AUDIT_BACKLOG_WAIT_TIME;
@@ -127,13 +134,14 @@ static kuid_t audit_sig_uid = INVALID_UID;
static pid_t audit_sig_pid = -1;
static u32 audit_sig_sid;
-/* Records can be lost in several ways:
- 0) [suppressed in audit_alloc]
- 1) out of memory in audit_log_start [kmalloc of struct audit_buffer]
- 2) out of memory in audit_log_move [alloc_skb]
- 3) suppressed due to audit_rate_limit
- 4) suppressed due to audit_backlog_limit
-*/
+/*
+ * Records can be lost in several ways:
+ * 0) [suppressed in audit_alloc]
+ * 1) out of memory in audit_log_start [kmalloc of struct audit_buffer]
+ * 2) out of memory in audit_log_move [alloc_skb]
+ * 3) suppressed due to audit_rate_limit
+ * 4) suppressed due to audit_backlog_limit
+ */
static atomic_t audit_lost = ATOMIC_INIT(0);
/* Monotonically increasing sum of time the kernel has spent
@@ -186,16 +194,20 @@ static struct audit_ctl_mutex {
void *owner;
} audit_cmd_mutex;
-/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
+/*
+ * AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
* audit records. Since printk uses a 1024 byte buffer, this buffer
- * should be at least that large. */
+ * should be at least that large.
+ */
#define AUDIT_BUFSIZ 1024
-/* The audit_buffer is used when formatting an audit record. The caller
+/*
+ * The audit_buffer is used when formatting an audit record. The caller
* locks briefly to get the record off the freelist or to allocate the
* buffer, and locks briefly to send the buffer to the netlink layer or
* to place it on a transmit queue. Multiple audit_buffers can be in
- * use simultaneously. */
+ * use simultaneously.
+ */
struct audit_buffer {
struct sk_buff *skb; /* formatted skb ready to send */
struct audit_context *ctx; /* NULL or associated context */
@@ -305,8 +317,7 @@ void audit_panic(const char *message)
case AUDIT_FAIL_SILENT:
break;
case AUDIT_FAIL_PRINTK:
- if (printk_ratelimit())
- pr_err("%s\n", message);
+ pr_err_ratelimited("%s\n", message);
break;
case AUDIT_FAIL_PANIC:
panic("audit: %s\n", message);
@@ -316,15 +327,16 @@ void audit_panic(const char *message)
static inline int audit_rate_check(void)
{
- static unsigned long last_check = 0;
- static int messages = 0;
+ static unsigned long last_check;
+ static int messages;
static DEFINE_SPINLOCK(lock);
unsigned long flags;
unsigned long now;
unsigned long elapsed;
- int retval = 0;
+ int retval = 0;
- if (!audit_rate_limit) return 1;
+ if (!audit_rate_limit)
+ return 1;
spin_lock_irqsave(&lock, flags);
if (++messages < audit_rate_limit) {
@@ -350,10 +362,10 @@ static inline int audit_rate_check(void)
* Emit at least 1 message per second, even if audit_rate_check is
* throttling.
* Always increment the lost messages counter.
-*/
+ */
void audit_log_lost(const char *message)
{
- static unsigned long last_msg = 0;
+ static unsigned long last_msg;
static DEFINE_SPINLOCK(lock);
unsigned long flags;
unsigned long now;
@@ -374,11 +386,10 @@ void audit_log_lost(const char *message)
}
if (print) {
- if (printk_ratelimit())
- pr_warn("audit_lost=%u audit_rate_limit=%u audit_backlog_limit=%u\n",
- atomic_read(&audit_lost),
- audit_rate_limit,
- audit_backlog_limit);
+ pr_warn_ratelimited("audit_lost=%u audit_rate_limit=%u
audit_backlog_limit=%u\n",
+ atomic_read(&audit_lost),
+ audit_rate_limit,
+ audit_backlog_limit);
audit_panic(message);
}
}
@@ -447,6 +458,7 @@ static int audit_set_backlog_wait_time(u32 timeout)
static int audit_set_enabled(u32 state)
{
int rc;
+
if (state > AUDIT_LOCKED)
return -EINVAL;
@@ -534,8 +546,8 @@ static void kauditd_printk_skb(struct sk_buff *skb)
struct nlmsghdr *nlh = nlmsg_hdr(skb);
char *data = nlmsg_data(nlh);
- if (nlh->nlmsg_type != AUDIT_EOE && printk_ratelimit())
- pr_notice("type=%d %s\n", nlh->nlmsg_type, data);
+ if (nlh->nlmsg_type != AUDIT_EOE)
+ pr_notice_ratelimited("type=%d %s\n", nlh->nlmsg_type, data);
}
/**
@@ -568,8 +580,10 @@ static void kauditd_rehold_skb(struct sk_buff *skb, __always_unused
int error)
*/
static void kauditd_hold_skb(struct sk_buff *skb, int error)
{
- /* at this point it is uncertain if we will ever send this to auditd so
- * try to send the message via printk before we go any further */
+ /*
+ * at this point it is uncertain if we will ever send this to auditd so
+ * try to send the message via printk before we go any further
+ */
kauditd_printk_skb(skb);
/* can we just silently drop the message? */
@@ -659,8 +673,10 @@ static void auditd_reset(const struct auditd_connection *ac)
if (ac_old)
call_rcu(&ac_old->rcu, auditd_conn_free);
- /* flush the retry queue to the hold queue, but don't touch the main
- * queue since we need to process that normally for multicast */
+ /*
+ * flush the retry queue to the hold queue, but don't touch the main
+ * queue since we need to process that normally for multicast
+ */
while ((skb = skb_dequeue(&audit_retry_queue)))
kauditd_hold_skb(skb, -ECONNREFUSED);
}
@@ -684,12 +700,14 @@ static int auditd_send_unicast_skb(struct sk_buff *skb)
struct sock *sk;
struct auditd_connection *ac;
- /* NOTE: we can't call netlink_unicast while in the RCU section so
+ /*
+ * NOTE: we can't call netlink_unicast while in the RCU section so
* take a reference to the network namespace and grab local
* copies of the namespace, the sock, and the portid; the
* namespace and sock aren't going to go away while we hold a
* reference and if the portid does become invalid after the RCU
- * section netlink_unicast() should safely return an error */
+ * section netlink_unicast() should safely return an error
+ */
rcu_read_lock();
ac = rcu_dereference(auditd_conn);
@@ -743,8 +761,10 @@ static int kauditd_send_queue(struct sock *sk, u32 portid,
struct sk_buff *skb_tail;
unsigned int failed = 0;
- /* NOTE: kauditd_thread takes care of all our locking, we just use
- * the netlink info passed to us (e.g. sk and portid) */
+ /*
+ * NOTE: kauditd_thread takes care of all our locking, we just use
+ * the netlink info passed to us (e.g. sk and portid)
+ */
skb_tail = skb_peek_tail(queue);
while ((skb != skb_tail) && (skb = skb_dequeue(queue))) {
@@ -801,8 +821,10 @@ static void kauditd_send_multicast_skb(struct sk_buff *skb)
struct sock *sock = audit_get_sk(&init_net);
struct nlmsghdr *nlh;
- /* NOTE: we are not taking an additional reference for init_net since
- * we don't have to worry about it going away */
+ /*
+ * NOTE: we are not taking an additional reference for init_net since
+ * we don't have to worry about it going away
+ */
if (!netlink_has_listeners(sock, AUDIT_NLGRP_READLOG))
return;
@@ -875,10 +897,12 @@ static int kauditd_thread(void *dummy)
}
main_queue:
- /* process the main queue - do the multicast send and attempt
+ /*
+ * process the main queue - do the multicast send and attempt
* unicast, dump failed record sends to the retry queue; if
* sk == NULL due to previous failures we will just do the
- * multicast send and move the record to the hold queue */
+ * multicast send and move the record to the hold queue
+ */
rc = kauditd_send_queue(sk, portid, &audit_queue, 1,
kauditd_send_multicast_skb,
(sk ?
@@ -896,10 +920,12 @@ static int kauditd_thread(void *dummy)
/* we have processed all the queues so wake everyone */
wake_up(&audit_backlog_wait);
- /* NOTE: we want to wake up if there is anything on the queue,
+ /*
+ * NOTE: we want to wake up if there is anything on the queue,
* regardless of if an auditd is connected, as we need to
* do the multicast send and rotate records from the
- * main queue to the retry/hold queues */
+ * main queue to the retry/hold queues
+ */
wait_event_freezable(kauditd_wait,
(skb_queue_len(&audit_queue) ? 1 : 0));
}
@@ -969,8 +995,10 @@ static int audit_send_reply_thread(void *arg)
audit_ctl_lock();
audit_ctl_unlock();
- /* Ignore failure. It'll only happen if the sender goes away,
- because our timeout is set to infinite. */
+ /*
+ * Ignore failure. It'll only happen if the sender goes away,
+ * because our timeout is set to infinite.
+ */
netlink_unicast(audit_get_sk(reply->net), reply->skb, reply->portid, 0);
reply->skb = NULL;
audit_free_reply(reply);
@@ -1054,8 +1082,10 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
case AUDIT_TTY_SET:
case AUDIT_TRIM:
case AUDIT_MAKE_EQUIV:
- /* Only support auditd and auditctl in initial pid namespace
- * for now. */
+ /*
+ * Only support auditd and auditctl in initial pid namespace
+ * for now.
+ */
if (task_active_pid_ns(current) != &init_pid_ns)
return -EPERM;
@@ -1226,11 +1256,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
switch (msg_type) {
case AUDIT_GET: {
struct audit_status s;
+
memset(&s, 0, sizeof(s));
s.enabled = audit_enabled;
s.failure = audit_failure;
- /* NOTE: use pid_vnr() so the PID is relative to the current
- * namespace */
+ /*
+ * NOTE: use pid_vnr() so the PID is relative to the current
+ * namespace
+ */
s.pid = auditd_pid_vnr();
s.rate_limit = audit_rate_limit;
s.backlog_limit = audit_backlog_limit;
@@ -1244,6 +1277,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
}
case AUDIT_SET: {
struct audit_status s;
+
memset(&s, 0, sizeof(s));
/* guard against past and future API changes */
memcpy(&s, data, min_t(size_t, sizeof(s), data_len));
@@ -1258,18 +1292,22 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
return err;
}
if (s.mask & AUDIT_STATUS_PID) {
- /* NOTE: we are using the vnr PID functions below
+ /*
+ * NOTE: we are using the vnr PID functions below
* because the s.pid value is relative to the
* namespace of the caller; at present this
* doesn't matter much since you can really only
* run auditd from the initial pid namespace, but
- * something to keep in mind if this changes */
+ * something to keep in mind if this changes
+ */
pid_t new_pid = s.pid;
pid_t auditd_pid;
struct pid *req_pid = task_tgid(current);
- /* Sanity check - PID values must match. Setting
- * pid to 0 is how auditd ends auditing. */
+ /*
+ * Sanity check - PID values must match. Setting
+ * pid to 0 is how auditd ends auditing.
+ */
if (new_pid && (new_pid != pid_vnr(req_pid)))
return -EINVAL;
@@ -1655,11 +1693,13 @@ static void __net_exit audit_net_exit(struct net *net)
{
struct audit_net *aunet = net_generic(net, audit_net_id);
- /* NOTE: you would think that we would want to check the auditd
+ /*
+ * NOTE: you would think that we would want to check the auditd
* connection and potentially reset it here if it lives in this
* namespace, but since the auditd connection tracking struct holds a
* reference to this namespace (see auditd_set()) we are only ever
- * going to get here after that connection has been released */
+ * going to get here after that connection has been released
+ */
netlink_kernel_release(aunet->sk);
}
@@ -1702,6 +1742,7 @@ static int __init audit_init(void)
kauditd_task = kthread_run(kauditd_thread, NULL, "kauditd");
if (IS_ERR(kauditd_task)) {
int err = PTR_ERR(kauditd_task);
+
panic("audit: failed to start the kauditd thread (%d)\n", err);
}
@@ -1741,21 +1782,23 @@ static int __init audit_enable(char *str)
}
__setup("audit=", audit_enable);
-/* Process kernel command-line parameter at boot time.
- * audit_backlog_limit=<n> */
+/*
+ * Process kernel command-line parameter at boot time.
+ * audit_backlog_limit=<n>
+ */
static int __init audit_backlog_limit_set(char *str)
{
u32 audit_backlog_limit_arg;
pr_info("audit_backlog_limit: ");
if (kstrtouint(str, 0, &audit_backlog_limit_arg)) {
- pr_cont("using default of %u, unable to parse %s\n",
+ pr_info("using default of %u, unable to parse %s\n",
audit_backlog_limit, str);
return 1;
}
audit_backlog_limit = audit_backlog_limit_arg;
- pr_cont("%d\n", audit_backlog_limit);
+ pr_info("%d\n", audit_backlog_limit);
return 1;
}
@@ -1873,8 +1916,10 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx,
gfp_t gfp_mask,
/* wake kauditd to try and flush the queue */
wake_up_interruptible(&kauditd_wait);
- /* sleep if we are allowed and we haven't exhausted our
- * backlog wait limit */
+ /*
+ * sleep if we are allowed and we haven't exhausted our
+ * backlog wait limit
+ */
if (gfpflags_allow_blocking(gfp_mask) && (stime > 0)) {
long rtime = stime;
@@ -1887,8 +1932,8 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx,
gfp_t gfp_mask,
atomic_add(rtime - stime, &audit_backlog_wait_time_actual);
remove_wait_queue(&audit_backlog_wait, &wait);
} else {
- if (audit_rate_check() && printk_ratelimit())
- pr_warn("audit_backlog=%d > audit_backlog_limit=%d\n",
+ if (audit_rate_check())
+ pr_warn_ratelimited("audit_backlog=%d > audit_backlog_limit=%d\n",
skb_queue_len(&audit_queue),
audit_backlog_limit);
audit_log_lost("backlog limit exceeded");
@@ -1912,6 +1957,7 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx,
gfp_t gfp_mask,
return ab;
}
+EXPORT_SYMBOL(audit_log_start);
/**
* audit_expand - expand skb in the audit buffer
@@ -1964,11 +2010,13 @@ static void audit_log_vformat(struct audit_buffer *ab, const char
*fmt,
va_copy(args2, args);
len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args);
if (len >= avail) {
- /* The printk buffer is 1024 bytes long, so if we get
+ /*
+ * The printk buffer is 1024 bytes long, so if we get
* here and AUDIT_BUFSIZ is at least 1024, then we can
- * log everything that printk could have logged. */
+ * log everything that printk could have logged.
+ */
avail = audit_expand(ab,
- max_t(unsigned, AUDIT_BUFSIZ, 1+len-avail));
+ max_t(unsigned int, AUDIT_BUFSIZ, 1+len-avail));
if (!avail)
goto out_va_end;
len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args2);
@@ -1999,6 +2047,7 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt,
...)
audit_log_vformat(ab, fmt, args);
va_end(args);
}
+EXPORT_SYMBOL(audit_log_format);
/**
* audit_log_n_hex - convert a buffer to hex and append it to the audit skb
@@ -2080,6 +2129,7 @@ void audit_log_n_string(struct audit_buffer *ab, const char
*string,
bool audit_string_contains_control(const char *string, size_t len)
{
const unsigned char *p;
+
for (p = string; p < (const unsigned char *)string + len; p++) {
if (*p == '"' || *p < 0x21 || *p > 0x7e)
return true;
@@ -2167,7 +2217,7 @@ void audit_log_key(struct audit_buffer *ab, char *key)
int audit_log_task_context(struct audit_buffer *ab)
{
char *ctx = NULL;
- unsigned len;
+ unsigned int len;
int error;
u32 sid;
@@ -2419,8 +2469,10 @@ void audit_log_end(struct audit_buffer *ab)
skb = ab->skb;
ab->skb = NULL;
- /* setup the netlink header, see the comments in
- * kauditd_send_multicast_skb() for length quirks */
+ /*
+ * setup the netlink header, see the comments in
+ * kauditd_send_multicast_skb() for length quirks
+ */
nlh = nlmsg_hdr(skb);
nlh->nlmsg_len = skb->len - NLMSG_HDRLEN;
@@ -2432,6 +2484,7 @@ void audit_log_end(struct audit_buffer *ab)
audit_buffer_free(ab);
}
+EXPORT_SYMBOL(audit_log_end);
/**
* audit_log - Log an audit record
@@ -2459,8 +2512,4 @@ void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
audit_log_end(ab);
}
}
-
-EXPORT_SYMBOL(audit_log_start);
-EXPORT_SYMBOL(audit_log_end);
-EXPORT_SYMBOL(audit_log_format);
EXPORT_SYMBOL(audit_log);
--
2.36.1
6:44 p.m.
New subject: [PATCH 2/2] audit: fix most of the checkpatch.pl warnnings & errors
On Sun, May 15, 2022 at 3:31 AM Shreenidhi Shedi <yesshedi(a)gmail.com> wrote:
This commit fixes almost all styling issues reported by checkpatch.pl
script.
Signed-off-by: Shreenidhi Shedi <sshedi(a)vmware.com>
---
kernel/audit.c | 205 ++++++++++++++++++++++++++++++-------------------
1 file changed, 127 insertions(+), 78 deletions(-)
Please don't send me patches like this unless you are an established
contributor to the audit subsystem, and even then I would strongly
encourage you to think long and hard before hitting send.
Most of this patch is just comment formatting churn, which is okay if
you are doing something else in a nearby section of code, but a +200
line patch of such changes is not okay. The printk ratelimiting
changes are probably okay to submit in a separate patch, but I didn't
look at all of them. Although some of the pr_cont() to pr_info()
conversions warrant a closer look. The EXPORT_SYMBOL() relocations
are probably also okay is sent as a separate patch.
--
paul-moore.com
6:35 p.m.
On Sun, May 15, 2022 at 3:31 AM Shreenidhi Shedi <yesshedi(a)gmail.com> wrote:
data_len is already getting checked if it's less than 2 earlier in this
function.
Signed-off-by: Shreenidhi Shedi <sshedi(a)vmware.com>
---
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Thanks, this patch looks okay, but since we are already at v5.18-rc7
this patch will have to wait until after the upcoming merge window as
it isn't a critical bug fix.
--
paul-moore.com
3:01 p.m.
On Sun, May 15, 2022 at 7:35 PM Paul Moore <paul(a)paul-moore.com> wrote:
On Sun, May 15, 2022 at 3:31 AM Shreenidhi Shedi <yesshedi(a)gmail.com> wrote:
>
> data_len is already getting checked if it's less than 2 earlier in this
> function.
>
> Signed-off-by: Shreenidhi Shedi <sshedi(a)vmware.com>
> ---
> kernel/audit.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Thanks, this patch looks okay, but since we are already at v5.18-rc7
this patch will have to wait until after the upcoming merge window as
it isn't a critical bug fix.
... and it's now merged into audit/next, thanks!
--
paul-moore.com
3:43 a.m.
On 08/06/22 1:31 am, Paul Moore wrote:
On Sun, May 15, 2022 at 7:35 PM Paul Moore
<paul(a)paul-moore.com> wrote:
>
> On Sun, May 15, 2022 at 3:31 AM Shreenidhi Shedi <yesshedi(a)gmail.com> wrote:
>>
>> data_len is already getting checked if it's less than 2 earlier in this
>> function.
>>
>> Signed-off-by: Shreenidhi Shedi <sshedi(a)vmware.com>
>> ---
>> kernel/audit.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> Thanks, this patch looks okay, but since we are already at v5.18-rc7
> this patch will have to wait until after the upcoming merge window as
> it isn't a critical bug fix.
... and it's now merged into audit/next, thanks!
You are welcome and Thank you as well.
--
Shedi
927
days inactive
951
days old
linux-audit@lists.linux-audit.osci.io
5 comments
2 participants
participants (2)
-
Paul Moore -
Shreenidhi Shedi