April 2006 - Linux-audit - Linux-Audit List Archives

by Darrel Goeddel

Here: http://dgoeddel.home.insightbb.com/audit/ are some patches that will enable users to test the selinux context audit filters. They are largely based on some previous work by Amy and Dustin (some things are named differently, and some more stuff is filled out). These patches are not meant for inclusion into the audit package - they are probably not ready for that ;) They were merely a way to test the new functionality provided in the lspp kernel. I can rework them if there are suggestions that could make them acceptable for the real audit package. I also stuck a source rpm there that has the two patches in there. You can just grab that, build it, and force upgrade ('-Uhv --force' is what I do) the audit package that you have installed. The first patch (audit-1.1.5-audit_rule_data-support.patch) basically mirrors all calls that use an audit_rule struct with a similar call that uses an audit_rule_data struct. There are also a few bits that define things for nice compilation with the current headers. This patch should be completely backwards compatible since it only introduces new things (which are unused). The second patch (audit-1.1.5-audit_rule_data-use.patch) converts auditctl and autrace to use the audit_rule_data struct instead of the audit_rule struct. This patch will not work on kernels that do not support AUDIT_ADD_RULE, AUDIT_DEL_RULE, and AUDIT_LIST_RULES (the lspp kernel is OK, but the regular FC5 kernel is not). Using this auditctl (and the lspp kernel), you should be able to use the new field values of se_user, se_role, se_type, se_sen, and se_clr. Note that the se_sen and se_clr values will need to be in the "untranslated" form (e.g. s5:c0). -- Darrel

18 years, 9 months

2
1
0 / 0

Audit rm?

by Mont Rothstein

What syscall is used by rm? There is one for rmdir but I can't figure out how to audit when a file is deleted. Thanks, -Mont

18 years, 9 months

2
2
0 / 0

Re: Many rules one one line

by Dustin Kirkland

On 4/3/06, Mont Rothstein <mont.rothstein(a)gmail.com> wrote: > Is there any reason not to put many rules on one line in audit.rules? > > Ex: > -a exit, always -S creat -S open -S truncate -S truncate64 -S ftruncate -S > ftruncate64 -S unlink -S link -S symlink -S rename -S mkdir -S rmdir -F > devmajor=253 -F devminor=1 Yes, that is preferred. The total overhead of storing this rule in the kernel is reduced, and it's more efficient for the kernel filtering code to iterate over. You might have missed it, but this is exactly what Steve Grubb recommended to you on 3/28: https://www.redhat.com/archives/linux-audit/2006-March/msg00249.html :-Dustin

18 years, 9 months

1
0
0 / 0

Many rules one one line

by Mont Rothstein

Is there any reason not to put many rules on one line in audit.rules? Ex: -a exit, always -S creat -S open -S truncate -S truncate64 -S ftruncate -S ftruncate64 -S unlink -S link -S symlink -S rename -S mkdir -S rmdir -F devmajor=253 -F devminor=1 Thanks, -Mont

18 years, 9 months

1
0
0 / 0

Error on stop

by Mont Rothstein

When I stop auditd I get an error even though it gives me an OK. The error is: Error receiving watch list (Unknown error 4294967274) I saw a long but closed bug on this. Before I went and appened info to a closed bug I thought I should ask here first. I am on audit-1.0.12 is this still a bug in this version, and if it is do I need to worry about it? My output from uname -a is: Linux rheles4rs1.forayadams.foray.com 2.6.9-11.EL #1 Fri May 20 18:17:57 EDT 2005 i686 i686 i386 GNU/Linux Thanks, -Mont

18 years, 9 months

3
3
0 / 0

Reworked patch for labels on user space messages

by Steve Grubb

Hi, The below patch should be applied after the inode and ipc sid patches. This patch is a reworking of Tim's patch that has been updated to match the inode and ipc patches since its similar. Signed-off-by: Steve Grubb <sgrubb(a)redhat.com> diff -urp linux-2.6.16.x86_64.orig/include/linux/netlink.h linux-2.6.16.x86_64/include/linux/netlink.h --- linux-2.6.16.x86_64.orig/include/linux/netlink.h 2006-04-01 08:19:04.000000000 -0500 +++ linux-2.6.16.x86_64/include/linux/netlink.h 2006-04-01 08:00:26.000000000 -0500 @@ -143,6 +143,7 @@ struct netlink_skb_parms __u32 dst_group; kernel_cap_t eff_cap; __u32 loginuid; /* Login (audit) uid */ + __u32 sid; /* SELinux security id */ }; #define NETLINK_CB(skb) (*(struct netlink_skb_parms*)&((skb)->cb)) diff -urp linux-2.6.16.x86_64.orig/include/linux/selinux.h linux-2.6.16.x86_64/include/linux/selinux.h --- linux-2.6.16.x86_64.orig/include/linux/selinux.h 2006-04-01 08:19:05.000000000 -0500 +++ linux-2.6.16.x86_64/include/linux/selinux.h 2006-04-01 07:56:15.000000000 -0500 @@ -5,6 +5,7 @@ * * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris(a)redhat.com> * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel(a)trustedcs.com> + * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim(a)us.ibm.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, @@ -108,6 +109,16 @@ void selinux_get_inode_sid(const struct */ void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid); +/** + * selinux_get_task_sid - return the SID of task + * @tsk: the task whose SID will be returned + * @sid: pointer to security context ID to be filled in. + * + * Returns nothing + */ +void selinux_get_task_sid(struct task_struct *tsk, u32 *sid); + + #else static inline int selinux_audit_rule_init(u32 field, u32 op, @@ -156,6 +167,11 @@ static inline void selinux_get_ipc_sid(c *sid = 0; } +static inline void selinux_get_task_sid(struct task_struct *tsk, u32 *sid) +{ + *sid = 0; +} + #endif /* CONFIG_SECURITY_SELINUX */ #endif /* _LINUX_SELINUX_H */ diff -urp linux-2.6.16.x86_64.orig/kernel/audit.c linux-2.6.16.x86_64/kernel/audit.c --- linux-2.6.16.x86_64.orig/kernel/audit.c 2006-04-01 08:19:12.000000000 -0500 +++ linux-2.6.16.x86_64/kernel/audit.c 2006-04-01 08:08:55.000000000 -0500 @@ -389,7 +389,7 @@ static int audit_netlink_ok(kernel_cap_t static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) { - u32 uid, pid, seq; + u32 uid, pid, seq, sid; void *data; struct audit_status *status_get, status_set; int err; @@ -415,6 +415,7 @@ static int audit_receive_msg(struct sk_b pid = NETLINK_CREDS(skb)->pid; uid = NETLINK_CREDS(skb)->uid; loginuid = NETLINK_CB(skb).loginuid; + sid = NETLINK_CB(skb).sid; seq = nlh->nlmsg_seq; data = NLMSG_DATA(nlh); @@ -467,8 +468,23 @@ static int audit_receive_msg(struct sk_b ab = audit_log_start(NULL, GFP_KERNEL, msg_type); if (ab) { audit_log_format(ab, - "user pid=%d uid=%u auid=%u msg='%.1024s'", - pid, uid, loginuid, (char *)data); + "user pid=%d uid=%u auid=%u", + pid, uid, loginuid); + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string( + sid, &ctx, &len)) { + audit_log_format(ab, + " subj=%u", sid); + /* Maybe call audit_panic? */ + } else + audit_log_format(ab, + " subj=%s", ctx); + kfree(ctx); + } + audit_log_format(ab, " msg='%.1024s'", + (char *)data); audit_set_pid(ab, pid); audit_log_end(ab); } diff -urp linux-2.6.16.x86_64.orig/net/netlink/af_netlink.c linux-2.6.16.x86_64/net/netlink/af_netlink.c --- linux-2.6.16.x86_64.orig/net/netlink/af_netlink.c 2006-04-01 08:19:13.000000000 -0500 +++ linux-2.6.16.x86_64/net/netlink/af_netlink.c 2006-04-01 08:11:09.000000000 -0500 @@ -56,6 +56,7 @@ #include <linux/mm.h> #include <linux/types.h> #include <linux/audit.h> +#include <linux/selinux.h> #include <net/sock.h> #include <net/scm.h> @@ -1122,6 +1123,7 @@ static int netlink_sendmsg(struct kiocb NETLINK_CB(skb).dst_pid = dst_pid; NETLINK_CB(skb).dst_group = dst_group; NETLINK_CB(skb).loginuid = audit_get_loginuid(current->audit_context); + selinux_get_task_sid(current, &(NETLINK_CB(skb).sid)); memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred)); /* What can I do? Netlink is asynchronous, so that diff -urp linux-2.6.16.x86_64.orig/security/selinux/exports.c linux-2.6.16.x86_64/security/selinux/exports.c --- linux-2.6.16.x86_64.orig/security/selinux/exports.c 2006-04-01 08:19:14.000000000 -0500 +++ linux-2.6.16.x86_64/security/selinux/exports.c 2006-04-01 08:18:28.000000000 -0500 @@ -5,6 +5,7 @@ * * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris(a)redhat.com> * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel(a)trustedcs.com> + * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim(a)us.ibm.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, @@ -61,3 +62,13 @@ void selinux_get_ipc_sid(const struct ke *sid = 0; } +void selinux_get_task_sid(struct task_struct *tsk, u32 *sid) +{ + if (selinux_enabled) { + struct task_security_struct *isec = tsk->security; + *sid = isec->sid; + return; + } + *sid = 0; +} +

18 years, 9 months

2
2
0 / 0

[PATCH] Rework of IPC auditing

by Dustin Kirkland

Hi- I've reworked the handling of IPC auditing altogether. I did this with Klaus Weidner of atsec over my shoulder for much of it. He helped and advised exactly where the ipc code should be hooked and approved of the coverage at this point in terms of LSPP certification. To that extent, I very much thank Klaus and invite him to add any additional comments to this post. There are two key changes in this patch against Al's current git tree: 1) The audit_ipc_perms() function has been split into two different functions: - audit_ipc_obj() - audit_ipc_new_perm() There's a key shift here... The audit_ipc_obj() collects the uid, gid, mode, and SElinux context label of the current ipc object. This audit_ipc_obj() hook is now found in several places. Most notably, it is hooked in ipcperms(), which is called in various places around the ipc code permforming a MAC check. Additionally there are several places where *checkid() is used to validate that an operation is being performed on a valid object while not necessarily having a nearby ipcperms() call. In these locations, audit_ipc_obj() is called to ensure that the information is captured by the audit system. The audit_ipc_new_perm() function is called any time the permissions on the ipc object changes. In this case, the NEW permissions are recorded (and note that an audit_ipc_obj() call exists just a few lines before each instance). 2) Support for an AUDIT_IPC_NEW_PERM audit message type. This allows for separate auxiliary audit records for normal operations on an IPC object and permissions changes. Note that the same struct audit_aux_data_ipcctl is used and populated, however there are separate audit_log_format statements based on the type of the message. Finally, the AUDIT_IPC block of code in audit_free_aux() was extended to handle aux messages of this new type. No more mem leaks I hope ;-) Note that this does: - Change the format of the audit record (sorry test guys) - And add a new audit record that will need to be tested (sorry again test guys) The new auxiliary audit record helps clarify the purpose of the separate messages. And the separate audit_ipc_* functions eliminates the need for passing known invalid values where those aren't used and conditionally not printing those instances (which was messy). In the old case, it was confusing in that the same message type would mix old and new ids depending on which code called the audit hook. Now, it's clear what is being recorded. Thus, with Klaus, I did an exhaustive examination through the ipc code and we believe that this patch captures all of the pertinent audit information about ipc objects for LSPP. Note that the ipc/mqueue.c POSIX message queue filesystem was NOT hooked, as there do not appear to by any permissions checks in that code. It's our assumption that the messages necessary will be covered by audit hooks in the filesystem code as it looks like this ipc type is built on top of that. I've compiled and booted the kernel with this patch in all valid combinations of Audit/AuditSystemCall/SELinux compiled in and out. I have not tested with SELinux and/or Audit off. I think at this point this patch is ready for inclusion in our LSPP kernels and some testing. I have a couple of questions that remain: - I'd like to run these changes carefully by someone very familiar with the Linux ipc code. There are some strange nuances between msg.c, sem.c, and shm.c that I'd like to make sure are interpreted correctly. Al, is this your area? - There are a couple of warnings that have been in the ipc compilations for some time now about possibly using setbuf.* before initialization. I'm wondering if anyone thinks these compiler warnings are founded and if anyone has suggestions to silence them? - Finally a careful look that audit_free_aux() is accurately cleaning up the memory. Patch below. Thanks! :-Dustin diff --git a/include/linux/audit.h b/include/linux/audit.h index dd4f759..3614d13 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -82,6 +82,7 @@ #define AUDIT_CONFIG_CHANGE 1305 /* Audit system configuration change */ #define AUDIT_SOCKADDR 1306 /* sockaddr copied as syscall arg */ #define AUDIT_CWD 1307 /* Current working directory */ +#define AUDIT_IPC_NEW_PERM 1308 /* IPC new permissions record type */ #define AUDIT_AVC 1400 /* SE Linux avc denial or grant */ #define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */ @@ -315,7 +316,8 @@ extern void auditsc_get_stamp(struct aud struct timespec *t, unsigned int *serial); extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); extern uid_t audit_get_loginuid(struct audit_context *ctx); -extern int audit_ipc_perms(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp); +extern int audit_ipc_obj(struct kern_ipc_perm *ipcp); +extern int audit_ipc_new_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); extern int audit_socketcall(int nargs, unsigned long *args); extern int audit_sockaddr(int len, void *addr); extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); @@ -335,7 +337,8 @@ extern int audit_set_macxattr(const char #define audit_inode_child(d,i,p) do { ; } while (0) #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) #define audit_get_loginuid(c) ({ -1; }) -#define audit_ipc_perms(q,u,g,m,i) ({ 0; }) +#define audit_ipc_obj(i) ({ 0; }) +#define audit_ipc_new_perm(q,u,g,m) ({ 0; }) #define audit_socketcall(n,a) ({ 0; }) #define audit_sockaddr(len, addr) ({ 0; }) #define audit_avc_path(dentry, mnt) ({ 0; }) diff --git a/ipc/msg.c b/ipc/msg.c index 8c30ec2..382594f 100644 --- a/ipc/msg.c +++ b/ipc/msg.c @@ -13,6 +13,9 @@ * mostly rewritten, threaded and wake-one semantics added * MSGMAX limit removed, sysctl's added * (c) 1999 Manfred Spraul <manfred(a)colorfullife.com> + * + * support for audit of ipc object properties and permission changes + * Dustin Kirkland <dustin.kirkland(a)us.ibm.com> */ #include <linux/capability.h> @@ -446,6 +449,11 @@ asmlinkage long sys_msgctl (int msqid, i if (msg_checkid(msq,msqid)) goto out_unlock_up; ipcp = &msq->q_perm; + + err = audit_ipc_obj(ipcp); + if (err) + goto out_unlock_up; + err = -EPERM; if (current->euid != ipcp->cuid && current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) @@ -459,7 +467,8 @@ asmlinkage long sys_msgctl (int msqid, i switch (cmd) { case IPC_SET: { - if ((err = audit_ipc_perms(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode, ipcp))) + err = audit_ipc_new_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode); + if (err) goto out_unlock_up; err = -EPERM; diff --git a/ipc/sem.c b/ipc/sem.c index 59696a8..bb5f9f8 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -61,6 +61,9 @@ * (c) 2001 Red Hat Inc <alan(a)redhat.com> * Lockless wakeup * (c) 2003 Manfred Spraul <manfred(a)colorfullife.com> + * + * support for audit of ipc object properties and permission changes + * Dustin Kirkland <dustin.kirkland(a)us.ibm.com> */ #include <linux/config.h> @@ -819,6 +822,11 @@ static int semctl_down(int semid, int se goto out_unlock; } ipcp = &sma->sem_perm; + + err = audit_ipc_obj(ipcp); + if (err) + goto out_unlock; + if (current->euid != ipcp->cuid && current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { err=-EPERM; @@ -835,7 +843,8 @@ static int semctl_down(int semid, int se err = 0; break; case IPC_SET: - if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode, ipcp))) + err = audit_ipc_new_perm(0, setbuf.uid, setbuf.gid, setbuf.mode); + if (err) goto out_unlock; ipcp->uid = setbuf.uid; ipcp->gid = setbuf.gid; diff --git a/ipc/shm.c b/ipc/shm.c index a88c8a0..f419f5e 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -13,6 +13,8 @@ * Shared /dev/zero support, Kanoj Sarcar <kanoj(a)sgi.com> * Move the mm functionality over to mm/shmem.c, Christoph Rohland <cr(a)sap.com> * + * support for audit of ipc object properties and permission changes + * Dustin Kirkland <dustin.kirkland(a)us.ibm.com> */ #include <linux/config.h> @@ -540,6 +542,10 @@ asmlinkage long sys_shmctl (int shmid, i if(err) goto out_unlock; + err = audit_ipc_obj(&(shp->shm_perm)); + if (err) + goto out_unlock; + if (!capable(CAP_IPC_LOCK)) { err = -EPERM; if (current->euid != shp->shm_perm.uid && @@ -592,6 +598,10 @@ asmlinkage long sys_shmctl (int shmid, i if(err) goto out_unlock_up; + err = audit_ipc_obj(&(shp->shm_perm)); + if (err) + goto out_unlock_up; + if (current->euid != shp->shm_perm.uid && current->euid != shp->shm_perm.cuid && !capable(CAP_SYS_ADMIN)) { @@ -625,11 +635,15 @@ asmlinkage long sys_shmctl (int shmid, i err=-EINVAL; if(shp==NULL) goto out_up; - if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode, &(shp->shm_perm)))) - goto out_unlock_up; err = shm_checkid(shp,shmid); if(err) goto out_unlock_up; + err = audit_ipc_obj(&(shp->shm_perm)); + if (err) + goto out_unlock_up; + err = audit_ipc_new_perm(0, setbuf.uid, setbuf.gid, setbuf.mode); + if (err) + goto out_unlock_up; err=-EPERM; if (current->euid != shp->shm_perm.uid && current->euid != shp->shm_perm.cuid && diff --git a/ipc/util.c b/ipc/util.c index e37e1e9..be79943 100644 --- a/ipc/util.c +++ b/ipc/util.c @@ -10,6 +10,8 @@ * Manfred Spraul <manfred(a)colorfullife.com> * Oct 2002 - One lock per IPC id. RCU ipc_free for lock-free grow_ary(). * Mingming Cao <cmm(a)us.ibm.com> + * Mar 2006 - support for audit of ipc object properties + * Dustin Kirkland <dustin.kirkland(a)us.ibm.com> */ #include <linux/config.h> @@ -467,9 +469,10 @@ void ipc_rcu_putref(void *ptr) int ipcperms (struct kern_ipc_perm *ipcp, short flag) { /* flag will most probably be 0 or S_...UGO from <linux/stat.h> */ - int requested_mode, granted_mode; - - audit_ipc_context(ipcp); + int requested_mode, granted_mode, err; + + if (unlikely((err = audit_ipc_obj(ipcp)))) + return err; requested_mode = (flag >> 6) | (flag >> 3) | flag; granted_mode = ipcp->mode; if (current->euid == ipcp->cuid || current->euid == ipcp->uid) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index cd83289..acbb424 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -414,10 +414,10 @@ static inline void audit_free_aux(struct dput(axi->dentry); mntput(axi->mnt); } - if ( aux->type == AUDIT_IPC ) { + if ( aux->type == AUDIT_IPC || + aux->type == AUDIT_IPC_NEW_PERM ) { struct audit_aux_data_ipcctl *axi = (void *)aux; - if (axi->ctx) - kfree(axi->ctx); + kfree(axi->ctx); } context->aux = aux->next; @@ -618,8 +618,15 @@ static void audit_log_exit(struct audit_ case AUDIT_IPC: { struct audit_aux_data_ipcctl *axi = (void *)aux; audit_log_format(ab, - " qbytes=%lx iuid=%u igid=%u mode=%x obj=%s", - axi->qbytes, axi->uid, axi->gid, axi->mode, axi->ctx); + " iuid=%u igid=%u mode=%x obj=%s", + axi->uid, axi->gid, axi->mode, axi->ctx); + break; } + + case AUDIT_IPC_NEW_PERM: { + struct audit_aux_data_ipcctl *axi = (void *)aux; + audit_log_format(ab, + " new_qbytes=%lx new_iuid=%u new_igid=%u new_mode=%x", + axi->qbytes, axi->uid, axi->gid, axi->mode); break; } case AUDIT_SOCKETCALL: { @@ -1149,7 +1156,36 @@ uid_t audit_get_loginuid(struct audit_co } /** - * audit_ipc_perms - record audit data for ipc + * audit_ipc_obj - record audit data for ipc object + * @ipcp: ipc permissions + * + * Returns 0 for success or NULL context or < 0 on error. + */ +int audit_ipc_obj(struct kern_ipc_perm *ipcp) +{ + struct audit_aux_data_ipcctl *ax; + struct audit_context *context = current->audit_context; + + if (likely(!context)) + return 0; + + ax = kmalloc(sizeof(*ax), GFP_ATOMIC); + if (!ax) + return -ENOMEM; + + ax->uid = ipcp->uid; + ax->gid = ipcp->gid; + ax->mode = ipcp->mode; + ax->ctx = audit_ipc_context(ipcp); + + ax->d.type = AUDIT_IPC; + ax->d.next = context->aux; + context->aux = (void *)ax; + return 0; +} + +/** + * audit_ipc_new_perm - record audit data for new ipc permissions * @qbytes: msgq bytes * @uid: msgq user id * @gid: msgq group id @@ -1157,7 +1193,7 @@ uid_t audit_get_loginuid(struct audit_co * * Returns 0 for success or NULL context or < 0 on error. */ -int audit_ipc_perms(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp) +int audit_ipc_new_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) { struct audit_aux_data_ipcctl *ax; struct audit_context *context = current->audit_context; @@ -1173,9 +1209,8 @@ int audit_ipc_perms(unsigned long qbytes ax->uid = uid; ax->gid = gid; ax->mode = mode; - ax->ctx = audit_ipc_context(ipcp); - ax->d.type = AUDIT_IPC; + ax->d.type = AUDIT_IPC_NEW_PERM; ax->d.next = context->aux; context->aux = (void *)ax; return 0;

18 years, 9 months

4
5
0 / 0

More user space subject labels

by Steve Grubb

Hi, The patch below builds upon the patch sent earlier and adds subject label to all audit events generated via the netlink interface. It also cleans up a few other minor things. Signed-off-by: Steve Grubb <sgrubb(a)redhat.com> diff -urp linux-2.6.16.x86_64.orig/include/linux/audit.h linux-2.6.16.x86_64/include/linux/audit.h --- linux-2.6.16.x86_64.orig/include/linux/audit.h 2006-04-01 17:04:56.000000000 -0500 +++ linux-2.6.16.x86_64/include/linux/audit.h 2006-04-01 17:05:29.000000000 -0500 @@ -372,7 +372,7 @@ extern void audit_log_d_path(struct extern int audit_filter_user(struct netlink_skb_parms *cb, int type); extern int audit_filter_type(int type); extern int audit_receive_filter(int type, int pid, int uid, int seq, - void *data, size_t datasz, uid_t loginuid); + void *data, size_t datasz, uid_t loginuid, u32 sid); #else #define audit_log(c,g,t,f,...) do { ; } while (0) #define audit_log_start(c,g,t) ({ NULL; }) diff -urp linux-2.6.16.x86_64.orig/kernel/audit.c linux-2.6.16.x86_64/kernel/audit.c --- linux-2.6.16.x86_64.orig/kernel/audit.c 2006-04-01 17:05:01.000000000 -0500 +++ linux-2.6.16.x86_64/kernel/audit.c 2006-04-01 17:05:59.000000000 -0500 @@ -229,39 +229,84 @@ void audit_log_lost(const char *message) } } -static int audit_set_rate_limit(int limit, uid_t loginuid) +static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sid) { int old = audit_rate_limit; audit_rate_limit = limit; - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string( + sid, &ctx, &len)) { + /* Maybe call audit_panic? */ + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_rate_limit=%d old=%d by auid=%u ssid=%u", + audit_rate_limit, old, loginuid, sid); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_rate_limit=%d old=%d by auid=%u subj=%s", + audit_rate_limit, old, loginuid, ctx); + kfree(ctx); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, "audit_rate_limit=%d old=%d by auid=%u", audit_rate_limit, old, loginuid); return old; } -static int audit_set_backlog_limit(int limit, uid_t loginuid) +static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid) { int old = audit_backlog_limit; audit_backlog_limit = limit; - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string( + sid, &ctx, &len)) { + /* Maybe call audit_panic? */ + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_backlog_limit=%d old=%d by auid=%u ssid=%u", + audit_backlog_limit, old, loginuid, sid); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_backlog_limit=%d old=%d by auid=%u subj=%s", + audit_backlog_limit, old, loginuid, ctx); + kfree(ctx); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, "audit_backlog_limit=%d old=%d by auid=%u", audit_backlog_limit, old, loginuid); return old; } -static int audit_set_enabled(int state, uid_t loginuid) +static int audit_set_enabled(int state, uid_t loginuid, u32 sid) { int old = audit_enabled; if (state != 0 && state != 1) return -EINVAL; audit_enabled = state; - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string( + sid, &ctx, &len)) { + /* Maybe call audit_panic? */ + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_enabled=%d old=%d by auid=%u ssid=%u", + audit_enabled, old, loginuid, sid); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_enabled=%d old=%d by auid=%u subj=%s", + audit_enabled, old, loginuid, ctx); + kfree(ctx); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, "audit_enabled=%d old=%d by auid=%u", audit_enabled, old, loginuid); return old; } -static int audit_set_failure(int state, uid_t loginuid) +static int audit_set_failure(int state, uid_t loginuid, u32 sid) { int old = audit_failure; if (state != AUDIT_FAIL_SILENT @@ -269,7 +314,22 @@ static int audit_set_failure(int state, && state != AUDIT_FAIL_PANIC) return -EINVAL; audit_failure = state; - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string( + sid, &ctx, &len)) { + /* Maybe call audit_panic? */ + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_failure=%d old=%d by auid=%u ssid=%u", + audit_failure, old, loginuid, sid); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_failure=%d old=%d by auid=%u subj=%s", + audit_failure, old, loginuid, ctx); + kfree(ctx); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, "audit_failure=%d old=%d by auid=%u", audit_failure, old, loginuid); return old; @@ -436,25 +496,45 @@ static int audit_receive_msg(struct sk_b return -EINVAL; status_get = (struct audit_status *)data; if (status_get->mask & AUDIT_STATUS_ENABLED) { - err = audit_set_enabled(status_get->enabled, loginuid); + err = audit_set_enabled(status_get->enabled, + loginuid, sid); if (err < 0) return err; } if (status_get->mask & AUDIT_STATUS_FAILURE) { - err = audit_set_failure(status_get->failure, loginuid); + err = audit_set_failure(status_get->failure, + loginuid, sid); if (err < 0) return err; } if (status_get->mask & AUDIT_STATUS_PID) { int old = audit_pid; audit_pid = status_get->pid; - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, - "audit_pid=%d old=%d by auid=%u", - audit_pid, old, loginuid); + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string( + sid, &ctx, &len)) { + /* Maybe call audit_panic? */ + audit_log(NULL, GFP_KERNEL, + AUDIT_CONFIG_CHANGE, + "audit_pid=%d old=%d by auid=%u ssid=%u", + audit_pid, old, loginuid, sid); + } else + audit_log(NULL, GFP_KERNEL, + AUDIT_CONFIG_CHANGE, + "audit_pid=%d old=%d by auid=%u subj=%s", + audit_pid, old, loginuid,ctx); + kfree(ctx); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "audit_pid=%d old=%d by auid=%u", + audit_pid, old, loginuid); } if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) - audit_set_rate_limit(status_get->rate_limit, loginuid); + audit_set_rate_limit(status_get->rate_limit, + loginuid, sid); if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) audit_set_backlog_limit(status_get->backlog_limit, - loginuid); + loginuid, sid); break; case AUDIT_USER: case AUDIT_FIRST_USER_MSG...AUDIT_LAST_USER_MSG: @@ -476,7 +556,7 @@ static int audit_receive_msg(struct sk_b if (selinux_ctxid_to_string( sid, &ctx, &len)) { audit_log_format(ab, - " subj=%u", sid); + " ssid=%u", sid); /* Maybe call audit_panic? */ } else audit_log_format(ab, @@ -498,7 +578,7 @@ static int audit_receive_msg(struct sk_b case AUDIT_LIST: err = audit_receive_filter(nlh->nlmsg_type, NETLINK_CB(skb).pid, uid, seq, data, nlmsg_len(nlh), - loginuid); + loginuid, sid); break; case AUDIT_ADD_RULE: case AUDIT_DEL_RULE: @@ -508,7 +588,7 @@ static int audit_receive_msg(struct sk_b case AUDIT_LIST_RULES: err = audit_receive_filter(nlh->nlmsg_type, NETLINK_CB(skb).pid, uid, seq, data, nlmsg_len(nlh), - loginuid); + loginuid, sid); break; case AUDIT_SIGNAL_INFO: sig_data.uid = audit_sig_uid; diff -urp linux-2.6.16.x86_64.orig/kernel/auditfilter.c linux-2.6.16.x86_64/kernel/auditfilter.c --- linux-2.6.16.x86_64.orig/kernel/auditfilter.c 2006-04-01 17:05:01.000000000 -0500 +++ linux-2.6.16.x86_64/kernel/auditfilter.c 2006-04-01 17:05:29.000000000 -0500 @@ -701,7 +701,7 @@ static inline void audit_update_watch(st ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); audit_log_format(ab, "audit updated rules specifying watch="); audit_log_untrustedstring(ab, owatch->path); - audit_log_format(ab, " with dev=%u ino=%lu\n", dev, ino); + audit_log_format(ab, " with dev=%u ino=%lu", dev, ino); audit_log_end(ab); list_del(&owatch->wlist); @@ -733,7 +733,7 @@ static inline void audit_remove_parent_w call_rcu(&e->rcu, audit_free_rule_rcu); audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, - "audit implicitly removed rule from list=%d\n", + "audit implicitly removed rule from list=%d", AUDIT_FILTER_EXIT); } list_del(&w->wlist); @@ -1118,9 +1118,10 @@ static int audit_list_rules(void *_dest) * @data: payload data * @datasz: size of payload data * @loginuid: loginuid of sender + * @sid: SE Linux Security ID of sender */ int audit_receive_filter(int type, int pid, int uid, int seq, void *data, - size_t datasz, uid_t loginuid) + size_t datasz, uid_t loginuid, u32 sid) { struct task_struct *tsk; int *dest; @@ -1163,9 +1164,23 @@ int audit_receive_filter(int type, int p err = audit_add_rule(entry, &audit_filter_list[entry->rule.listnr]); - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, - "auid=%u add rule to list=%d res=%d\n", - loginuid, entry->rule.listnr, !err); + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string(sid, &ctx, &len)) { + /* Maybe call audit_panic? */ + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "auid=%u ssid=%u add rule to list=%d res=%d", + loginuid, sid, entry->rule.listnr, !err); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "auid=%u subj=%s add rule to list=%d res=%d", + loginuid, ctx, entry->rule.listnr, !err); + kfree(ctx); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "auid=%u add rule to list=%d res=%d", + loginuid, entry->rule.listnr, !err); if (err) audit_free_rule(entry); @@ -1181,9 +1196,24 @@ int audit_receive_filter(int type, int p err = audit_del_rule(entry, &audit_filter_list[entry->rule.listnr]); - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, - "auid=%u remove rule from list=%d res=%d\n", - loginuid, entry->rule.listnr, !err); + + if (sid) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string(sid, &ctx, &len)) { + /* Maybe call audit_panic? */ + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "auid=%u ssid=%u remove rule from list=%d res=%d", + loginuid, sid, entry->rule.listnr, !err); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "auid=%u subj=%s remove rule from list=%d res=%d", + loginuid, ctx, entry->rule.listnr, !err); + kfree(ctx); + } else + audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, + "auid=%u remove rule from list=%d res=%d", + loginuid, entry->rule.listnr, !err); audit_free_rule(entry); break; diff -urp linux-2.6.16.x86_64.orig/kernel/auditsc.c linux-2.6.16.x86_64/kernel/auditsc.c --- linux-2.6.16.x86_64.orig/kernel/auditsc.c 2006-04-01 17:05:01.000000000 -0500 +++ linux-2.6.16.x86_64/kernel/auditsc.c 2006-04-01 17:05:29.000000000 -0500 @@ -661,7 +661,7 @@ static void audit_log_exit(struct audit_ u32 len; if (selinux_ctxid_to_string( axi->osid, &ctx, &len)) { - audit_log_format(ab, " obj=%u", + audit_log_format(ab, " osid=%u", axi->osid); call_panic = 1; } else @@ -736,7 +736,7 @@ static void audit_log_exit(struct audit_ u32 len; if (selinux_ctxid_to_string( context->names[i].osid, &ctx, &len)) { - audit_log_format(ab, " obj=%u", + audit_log_format(ab, " osid=%u", context->names[i].osid); call_panic = 2; } else

18 years, 9 months

1
1
0 / 0

change lspp ipc auditing

by Steve Grubb

Hi, The patch below converts IPC auditing to collect sid's and convert to context string only if it needs to output an audit record. This patch depends on the inode audit change patch already being applied. Signed-off-by: Steve Grubb <sgrubb(a)redhat.com> diff -urp linux-2.6.16.x86_64.orig/include/linux/security.h linux-2.6.16.x86_64/include/linux/security.h --- linux-2.6.16.x86_64.orig/include/linux/security.h 2006-03-31 08:32:05.000000000 -0500 +++ linux-2.6.16.x86_64/include/linux/security.h 2006-03-31 09:58:48.000000000 -0500 @@ -869,11 +869,6 @@ struct swap_info_struct; * @ipcp contains the kernel IPC permission structure * @flag contains the desired (requested) permission set * Return 0 if permission is granted. - * @ipc_getsecurity: - * Copy the security label associated with the ipc object into - * @buffer. @buffer may be NULL to request the size of the buffer - * required. @size indicates the size of @buffer in bytes. Return - * number of bytes used/required on success. * * Security hooks for individual messages held in System V IPC message queues * @msg_msg_alloc_security: @@ -1223,7 +1218,6 @@ struct security_operations { void (*task_to_inode)(struct task_struct *p, struct inode *inode); int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag); - int (*ipc_getsecurity)(struct kern_ipc_perm *ipcp, void *buffer, size_t size); int (*msg_msg_alloc_security) (struct msg_msg * msg); void (*msg_msg_free_security) (struct msg_msg * msg); @@ -1881,11 +1875,6 @@ static inline int security_ipc_permissio return security_ops->ipc_permission (ipcp, flag); } -static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size) -{ - return security_ops->ipc_getsecurity(ipcp, buffer, size); -} - static inline int security_msg_msg_alloc (struct msg_msg * msg) { return security_ops->msg_msg_alloc_security (msg); @@ -2521,11 +2510,6 @@ static inline int security_ipc_permissio return 0; } -static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size) -{ - return -EOPNOTSUPP; -} - static inline int security_msg_msg_alloc (struct msg_msg * msg) { return 0; diff -urp linux-2.6.16.x86_64.orig/include/linux/selinux.h linux-2.6.16.x86_64/include/linux/selinux.h --- linux-2.6.16.x86_64.orig/include/linux/selinux.h 2006-03-31 08:32:09.000000000 -0500 +++ linux-2.6.16.x86_64/include/linux/selinux.h 2006-03-31 08:55:33.000000000 -0500 @@ -16,6 +16,7 @@ struct selinux_audit_rule; struct audit_context; struct inode; +struct kern_ipc_perm; #ifdef CONFIG_SECURITY_SELINUX @@ -98,6 +99,15 @@ int selinux_ctxid_to_string(u32 ctxid, c */ void selinux_get_inode_sid(const struct inode *inode, u32 *sid); +/** + * selinux_get_ipc_sid - get the ipc security context ID + * @ipcp: ipc structure to get the sid from. + * @sid: pointer to security context ID to be filled in. + * + * Returns nothing + */ +void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid); + #else static inline int selinux_audit_rule_init(u32 field, u32 op, @@ -141,6 +151,11 @@ static inline void selinux_get_inode_sid *sid = 0; } +static inline void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid) +{ + *sid = 0; +} + #endif /* CONFIG_SECURITY_SELINUX */ #endif /* _LINUX_SELINUX_H */ diff -urp linux-2.6.16.x86_64.orig/kernel/auditsc.c linux-2.6.16.x86_64/kernel/auditsc.c --- linux-2.6.16.x86_64.orig/kernel/auditsc.c 2006-03-31 08:32:14.000000000 -0500 +++ linux-2.6.16.x86_64/kernel/auditsc.c 2006-03-31 08:55:33.000000000 -0500 @@ -107,7 +107,7 @@ struct audit_aux_data_ipcctl { uid_t uid; gid_t gid; mode_t mode; - char *ctx; + u32 osid; }; struct audit_aux_data_socketcall { @@ -457,11 +457,6 @@ static inline void audit_free_aux(struct dput(axi->dentry); mntput(axi->mnt); } - if ( aux->type == AUDIT_IPC ) { - struct audit_aux_data_ipcctl *axi = (void *)aux; - if (axi->ctx) - kfree(axi->ctx); - } context->aux = aux->next; kfree(aux); @@ -612,7 +607,7 @@ static void audit_log_task_info(struct a static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask) { - int i; + int i, call_panic = 0; struct audit_buffer *ab; struct audit_aux_data *aux; const char *tty; @@ -661,8 +656,20 @@ static void audit_log_exit(struct audit_ case AUDIT_IPC: { struct audit_aux_data_ipcctl *axi = (void *)aux; audit_log_format(ab, - " qbytes=%lx iuid=%u igid=%u mode=%x obj=%s", - axi->qbytes, axi->uid, axi->gid, axi->mode, axi->ctx); + " qbytes=%lx iuid=%u igid=%u mode=%x", + axi->qbytes, axi->uid, axi->gid, axi->mode); + if (axi->osid != 0) { + char *ctx = NULL; + u32 len; + if (selinux_ctxid_to_string( + axi->osid, &ctx, &len)) { + audit_log_format(ab, " obj=%u", + axi->osid); + call_panic = 1; + } else + audit_log_format(ab, " obj=%s", ctx); + kfree(ctx); + } break; } case AUDIT_SOCKETCALL: { @@ -697,7 +704,6 @@ static void audit_log_exit(struct audit_ } } for (i = 0; i < context->name_count; i++) { - int call_panic = 0; unsigned long ino = context->names[i].ino; unsigned long pino = context->names[i].pino; @@ -734,16 +740,16 @@ static void audit_log_exit(struct audit_ context->names[i].osid, &ctx, &len)) { audit_log_format(ab, " obj=%u", context->names[i].osid); - call_panic = 1; + call_panic = 2; } else audit_log_format(ab, " obj=%s", ctx); kfree(ctx); } audit_log_end(ab); - if (call_panic) - audit_panic("error converting sid to string"); } + if (call_panic) + audit_panic("error converting sid to string"); } /** @@ -988,7 +994,7 @@ void audit_putname(const char *name) #endif } -void audit_inode_context(int idx, const struct inode *inode) +static void audit_inode_context(int idx, const struct inode *inode) { struct audit_context *context = current->audit_context; @@ -1161,38 +1167,6 @@ uid_t audit_get_loginuid(struct audit_co return ctx ? ctx->loginuid : -1; } -static char *audit_ipc_context(struct kern_ipc_perm *ipcp) -{ - struct audit_context *context = current->audit_context; - char *ctx = NULL; - int len = 0; - - if (likely(!context)) - return NULL; - - len = security_ipc_getsecurity(ipcp, NULL, 0); - if (len == -EOPNOTSUPP) - goto ret; - if (len < 0) - goto error_path; - - ctx = kmalloc(len, GFP_ATOMIC); - if (!ctx) - goto error_path; - - len = security_ipc_getsecurity(ipcp, ctx, len); - if (len < 0) - goto error_path; - - return ctx; - -error_path: - kfree(ctx); - audit_panic("error in audit_ipc_context"); -ret: - return NULL; -} - /** * audit_ipc_perms - record audit data for ipc * @qbytes: msgq bytes @@ -1218,7 +1192,7 @@ int audit_ipc_perms(unsigned long qbytes ax->uid = uid; ax->gid = gid; ax->mode = mode; - ax->ctx = audit_ipc_context(ipcp); + selinux_get_ipc_sid(ipcp, &ax->osid); ax->d.type = AUDIT_IPC; ax->d.next = context->aux; diff -urp linux-2.6.16.x86_64.orig/security/dummy.c linux-2.6.16.x86_64/security/dummy.c --- linux-2.6.16.x86_64.orig/security/dummy.c 2006-03-31 08:32:15.000000000 -0500 +++ linux-2.6.16.x86_64/security/dummy.c 2006-03-31 11:51:09.000000000 -0500 @@ -563,11 +563,6 @@ static int dummy_ipc_permission (struct return 0; } -static int dummy_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size) -{ - return -EOPNOTSUPP; -} - static int dummy_msg_msg_alloc_security (struct msg_msg *msg) { return 0; @@ -970,7 +965,6 @@ void security_fixup_ops (struct security set_to_dummy_if_null(ops, task_reparent_to_init); set_to_dummy_if_null(ops, task_to_inode); set_to_dummy_if_null(ops, ipc_permission); - set_to_dummy_if_null(ops, ipc_getsecurity); set_to_dummy_if_null(ops, msg_msg_alloc_security); set_to_dummy_if_null(ops, msg_msg_free_security); set_to_dummy_if_null(ops, msg_queue_alloc_security); diff -urp linux-2.6.16.x86_64.orig/security/selinux/exports.c linux-2.6.16.x86_64/security/selinux/exports.c --- linux-2.6.16.x86_64.orig/security/selinux/exports.c 2006-03-31 08:32:15.000000000 -0500 +++ linux-2.6.16.x86_64/security/selinux/exports.c 2006-03-31 08:55:33.000000000 -0500 @@ -15,6 +15,7 @@ #include <linux/module.h> #include <linux/selinux.h> #include <linux/fs.h> +#include <linux/ipc.h> #include "security.h" #include "objsec.h" @@ -50,3 +51,13 @@ void selinux_get_inode_sid(const struct *sid = 0; } +void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid) +{ + if (selinux_enabled) { + struct ipc_security_struct *isec = ipcp->security; + *sid = isec->sid; + return; + } + *sid = 0; +} + diff -urp linux-2.6.16.x86_64.orig/security/selinux/hooks.c linux-2.6.16.x86_64/security/selinux/hooks.c --- linux-2.6.16.x86_64.orig/security/selinux/hooks.c 2006-03-31 08:32:15.000000000 -0500 +++ linux-2.6.16.x86_64/security/selinux/hooks.c 2006-03-31 09:58:06.000000000 -0500 @@ -4016,13 +4016,6 @@ static int selinux_ipc_permission(struct return ipc_has_perm(ipcp, av); } -static int selinux_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size) -{ - struct ipc_security_struct *isec = ipcp->security; - - return selinux_getsecurity(isec->sid, buffer, size); -} - /* module stacking operations */ static int selinux_register_security (const char *name, struct security_operations *ops) { @@ -4285,7 +4278,6 @@ static struct security_operations selinu .task_to_inode = selinux_task_to_inode, .ipc_permission = selinux_ipc_permission, - .ipc_getsecurity = selinux_ipc_getsecurity, .msg_msg_alloc_security = selinux_msg_msg_alloc_security, .msg_msg_free_security = selinux_msg_msg_free_security,

18 years, 9 months

3
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Linux-audit April 2006