We can simplify the AUDIT_TTY_SET code to only grab the spin_lock one
time. We need to determine if the new values are valid and if so, set
the new values at the same time we grab the old onces. While we are
here get rid of 'res' and just use err.
Signed-off-by: Eric Paris <eparis(a)redhat.com>
---
kernel/audit.c | 28 +++++++++++++---------------
1 file changed, 13 insertions(+), 15 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index f45966e..5f7d2d9 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -999,19 +999,24 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
struct audit_tty_status s, old;
struct task_struct *tsk = current;
struct audit_buffer *ab;
- int res = 0;
+
+ memset(&s, 0, sizeof(s));
+ /* guard against past and future API changes */
+ memcpy(&s, data, min_t(size_t, sizeof(s), nlmsg_len(nlh)));
+ /* check if new data is valid */
+ if ((s.enabled != 0 && s.enabled != 1) ||
+ (s.log_passwd != 0 && s.log_passwd != 1))
+ err = -EINVAL;
spin_lock(&tsk->sighand->siglock);
old.enabled = tsk->signal->audit_tty;
old.log_passwd = tsk->signal->audit_tty_log_passwd;
+ if (!err) {
+ tsk->signal->audit_tty = s.enabled;
+ tsk->signal->audit_tty_log_passwd = s.log_passwd;
+ }
spin_unlock(&tsk->sighand->siglock);
- memset(&s, 0, sizeof(s));
- /* guard against past and future API changes */
- memcpy(&s, data, min_t(size_t, sizeof(s), nlmsg_len(nlh)));
- if ((s.enabled == 0 || s.enabled == 1) &&
- (s.log_passwd == 0 || s.log_passwd == 1))
- res = 1;
audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
audit_log_format(ab, " op=tty_set"
" old-enabled=%d old-log_passwd=%d"
@@ -1019,15 +1024,8 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
" res=%d",
old.enabled, old.log_passwd,
s.enabled, s.log_passwd,
- res);
+ !err);
audit_log_end(ab);
- if (res) {
- spin_lock(&tsk->sighand->siglock);
- tsk->signal->audit_tty = s.enabled;
- tsk->signal->audit_tty_log_passwd = s.log_passwd;
- spin_unlock(&tsk->sighand->siglock);
- } else
- return -EINVAL;
break;
}
default:
--
1.8.4.2
Show replies by date
An admin is likely to want to see old and new values next to each other.
Putting all of the old values followed by all of the new values is just
hard to read as a human.
Signed-off-by: Eric Paris <eparis(a)redhat.com>
---
kernel/audit.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 5f7d2d9..d9b4b43 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1018,13 +1018,10 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
spin_unlock(&tsk->sighand->siglock);
audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
- audit_log_format(ab, " op=tty_set"
- " old-enabled=%d old-log_passwd=%d"
- " new-enabled=%d new-log_passwd=%d"
- " res=%d",
- old.enabled, old.log_passwd,
- s.enabled, s.log_passwd,
- !err);
+ audit_log_format(ab, " op=tty_set old-enabled=%d new-enabled=%d"
+ " old-log_passwd=%d new-log_passwd=%d res=%d",
+ old.enabled, s.enabled, old.log_passwd,
+ s.log_passwd, !err);
audit_log_end(ab);
break;
}
--
1.8.4.2