kernel/linux.git/security/lsm_audit.c, branch v6.12.80

lsm: fix a number of misspellings

2023-05-25T21:52:15+00:00

A random collection of spelling fixes for source files in the LSM layer. Reviewed-by: Casey Schaufler Signed-off-by: Paul Moore

af_unix: preserve const qualifier in unix_sk()

2023-03-18T12:23:33+00:00

We can change unix_sk() to propagate its argument const qualifier, thanks to container_of_const(). We need to change dump_common_audit_data() 'struct unix_sock *u' local var to get a const attribute. Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Signed-off-by: David S. Miller

inet: preserve const qualifier in inet_sk()

2023-03-17T08:56:37+00:00

We can change inet_sk() to propagate const qualifier of its argument. This should avoid some potential errors caused by accidental (const -> not_const) promotion. Other helpers like tcp_sk(), udp_sk(), raw_sk() will be handled in separate patch series. v2: use container_of_const() as advised by Jakub and Linus Signed-off-by: Eric Dumazet Link: https://lore.kernel.org/netdev/20230315142841.3a2ac99a@kernel.org/ Link: https://lore.kernel.org/netdev/CAHk-=wiOf12nrYEF2vJMcucKjWPN-Ns_SW9fA7LwST_2Dzp7rw@mail.gmail.com/ Signed-off-by: David S. Miller

audit: Fix some kernel-doc warnings

2022-10-28T10:37:55+00:00

The current code provokes some kernel-doc warnings: security/lsm_audit.c:198: warning: Function parameter or member 'ab' not described in 'dump_common_audit_data' Signed-off-by: Bo Liu [PM: description line wrap] Signed-off-by: Paul Moore

lsm: clean up redundant NULL pointer check

2022-08-16T02:44:01+00:00

The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that they will never return NULL, and elsewhere users don't do the check as well, so remove the check here. Signed-off-by: Xiu Jianfeng [PM: subject line tweaks] Signed-off-by: Paul Moore

selinux: log anon inode class name

2022-05-03T20:09:03+00:00

Log the anonymous inode class name in the security hook inode_init_security_anon. This name is the key for name based type transitions on the anon_inode security class on creation. Example: type=AVC msg=audit(02/16/22 22:02:50.585:216) : avc: granted \ { create } for pid=2136 comm=mariadbd anonclass=[io_uring] \ scontext=system_u:system_r:mysqld_t:s0 \ tcontext=system_u:system_r:mysqld_iouring_t:s0 tclass=anon_inode Add a new LSM audit data type holding the inode and the class name. Signed-off-by: Christian Göttsche [PM: adjusted 'anonclass' to be a trusted string, cgzones approved] Signed-off-by: Paul Moore

lsm_audit: avoid overloading the "key" audit field

2021-09-20T02:47:04+00:00

The "key" field is used to associate records with the rule that triggered them, os it's not a good idea to overload it with an additional IPC key semantic. Moreover, as the classic "key" field is a text field, while the IPC key is numeric, AVC records containing the IPC key info actually confuse audit userspace, which tries to interpret the number as a hex-encoded string, thus showing garbage for example in the ausearch "interpret" output mode. Hence, change it to "ipc_key" to fix both issues and also make the meaning of this field more clear. Signed-off-by: Ondrej Mosnacek Reviewed-by: Richard Guy Briggs Signed-off-by: Paul Moore

audit: remove unnecessary 'ret' initialization

2021-06-11T17:21:28+00:00

The variable 'ret' is set to 0 when declared. The 'ret' is unused until it is set to 0 again. So it had better remove unnecessary initialization. Signed-off-by: Austin Kim Signed-off-by: Paul Moore

make dump_common_audit_data() safe to be called from RCU pathwalk

2021-01-16T20:12:08+00:00

Signed-off-by: Al Viro

dump_common_audit_data(): fix racy accesses to ->d_name

2021-01-16T20:11:35+00:00

We are not guaranteed the locking environment that would prevent dentry getting renamed right under us. And it's possible for old long name to be freed after rename, leading to UAF here. Cc: stable@kernel.org # v2.6.2+ Signed-off-by: Al Viro