Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

audit: treat s_id as an untrusted string

The use of s_id should go through the untrusted string path, just to be
extra careful.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Kees Cook 13 years ago
parent
5afb8a3f96
commit
41fdc3054e
2 changed files with 18 additions and 13 deletions
Split View Show Diff Stats
  1. 5 3
      security/integrity/ima/ima_audit.c
  2. 13 10
      security/lsm_audit.c

+ 5 - 3
security/integrity/ima/ima_audit.c
View File 

@@ -56,9 +56,11 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
 
 		audit_log_format(ab, " name=");
 
 		audit_log_untrustedstring(ab, fname);
 
 	}
 
-	if (inode)
 
-		audit_log_format(ab, " dev=%s ino=%lu",
 
-				 inode->i_sb->s_id, inode->i_ino);
 
+	if (inode) {
 
+		audit_log_format(ab, " dev=");
 
+		audit_log_untrustedstring(ab, inode->i_sb->s_id);
 
+		audit_log_format(ab, " ino=%lu", inode->i_ino);
 
+	}
 
 	audit_log_format(ab, " res=%d", !result ? 0 : 1);
 
 	audit_log_end(ab);
 
 }

+ 13 - 10
security/lsm_audit.c
View File 

@@ -235,10 +235,11 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 
 		audit_log_d_path(ab, "path=", &a->u.path);
 
 
 		inode = a->u.path.dentry->d_inode;
 
-		if (inode)
 
-			audit_log_format(ab, " dev=%s ino=%lu",
 
-					inode->i_sb->s_id,
 
-					inode->i_ino);
 
+		if (inode) {
 
+			audit_log_format(ab, " dev=");
 
+			audit_log_untrustedstring(ab, inode->i_sb->s_id);
 
+			audit_log_format(ab, " ino=%lu", inode->i_ino);
 
+		}
 
 		break;
 
 	}
 
 	case LSM_AUDIT_DATA_DENTRY: {
 
@@ -248,10 +249,11 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 
 		audit_log_untrustedstring(ab, a->u.dentry->d_name.name);
 
 
 		inode = a->u.dentry->d_inode;
 
-		if (inode)
 
-			audit_log_format(ab, " dev=%s ino=%lu",
 
-					inode->i_sb->s_id,
 
-					inode->i_ino);
 
+		if (inode) {
 
+			audit_log_format(ab, " dev=");
 
+			audit_log_untrustedstring(ab, inode->i_sb->s_id);
 
+			audit_log_format(ab, " ino=%lu", inode->i_ino);
 
+		}
 
 		break;
 
 	}
 
 	case LSM_AUDIT_DATA_INODE: {
 
@@ -266,8 +268,9 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 
 					 dentry->d_name.name);
 
 			dput(dentry);
 
 		}
 
-		audit_log_format(ab, " dev=%s ino=%lu", inode->i_sb->s_id,
 
-				 inode->i_ino);
 
+		audit_log_format(ab, " dev=");
 
+		audit_log_untrustedstring(ab, inode->i_sb->s_id);
 
+		audit_log_format(ab, " ino=%lu", inode->i_ino);
 
 		break;
 
 	}
 
 	case LSM_AUDIT_DATA_TASK: