19 年之前 · ac03221a4f
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -325,7 +325,7 @@ extern void auditsc_get_stamp(struct audit_context *ctx,
 
				 extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);
			
 
				 extern uid_t audit_get_loginuid(struct audit_context *ctx);
			
 
				 extern int audit_ipc_obj(struct kern_ipc_perm *ipcp);
			
 
				-extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp);
			
 
				+extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
			
 
				 extern int audit_bprm(struct linux_binprm *bprm);
			
 
				 extern int audit_socketcall(int nargs, unsigned long *args);
			
 
				 extern int audit_sockaddr(int len, void *addr);
			
@@ -345,7 +345,7 @@ extern int audit_set_macxattr(const char *name);
 
				 #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
			
 
				 #define audit_get_loginuid(c) ({ -1; })
			
 
				 #define audit_ipc_obj(i) ({ 0; })
			
 
				-#define audit_ipc_set_perm(q,u,g,m,i) ({ 0; })
			
 
				+#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
			
 
				 #define audit_bprm(p) ({ 0; })
			
 
				 #define audit_socketcall(n,a) ({ 0; })
			
 
				 #define audit_sockaddr(len, addr) ({ 0; })
			
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -454,6 +454,11 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf)
 
				 	err = audit_ipc_obj(ipcp);
			
 
				 	if (err)
			
 
				 		goto out_unlock_up;
			
 
				+	if (cmd==IPC_SET) {
			
 
				+		err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode);
			
 
				+		if (err)
			
 
				+			goto out_unlock_up;
			
 
				+	}
			
 
				 
			
 
				 	err = -EPERM;
			
 
				 	if (current->euid != ipcp->cuid && 
			
@@ -468,10 +473,6 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf)
 
				 	switch (cmd) {
			
 
				 	case IPC_SET:
			
 
				 	{
			
 
				-		err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode, ipcp);
			
 
				-		if (err)
			
 
				-			goto out_unlock_up;
			
 
				-
			
 
				 		err = -EPERM;
			
 
				 		if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE))
			
 
				 			goto out_unlock_up;
			
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -828,6 +828,11 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun
 
				 	if (err)
			
 
				 		goto out_unlock;
			
 
				 
			
 
				+	if (cmd == IPC_SET) {
			
 
				+		err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode);
			
 
				+		if (err)
			
 
				+			goto out_unlock;
			
 
				+	}
			
 
				 	if (current->euid != ipcp->cuid && 
			
 
				 	    current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) {
			
 
				 	    	err=-EPERM;
			
@@ -844,9 +849,6 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun
 
				 		err = 0;
			
 
				 		break;
			
 
				 	case IPC_SET:
			
 
				-		err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode, ipcp);
			
 
				-		if (err)
			
 
				-			goto out_unlock;
			
 
				 		ipcp->uid = setbuf.uid;
			
 
				 		ipcp->gid = setbuf.gid;
			
 
				 		ipcp->mode = (ipcp->mode & ~S_IRWXUGO)
			
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -643,7 +643,7 @@ asmlinkage long sys_shmctl (int shmid, int cmd, struct shmid_ds __user *buf)
 
				 		err = audit_ipc_obj(&(shp->shm_perm));
			
 
				 		if (err)
			
 
				 			goto out_unlock_up;
			
 
				-		err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode, &(shp->shm_perm));
			
 
				+		err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode);
			
 
				 		if (err)
			
 
				 			goto out_unlock_up;
			
 
				 		err=-EPERM;
			
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -648,8 +648,8 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
 
				 		case AUDIT_IPC: {
			
 
				 			struct audit_aux_data_ipcctl *axi = (void *)aux;
			
 
				 			audit_log_format(ab, 
			
 
				-				 " qbytes=%lx iuid=%u igid=%u mode=%x",
			
 
				-				 axi->qbytes, axi->uid, axi->gid, axi->mode);
			
 
				+				 "ouid=%u ogid=%u mode=%x",
			
 
				+				 axi->uid, axi->gid, axi->mode);
			
 
				 			if (axi->osid != 0) {
			
 
				 				char *ctx = NULL;
			
 
				 				u32 len;
			
@@ -667,21 +667,10 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
 
				 		case AUDIT_IPC_SET_PERM: {
			
 
				 			struct audit_aux_data_ipcctl *axi = (void *)aux;
			
 
				 			audit_log_format(ab,
			
 
				-				" new qbytes=%lx new iuid=%u new igid=%u new mode=%x",
			
 
				+				"qbytes=%lx ouid=%u ogid=%u mode=%x",
			
 
				 				axi->qbytes, axi->uid, axi->gid, axi->mode);
			
 
				-			if (axi->osid != 0) {
			
 
				-				char *ctx = NULL;
			
 
				-				u32 len;
			
 
				-				if (selinux_ctxid_to_string(
			
 
				-						axi->osid, &ctx, &len)) {
			
 
				-					audit_log_format(ab, " osid=%u",
			
 
				-							axi->osid);
			
 
				-					call_panic = 1;
			
 
				-				} else
			
 
				-					audit_log_format(ab, " obj=%s", ctx);
			
 
				-				kfree(ctx);
			
 
				-			}
			
 
				 			break; }
			
 
				+
			
 
				 		case AUDIT_EXECVE: {
			
 
				 			struct audit_aux_data_execve *axi = (void *)aux;
			
 
				 			int i;
			
@@ -1232,7 +1221,7 @@ int audit_ipc_obj(struct kern_ipc_perm *ipcp)
 
				  *
			
 
				  * Returns 0 for success or NULL context or < 0 on error.
			
 
				  */
			
 
				-int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp)
			
 
				+int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
			
 
				 {
			
 
				 	struct audit_aux_data_ipcctl *ax;
			
 
				 	struct audit_context *context = current->audit_context;
			
@@ -1248,7 +1237,6 @@ int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode,
 
				 	ax->uid = uid;
			
 
				 	ax->gid = gid;
			
 
				 	ax->mode = mode;
			
 
				-	selinux_get_ipc_sid(ipcp, &ax->osid);
			
 
				 
			
 
				 	ax->d.type = AUDIT_IPC_SET_PERM;
			
 
				 	ax->d.next = context->aux;