From: Peter Hurley <peter@hurleysoftware.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jiri Slaby <jslaby@suse.cz>,
linux-audit@redhat.com, linux-kernel@vger.kernel.org,
Peter Hurley <peter@hurleysoftware.com>
Subject: [RESEND][PATCH 09/15] tty: audit: Handle tty audit enable atomically
Date: Sat, 9 Jan 2016 20:59:02 -0800 [thread overview]
Message-ID: <1452401948-30790-10-git-send-email-peter@hurleysoftware.com> (raw)
In-Reply-To: <1452401948-30790-1-git-send-email-peter@hurleysoftware.com>
The audit_tty and audit_tty_log_passwd fields are actually bool
values, so merge into single memory location to access atomically.
NB: audit log operations may still occur after tty audit is disabled
which is consistent with the existing functionality
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
---
drivers/tty/tty_audit.c | 53 ++++++++++++++++++++-----------------------------
include/linux/audit.h | 4 ++++
include/linux/sched.h | 1 -
kernel/audit.c | 25 +++++++++++------------
4 files changed, 38 insertions(+), 45 deletions(-)
diff --git a/drivers/tty/tty_audit.c b/drivers/tty/tty_audit.c
index 50380d8..3d90f88 100644
--- a/drivers/tty/tty_audit.c
+++ b/drivers/tty/tty_audit.c
@@ -131,7 +131,6 @@ void tty_audit_exit(void)
void tty_audit_fork(struct signal_struct *sig)
{
sig->audit_tty = current->signal->audit_tty;
- sig->audit_tty_log_passwd = current->signal->audit_tty_log_passwd;
}
/**
@@ -141,11 +140,9 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
{
struct tty_audit_buf *buf;
dev_t dev;
- int should_audit;
unsigned long flags;
spin_lock_irqsave(¤t->sighand->siglock, flags);
- should_audit = current->signal->audit_tty;
buf = current->signal->tty_audit_buf;
if (buf)
atomic_inc(&buf->count);
@@ -160,7 +157,7 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
tty_audit_buf_put(buf);
}
- if (should_audit && audit_enabled) {
+ if (audit_enabled && (current->signal->audit_tty & AUDIT_TTY_ENABLE)) {
kuid_t auid;
unsigned int sessionid;
@@ -177,29 +174,25 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
*/
int tty_audit_push(void)
{
- struct tty_audit_buf *buf = ERR_PTR(-EPERM);
+ struct tty_audit_buf *buf;
unsigned long flags;
+ if (~current->signal->audit_tty & AUDIT_TTY_ENABLE)
+ return -EPERM;
+
spin_lock_irqsave(¤t->sighand->siglock, flags);
- if (current->signal->audit_tty) {
- buf = current->signal->tty_audit_buf;
- if (buf)
- atomic_inc(&buf->count);
- }
+ buf = current->signal->tty_audit_buf;
+ if (buf)
+ atomic_inc(&buf->count);
spin_unlock_irqrestore(¤t->sighand->siglock, flags);
- /*
- * Return 0 when signal->audit_tty set
- * but current->signal->tty_audit_buf == NULL.
- */
- if (!buf || IS_ERR(buf))
- return PTR_ERR(buf);
-
- mutex_lock(&buf->mutex);
- tty_audit_buf_push(buf);
- mutex_unlock(&buf->mutex);
+ if (buf) {
+ mutex_lock(&buf->mutex);
+ tty_audit_buf_push(buf);
+ mutex_unlock(&buf->mutex);
- tty_audit_buf_put(buf);
+ tty_audit_buf_put(buf);
+ }
return 0;
}
@@ -218,8 +211,6 @@ static struct tty_audit_buf *tty_audit_buf_get(void)
buf = NULL;
buf2 = NULL;
spin_lock_irqsave(¤t->sighand->siglock, flags);
- if (likely(!current->signal->audit_tty))
- goto out;
buf = current->signal->tty_audit_buf;
if (buf) {
atomic_inc(&buf->count);
@@ -233,9 +224,10 @@ static struct tty_audit_buf *tty_audit_buf_get(void)
return NULL;
}
- spin_lock_irqsave(¤t->sighand->siglock, flags);
- if (!current->signal->audit_tty)
+ if (~current->signal->audit_tty & AUDIT_TTY_ENABLE)
goto out;
+
+ spin_lock_irqsave(¤t->sighand->siglock, flags);
buf = current->signal->tty_audit_buf;
if (!buf) {
current->signal->tty_audit_buf = buf2;
@@ -259,9 +251,8 @@ static struct tty_audit_buf *tty_audit_buf_get(void)
void tty_audit_add_data(struct tty_struct *tty, const void *data, size_t size)
{
struct tty_audit_buf *buf;
- int audit_log_tty_passwd;
- unsigned long flags;
unsigned int icanon = !!L_ICANON(tty);
+ unsigned int audit_tty;
dev_t dev;
if (unlikely(size == 0))
@@ -271,10 +262,10 @@ void tty_audit_add_data(struct tty_struct *tty, const void *data, size_t size)
&& tty->driver->subtype == PTY_TYPE_MASTER)
return;
- spin_lock_irqsave(¤t->sighand->siglock, flags);
- audit_log_tty_passwd = current->signal->audit_tty_log_passwd;
- spin_unlock_irqrestore(¤t->sighand->siglock, flags);
- if (!audit_log_tty_passwd && icanon && !L_ECHO(tty))
+ audit_tty = READ_ONCE(current->signal->audit_tty);
+ if (~audit_tty & AUDIT_TTY_ENABLE)
+ return;
+ if ((~audit_tty & AUDIT_TTY_LOG_PASSWD) && icanon && !L_ECHO(tty))
return;
buf = tty_audit_buf_get();
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 20eba1e..9ed7254 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -109,6 +109,10 @@ extern int audit_classify_compat_syscall(int abi, unsigned syscall);
/* maximized args number that audit_socketcall can process */
#define AUDITSC_ARGS 6
+/* bit values for ->signal->audit_tty */
+#define AUDIT_TTY_ENABLE BIT(0)
+#define AUDIT_TTY_LOG_PASSWD BIT(1)
+
struct filename;
extern void audit_log_session_info(struct audit_buffer *ab);
diff --git a/include/linux/sched.h b/include/linux/sched.h
index edad7a4..400a738 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -771,7 +771,6 @@ struct signal_struct {
#endif
#ifdef CONFIG_AUDIT
unsigned audit_tty;
- unsigned audit_tty_log_passwd;
struct tty_audit_buf *tty_audit_buf;
#endif
diff --git a/kernel/audit.c b/kernel/audit.c
index 270dfb9..dfaa8e7 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1031,20 +1031,19 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
break;
case AUDIT_TTY_GET: {
struct audit_tty_status s;
- struct task_struct *tsk = current;
+ unsigned int t;
- spin_lock(&tsk->sighand->siglock);
- s.enabled = tsk->signal->audit_tty;
- s.log_passwd = tsk->signal->audit_tty_log_passwd;
- spin_unlock(&tsk->sighand->siglock);
+ t = READ_ONCE(current->signal->audit_tty);
+ s.enabled = t & AUDIT_TTY_ENABLE;
+ s.log_passwd = !!(t & AUDIT_TTY_LOG_PASSWD);
audit_send_reply(skb, seq, AUDIT_TTY_GET, 0, 0, &s, sizeof(s));
break;
}
case AUDIT_TTY_SET: {
struct audit_tty_status s, old;
- struct task_struct *tsk = current;
struct audit_buffer *ab;
+ unsigned int t;
memset(&s, 0, sizeof(s));
/* guard against past and future API changes */
@@ -1054,14 +1053,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
(s.log_passwd != 0 && s.log_passwd != 1))
err = -EINVAL;
- spin_lock(&tsk->sighand->siglock);
- old.enabled = tsk->signal->audit_tty;
- old.log_passwd = tsk->signal->audit_tty_log_passwd;
- if (!err) {
- tsk->signal->audit_tty = s.enabled;
- tsk->signal->audit_tty_log_passwd = s.log_passwd;
+ if (err)
+ t = READ_ONCE(current->signal->audit_tty);
+ else {
+ t = s.enabled | (-s.log_passwd & AUDIT_TTY_LOG_PASSWD);
+ t = xchg(¤t->signal->audit_tty, t);
}
- spin_unlock(&tsk->sighand->siglock);
+ old.enabled = t & AUDIT_TTY_ENABLE;
+ old.log_passwd = !!(t & AUDIT_TTY_LOG_PASSWD);
audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
audit_log_format(ab, " op=tty_set old-enabled=%d new-enabled=%d"
--
2.7.0
next prev parent reply other threads:[~2016-01-10 4:59 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-11 2:05 [PATCH 00/15] Rework tty audit Peter Hurley
2015-11-11 2:05 ` [PATCH 01/15] tty: audit: Early-out pty master reads earlier Peter Hurley
2015-11-11 2:05 ` [PATCH 02/15] tty: audit: Never audit packet mode Peter Hurley
2015-11-11 2:05 ` [PATCH 03/15] tty: audit: Remove icanon mode from call chain Peter Hurley
2015-11-12 19:10 ` Richard Guy Briggs
2015-11-12 19:58 ` Peter Hurley
2015-11-13 2:15 ` Richard Guy Briggs
2015-11-13 2:27 ` Peter Hurley
2015-11-13 3:28 ` Richard Guy Briggs
2015-11-16 13:25 ` Peter Hurley
2015-11-11 2:05 ` [PATCH 04/15] tty: audit: Defer audit buffer association Peter Hurley
2015-11-11 2:05 ` [PATCH 05/15] tty: audit: Take siglock directly Peter Hurley
2015-11-11 2:05 ` [PATCH 06/15] tty: audit: Ignore current association for audit push Peter Hurley
2015-11-11 2:05 ` [PATCH 07/15] tty: audit: Combine push functions Peter Hurley
2015-11-11 2:05 ` [PATCH 08/15] tty: audit: Track tty association with dev_t Peter Hurley
2015-11-11 2:05 ` [PATCH 09/15] tty: audit: Handle tty audit enable atomically Peter Hurley
2015-11-11 2:05 ` [PATCH 10/15] tty: audit: Remove false memory optimization Peter Hurley
2015-11-11 2:05 ` [PATCH 11/15] tty: audit: Remove tty_audit_buf reference counting Peter Hurley
2015-11-11 2:05 ` [PATCH 12/15] tty: audit: Simplify first-use allocation Peter Hurley
2015-11-11 2:05 ` [PATCH 13/15] tty: audit: Check audit enable first Peter Hurley
2015-11-11 2:05 ` [PATCH 14/15] tty: audit: Always push audit buffer before TIOCSTI Peter Hurley
2015-11-11 2:06 ` [PATCH 15/15] tty: audit: Poison tty_audit_buf while process exits Peter Hurley
2015-11-13 2:31 ` [PATCH 00/15] Rework tty audit Peter Hurley
2015-12-21 0:39 ` Paul Moore
2016-01-10 4:58 ` [RESEND][PATCH " Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 01/15] tty: audit: Early-out pty master reads earlier Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 02/15] tty: audit: Never audit packet mode Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 03/15] tty: audit: Remove icanon mode from call chain Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 04/15] tty: audit: Defer audit buffer association Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 05/15] tty: audit: Take siglock directly Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 06/15] tty: audit: Ignore current association for audit push Peter Hurley
2016-01-10 5:36 ` kbuild test robot
2016-01-10 5:36 ` kbuild test robot
2016-01-10 7:00 ` Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 07/15] tty: audit: Combine push functions Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 08/15] tty: audit: Track tty association with dev_t Peter Hurley
2016-01-10 4:59 ` Peter Hurley [this message]
2016-01-10 4:59 ` [RESEND][PATCH 10/15] tty: audit: Remove false memory optimization Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 11/15] tty: audit: Remove tty_audit_buf reference counting Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 12/15] tty: audit: Simplify first-use allocation Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 13/15] tty: audit: Check audit enable first Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 14/15] tty: audit: Always push audit buffer before TIOCSTI Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 15/15] tty: audit: Poison tty_audit_buf while process exits Peter Hurley
2016-01-10 6:55 ` [PATCH v2 00/15] Rework tty audit Peter Hurley
2016-01-10 6:55 ` [PATCH v2 01/15] tty: audit: Early-out pty master reads earlier Peter Hurley
2016-01-10 6:55 ` [PATCH v2 02/15] tty: audit: Never audit packet mode Peter Hurley
2016-01-10 6:55 ` [PATCH v2 03/15] tty: audit: Remove icanon mode from call chain Peter Hurley
2016-01-10 6:55 ` [PATCH v2 04/15] tty: audit: Defer audit buffer association Peter Hurley
2016-01-10 6:55 ` [PATCH v2 05/15] tty: audit: Take siglock directly Peter Hurley
2016-01-10 6:55 ` [PATCH v2 06/15] tty: audit: Ignore current association for audit push Peter Hurley
2016-01-10 6:55 ` [PATCH v2 07/15] tty: audit: Combine push functions Peter Hurley
2016-01-10 6:55 ` [PATCH v2 08/15] tty: audit: Track tty association with dev_t Peter Hurley
2016-01-10 6:55 ` [PATCH v2 09/15] tty: audit: Handle tty audit enable atomically Peter Hurley
2016-01-10 6:55 ` [PATCH v2 10/15] tty: audit: Remove false memory optimization Peter Hurley
2016-01-10 6:55 ` [PATCH v2 11/15] tty: audit: Remove tty_audit_buf reference counting Peter Hurley
2016-01-10 6:55 ` [PATCH v2 12/15] tty: audit: Simplify first-use allocation Peter Hurley
2016-01-10 6:55 ` [PATCH v2 13/15] tty: audit: Check audit enable first Peter Hurley
2016-01-10 6:55 ` [PATCH v2 14/15] tty: audit: Always push audit buffer before TIOCSTI Peter Hurley
2016-01-10 6:55 ` [PATCH v2 15/15] tty: audit: Poison tty_audit_buf while process exits Peter Hurley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1452401948-30790-10-git-send-email-peter@hurleysoftware.com \
--to=peter@hurleysoftware.com \
--cc=gregkh@linuxfoundation.org \
--cc=jslaby@suse.cz \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.