[PATCH] smack: Add missing logging in bidirectional UDS connect check

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] smack: Add missing logging in bidirectional UDS connect check
@ 2015-01-08 17:52 Rafal Krypa
  2015-01-09 17:24 ` Casey Schaufler
  0 siblings, 1 reply; 2+ messages in thread
From: Rafal Krypa @ 2015-01-08 17:52 UTC (permalink / raw)
  To: Casey Schaufler
  Cc: James Morris, Serge E. Hallyn, linux-security-module,
	linux-kernel, Rafal Krypa

During UDS connection check, both sides are checked for write access to
the other side. But only the first check is performed with audit support.
The second one didn't produce any audit logs. This simple patch fixes that.

Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
---
 security/smack/smack_lsm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 8716ade..a688f7b 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -3333,7 +3333,7 @@ static int smack_unix_stream_connect(struct sock *sock,
 		if (rc == 0) {
 			okp = osp->smk_out;
 			skp = ssp->smk_in;
-			rc = smk_access(okp, skp, MAY_WRITE, NULL);
+			rc = smk_access(okp, skp, MAY_WRITE, &ad);
 			rc = smk_bu_note("UDS connect", okp, skp,
 						MAY_WRITE, rc);
 		}
-- 
2.1.4


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] smack: Add missing logging in bidirectional UDS connect check
  2015-01-08 17:52 [PATCH] smack: Add missing logging in bidirectional UDS connect check Rafal Krypa
@ 2015-01-09 17:24 ` Casey Schaufler
  0 siblings, 0 replies; 2+ messages in thread
From: Casey Schaufler @ 2015-01-09 17:24 UTC (permalink / raw)
  To: Rafal Krypa
  Cc: James Morris, Serge E. Hallyn, linux-security-module,
	linux-kernel, Casey Schaufler

On 1/8/2015 9:52 AM, Rafal Krypa wrote:
> During UDS connection check, both sides are checked for write access to
> the other side. But only the first check is performed with audit support.
> The second one didn't produce any audit logs. This simple patch fixes that.
>
> Signed-off-by: Rafal Krypa <r.krypa@samsung.com>

Applied to git://git.gitorious.org/smack-next/kernel.git#smack-for-3.20

> ---
>  security/smack/smack_lsm.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 8716ade..a688f7b 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3333,7 +3333,7 @@ static int smack_unix_stream_connect(struct sock *sock,
>  		if (rc == 0) {
>  			okp = osp->smk_out;
>  			skp = ssp->smk_in;
> -			rc = smk_access(okp, skp, MAY_WRITE, NULL);
> +			rc = smk_access(okp, skp, MAY_WRITE, &ad);
>  			rc = smk_bu_note("UDS connect", okp, skp,
>  						MAY_WRITE, rc);
>  		}


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2015-01-09 17:25 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-01-08 17:52 [PATCH] smack: Add missing logging in bidirectional UDS connect check Rafal Krypa
2015-01-09 17:24 ` Casey Schaufler

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.