From: Peter Hurley <peter@hurleysoftware.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jiri Slaby <jslaby@suse.cz>,
linux-audit@redhat.com, linux-kernel@vger.kernel.org,
Peter Hurley <peter@hurleysoftware.com>
Subject: [RESEND][PATCH 09/15] tty: audit: Handle tty audit enable atomically
Date: Sat, 9 Jan 2016 20:59:02 -0800 [thread overview]
Message-ID: <1452401948-30790-10-git-send-email-peter@hurleysoftware.com> (raw)
In-Reply-To: <1452401948-30790-1-git-send-email-peter@hurleysoftware.com>
The audit_tty and audit_tty_log_passwd fields are actually bool
values, so merge into single memory location to access atomically.
NB: audit log operations may still occur after tty audit is disabled
which is consistent with the existing functionality
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
---
drivers/tty/tty_audit.c | 53 ++++++++++++++++++++-----------------------------
include/linux/audit.h | 4 ++++
include/linux/sched.h | 1 -
kernel/audit.c | 25 +++++++++++------------
4 files changed, 38 insertions(+), 45 deletions(-)
diff --git a/drivers/tty/tty_audit.c b/drivers/tty/tty_audit.c
index 50380d8..3d90f88 100644
--- a/drivers/tty/tty_audit.c
+++ b/drivers/tty/tty_audit.c
@@ -131,7 +131,6 @@ void tty_audit_exit(void)
void tty_audit_fork(struct signal_struct *sig)
{
sig->audit_tty = current->signal->audit_tty;
- sig->audit_tty_log_passwd = current->signal->audit_tty_log_passwd;
}
/**
@@ -141,11 +140,9 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
{
struct tty_audit_buf *buf;
dev_t dev;
- int should_audit;
unsigned long flags;
spin_lock_irqsave(¤t->sighand->siglock, flags);
- should_audit = current->signal->audit_tty;
buf = current->signal->tty_audit_buf;
if (buf)
atomic_inc(&buf->count);
@@ -160,7 +157,7 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
tty_audit_buf_put(buf);
}
- if (should_audit && audit_enabled) {
+ if (audit_enabled && (current->signal->audit_tty & AUDIT_TTY_ENABLE)) {
kuid_t auid;
unsigned int sessionid;
@@ -177,29 +174,25 @@ void tty_audit_tiocsti(struct tty_struct *tty, char ch)
*/
int tty_audit_push(void)
{
- struct tty_audit_buf *buf = ERR_PTR(-EPERM);
+ struct tty_audit_buf *buf;
unsigned long flags;
+ if (~current->signal->audit_tty & AUDIT_TTY_ENABLE)
+ return -EPERM;
+
spin_lock_irqsave(¤t->sighand->siglock, flags);
- if (current->signal->audit_tty) {
- buf = current->signal->tty_audit_buf;
- if (buf)
- atomic_inc(&buf->count);
- }
+ buf = current->signal->tty_audit_buf;
+ if (buf)
+ atomic_inc(&buf->count);
spin_unlock_irqrestore(¤t->sighand->siglock, flags);
- /*
- * Return 0 when signal->audit_tty set
- * but current->signal->tty_audit_buf == NULL.
- */
- if (!buf || IS_ERR(buf))
- return PTR_ERR(buf);
-
- mutex_lock(&buf->mutex);
- tty_audit_buf_push(buf);
- mutex_unlock(&buf->mutex);
+ if (buf) {
+ mutex_lock(&buf->mutex);
+ tty_audit_buf_push(buf);
+ mutex_unlock(&buf->mutex);
- tty_audit_buf_put(buf);
+ tty_audit_buf_put(buf);
+ }
return 0;
}
@@ -218,8 +211,6 @@ static struct tty_audit_buf *tty_audit_buf_get(void)
buf = NULL;
buf2 = NULL;
spin_lock_irqsave(¤t->sighand->siglock, flags);
- if (likely(!current->signal->audit_tty))
- goto out;
buf = current->signal->tty_audit_buf;
if (buf) {
atomic_inc(&buf->count);
@@ -233,9 +224,10 @@ static struct tty_audit_buf *tty_audit_buf_get(void)
return NULL;
}
- spin_lock_irqsave(¤t->sighand->siglock, flags);
- if (!current->signal->audit_tty)
+ if (~current->signal->audit_tty & AUDIT_TTY_ENABLE)
goto out;
+
+ spin_lock_irqsave(¤t->sighand->siglock, flags);
buf = current->signal->tty_audit_buf;
if (!buf) {
current->signal->tty_audit_buf = buf2;
@@ -259,9 +251,8 @@ static struct tty_audit_buf *tty_audit_buf_get(void)
void tty_audit_add_data(struct tty_struct *tty, const void *data, size_t size)
{
struct tty_audit_buf *buf;
- int audit_log_tty_passwd;
- unsigned long flags;
unsigned int icanon = !!L_ICANON(tty);
+ unsigned int audit_tty;
dev_t dev;
if (unlikely(size == 0))
@@ -271,10 +262,10 @@ void tty_audit_add_data(struct tty_struct *tty, const void *data, size_t size)
&& tty->driver->subtype == PTY_TYPE_MASTER)
return;
- spin_lock_irqsave(¤t->sighand->siglock, flags);
- audit_log_tty_passwd = current->signal->audit_tty_log_passwd;
- spin_unlock_irqrestore(¤t->sighand->siglock, flags);
- if (!audit_log_tty_passwd && icanon && !L_ECHO(tty))
+ audit_tty = READ_ONCE(current->signal->audit_tty);
+ if (~audit_tty & AUDIT_TTY_ENABLE)
+ return;
+ if ((~audit_tty & AUDIT_TTY_LOG_PASSWD) && icanon && !L_ECHO(tty))
return;
buf = tty_audit_buf_get();
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 20eba1e..9ed7254 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -109,6 +109,10 @@ extern int audit_classify_compat_syscall(int abi, unsigned syscall);
/* maximized args number that audit_socketcall can process */
#define AUDITSC_ARGS 6
+/* bit values for ->signal->audit_tty */
+#define AUDIT_TTY_ENABLE BIT(0)
+#define AUDIT_TTY_LOG_PASSWD BIT(1)
+
struct filename;
extern void audit_log_session_info(struct audit_buffer *ab);
diff --git a/include/linux/sched.h b/include/linux/sched.h
index edad7a4..400a738 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -771,7 +771,6 @@ struct signal_struct {
#endif
#ifdef CONFIG_AUDIT
unsigned audit_tty;
- unsigned audit_tty_log_passwd;
struct tty_audit_buf *tty_audit_buf;
#endif
diff --git a/kernel/audit.c b/kernel/audit.c
index 270dfb9..dfaa8e7 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1031,20 +1031,19 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
break;
case AUDIT_TTY_GET: {
struct audit_tty_status s;
- struct task_struct *tsk = current;
+ unsigned int t;
- spin_lock(&tsk->sighand->siglock);
- s.enabled = tsk->signal->audit_tty;
- s.log_passwd = tsk->signal->audit_tty_log_passwd;
- spin_unlock(&tsk->sighand->siglock);
+ t = READ_ONCE(current->signal->audit_tty);
+ s.enabled = t & AUDIT_TTY_ENABLE;
+ s.log_passwd = !!(t & AUDIT_TTY_LOG_PASSWD);
audit_send_reply(skb, seq, AUDIT_TTY_GET, 0, 0, &s, sizeof(s));
break;
}
case AUDIT_TTY_SET: {
struct audit_tty_status s, old;
- struct task_struct *tsk = current;
struct audit_buffer *ab;
+ unsigned int t;
memset(&s, 0, sizeof(s));
/* guard against past and future API changes */
@@ -1054,14 +1053,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
(s.log_passwd != 0 && s.log_passwd != 1))
err = -EINVAL;
- spin_lock(&tsk->sighand->siglock);
- old.enabled = tsk->signal->audit_tty;
- old.log_passwd = tsk->signal->audit_tty_log_passwd;
- if (!err) {
- tsk->signal->audit_tty = s.enabled;
- tsk->signal->audit_tty_log_passwd = s.log_passwd;
+ if (err)
+ t = READ_ONCE(current->signal->audit_tty);
+ else {
+ t = s.enabled | (-s.log_passwd & AUDIT_TTY_LOG_PASSWD);
+ t = xchg(¤t->signal->audit_tty, t);
}
- spin_unlock(&tsk->sighand->siglock);
+ old.enabled = t & AUDIT_TTY_ENABLE;
+ old.log_passwd = !!(t & AUDIT_TTY_LOG_PASSWD);
audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE);
audit_log_format(ab, " op=tty_set old-enabled=%d new-enabled=%d"
--
2.7.0
next prev parent reply other threads:[~2016-01-10 4:59 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-11 2:05 [PATCH 00/15] Rework tty audit Peter Hurley
2015-11-11 2:05 ` [PATCH 01/15] tty: audit: Early-out pty master reads earlier Peter Hurley
2015-11-11 2:05 ` [PATCH 02/15] tty: audit: Never audit packet mode Peter Hurley
2015-11-11 2:05 ` [PATCH 03/15] tty: audit: Remove icanon mode from call chain Peter Hurley
2015-11-12 19:10 ` Richard Guy Briggs
2015-11-12 19:58 ` Peter Hurley
2015-11-13 2:15 ` Richard Guy Briggs
2015-11-13 2:27 ` Peter Hurley
2015-11-13 3:28 ` Richard Guy Briggs
2015-11-16 13:25 ` Peter Hurley
2015-11-11 2:05 ` [PATCH 04/15] tty: audit: Defer audit buffer association Peter Hurley
2015-11-11 2:05 ` [PATCH 05/15] tty: audit: Take siglock directly Peter Hurley
2015-11-11 2:05 ` [PATCH 06/15] tty: audit: Ignore current association for audit push Peter Hurley
2015-11-11 2:05 ` [PATCH 07/15] tty: audit: Combine push functions Peter Hurley
2015-11-11 2:05 ` [PATCH 08/15] tty: audit: Track tty association with dev_t Peter Hurley
2015-11-11 2:05 ` [PATCH 09/15] tty: audit: Handle tty audit enable atomically Peter Hurley
2015-11-11 2:05 ` [PATCH 10/15] tty: audit: Remove false memory optimization Peter Hurley
2015-11-11 2:05 ` [PATCH 11/15] tty: audit: Remove tty_audit_buf reference counting Peter Hurley
2015-11-11 2:05 ` [PATCH 12/15] tty: audit: Simplify first-use allocation Peter Hurley
2015-11-11 2:05 ` [PATCH 13/15] tty: audit: Check audit enable first Peter Hurley
2015-11-11 2:05 ` [PATCH 14/15] tty: audit: Always push audit buffer before TIOCSTI Peter Hurley
2015-11-11 2:06 ` [PATCH 15/15] tty: audit: Poison tty_audit_buf while process exits Peter Hurley
2015-11-13 2:31 ` [PATCH 00/15] Rework tty audit Peter Hurley
2015-12-21 0:39 ` Paul Moore
2016-01-10 4:58 ` [RESEND][PATCH " Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 01/15] tty: audit: Early-out pty master reads earlier Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 02/15] tty: audit: Never audit packet mode Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 03/15] tty: audit: Remove icanon mode from call chain Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 04/15] tty: audit: Defer audit buffer association Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 05/15] tty: audit: Take siglock directly Peter Hurley
2016-01-10 4:58 ` [RESEND][PATCH 06/15] tty: audit: Ignore current association for audit push Peter Hurley
2016-01-10 5:36 ` kbuild test robot
2016-01-10 7:00 ` Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 07/15] tty: audit: Combine push functions Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 08/15] tty: audit: Track tty association with dev_t Peter Hurley
2016-01-10 4:59 ` Peter Hurley [this message]
2016-01-10 4:59 ` [RESEND][PATCH 10/15] tty: audit: Remove false memory optimization Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 11/15] tty: audit: Remove tty_audit_buf reference counting Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 12/15] tty: audit: Simplify first-use allocation Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 13/15] tty: audit: Check audit enable first Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 14/15] tty: audit: Always push audit buffer before TIOCSTI Peter Hurley
2016-01-10 4:59 ` [RESEND][PATCH 15/15] tty: audit: Poison tty_audit_buf while process exits Peter Hurley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1452401948-30790-10-git-send-email-peter@hurleysoftware.com \
--to=peter@hurleysoftware.com \
--cc=gregkh@linuxfoundation.org \
--cc=jslaby@suse.cz \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).