Linux-audit Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Amy Griffis <amy.griffis@hp.com>
To: linux-audit@redhat.com
Subject: Re: [PATCH] Audit of POSIX Message Queue Syscalls v.2
Date: Wed, 24 May 2006 17:32:21 -0400	[thread overview]
Message-ID: <20060524213221.GA32209@zk3.dec.com> (raw)
In-Reply-To: <20060524210955.GA27747@us.ibm.com>

On Wed, May 24, 2006 at 04:09:55PM -0500, George C. Wilson wrote:
> @@ -1230,6 +1298,200 @@ uid_t audit_get_loginuid(struct audit_co
>  }
>  
>  /**
> + * audit_mq_open - record audit data for a POSIX MQ open
> + * @oflag: open flag
> + * @mode: mode bits
> + * @u_attr: queue attributes
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
> +{
> +	struct audit_aux_data_mq_open *ax;
> +	struct audit_context *context = current->audit_context;
> +
> +	if (!audit_enabled)
> +		return 0;

Should be checking !context->in_syscall instead of !audit_enabled,
please see
https://www.redhat.com/archives/linux-audit/2006-May/msg00083.html

Same applies to all the new audit_mq_* routines.

> +
> +	if (likely(!context))
> +		return 0;
> +
> +	ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> +	if (!ax)
> +		return -ENOMEM;
> +
> +	if (u_attr != NULL) {
> +		if (copy_from_user(&ax->attr, u_attr, sizeof(ax->attr)))
> +			return -EFAULT;
> +	} else
> +		memset(&ax->attr, 0, sizeof(ax->attr));
> +
> +	ax->oflag = oflag;
> +	ax->mode = mode;
> +
> +	ax->d.type = AUDIT_MQ_OPEN;
> +	ax->d.next = context->aux;
> +	context->aux = (void *)ax;
> +	return 0;
> +}
> +
> +/**
> + * audit_mq_timedsend - record audit data for a POSIX MQ timed send
> + * @mqdes: MQ descriptor
> + * @msg_len: Message length
> + * @msg_prio: Message priority
> + * @abs_timeout: Message timeout in absolute time
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
> +			const struct timespec __user *u_abs_timeout)
> +{
> +	struct audit_aux_data_mq_sendrecv *ax;
> +	struct audit_context *context = current->audit_context;
> +
> +	if (!audit_enabled)
> +		return 0;
> +
> +	if (likely(!context))
> +		return 0;
> +
> +	ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> +	if (!ax)
> +		return -ENOMEM;
> +
> +	if (u_abs_timeout != NULL) {
> +		if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout)))
> +			return -EFAULT;
> +	} else
> +		memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
> +
> +	ax->mqdes = mqdes;
> +	ax->msg_len = msg_len;
> +	ax->msg_prio = msg_prio;
> +
> +	ax->d.type = AUDIT_MQ_SENDRECV;
> +	ax->d.next = context->aux;
> +	context->aux = (void *)ax;
> +	return 0;
> +}
> +
> +/**
> + * audit_mq_timedreceive - record audit data for a POSIX MQ timed receive
> + * @mqdes: MQ descriptor
> + * @msg_len: Message length
> + * @msg_prio: Message priority
> + * @abs_timeout: Message timeout in absolute time
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_timedreceive(mqd_t mqdes, size_t msg_len,
> +				unsigned int __user *u_msg_prio,
> +				const struct timespec __user *u_abs_timeout)
> +{
> +	struct audit_aux_data_mq_sendrecv *ax;
> +	struct audit_context *context = current->audit_context;
> +
> +	if (!audit_enabled)
> +		return 0;
> +
> +	if (likely(!context))
> +		return 0;
> +
> +	ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> +	if (!ax)
> +		return -ENOMEM;
> +
> +	if (u_msg_prio != NULL) {
> +		if (get_user(ax->msg_prio, u_msg_prio))
> +			return -EFAULT;
> +	} else
> +		ax->msg_prio = 0;
> +
> +	if (u_abs_timeout != NULL) {
> +		if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout)))
> +			return -EFAULT;
> +	} else
> +		memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
> +
> +	ax->mqdes = mqdes;
> +	ax->msg_len = msg_len;
> +
> +	ax->d.type = AUDIT_MQ_SENDRECV;
> +	ax->d.next = context->aux;
> +	context->aux = (void *)ax;
> +	return 0;
> +}
> +
> +/**
> + * audit_mq_notify - record audit data for a POSIX MQ notify
> + * @mqdes: MQ descriptor
> + * @u_notification: Notification event
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +
> +int audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
> +{
> +	struct audit_aux_data_mq_notify *ax;
> +	struct audit_context *context = current->audit_context;
> +
> +	if (!audit_enabled)
> +		return 0;
> +
> +	if (likely(!context))
> +		return 0;
> +
> +	ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> +	if (!ax)
> +		return -ENOMEM;
> +
> +	if (u_notification != NULL) {
> +		if (copy_from_user(&ax->notification, u_notification, sizeof(ax->notification)))
> +			return -EFAULT;
> +	} else
> +		memset(&ax->notification, 0, sizeof(ax->notification));
> +
> +	ax->mqdes = mqdes;
> +
> +	ax->d.type = AUDIT_MQ_NOTIFY;
> +	ax->d.next = context->aux;
> +	context->aux = (void *)ax;
> +	return 0;
> +}
> +
> +/**
> + * audit_mq_getsetattr - record audit data for a POSIX MQ get/set attribute
> + * @mqdes: MQ descriptor
> + * @mqstat: MQ flags
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
> +{
> +	struct audit_aux_data_mq_getsetattr *ax;
> +	struct audit_context *context = current->audit_context;
> +
> +	if (!audit_enabled)
> +		return 0;
> +
> +	if (likely(!context))
> +		return 0;
> +
> +	ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> +	if (!ax)
> +		return -ENOMEM;
> +
> +	ax->mqdes = mqdes;
> +	ax->mqstat = *mqstat;
> +
> +	ax->d.type = AUDIT_MQ_GETSETATTR;
> +	ax->d.next = context->aux;
> +	context->aux = (void *)ax;
> +	return 0;
> +}
> +
> +/**
>   * audit_ipc_obj - record audit data for ipc object
>   * @ipcp: ipc permissions
>   *
> -- 
> George Wilson <ltcgcw@us.ibm.com>
> IBM Linux Technology Center
> 
> --
> Linux-audit mailing list
> Linux-audit@redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
> 

  parent reply	other threads:[~2006-05-24 21:32 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-05-17  1:40 [PATCH] Audit of POSIX Message Queue Syscalls George C. Wilson
2006-05-17 13:34 ` Steve Grubb
2006-05-17 16:39   ` Amy Griffis
2006-05-17 18:11     ` Steve Grubb
2006-05-17 22:38   ` George C. Wilson
2006-05-17 14:34 ` Timothy R. Chavez
2006-05-17 18:27   ` Steve Grubb
2006-05-24 21:09 ` [PATCH] Audit of POSIX Message Queue Syscalls v.2 George C. Wilson
2006-05-24 21:23   ` Linda Knippers
2006-05-24 21:32   ` Amy Griffis [this message]
2006-05-24 21:53   ` Steve Grubb
2006-05-25  1:33     ` George C. Wilson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060524213221.GA32209@zk3.dec.com \
    --to=amy.griffis@hp.com \
    --cc=linux-audit@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox