[PATCH] One more XFRM audit fix

[PATCH] One more XFRM audit fix

[Paul Moore]

The following patch is backed against David's net-2.6 tree and is pretty
trivial.  I know we're late in the 2.6.24 cycle but I think this is worth
merging, if you guys don't feel that way let me know and I'll resubmit it
for 2.6.25.

As a side note, I'm unable to actually test the patch because I can't get
the kernel to compile (M=net/xfrm works just fine).  The problem I keep
seeing is below:

make[3]: *** No rule to make target \
 `/blah/kernels/net-2.6_xfrm-auid-secid-fix/include/linux/ticable.h', \
  needed by \
 `/blah/kernels/net-2.6_xfrm-auid-secid-fix/usr/include/linux/ticable.h'. \
  Stop.

-- 
paul moore
linux security @ hp

[PATCH] XFRM: Audit function arguments misordered

[Paul Moore]

In several places the arguments to the xfrm_audit_start() function are in the
wrong order resulting in incorrect user information being reported.  This
patch corrects this by pacing the arguments in the correct order.

Signed-off-by: Paul Moore <paul.moore@hp.com>
---

 net/xfrm/xfrm_policy.c |    4 ++--
 net/xfrm/xfrm_state.c  |    4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index b91b166..26b846e 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2162,7 +2162,7 @@ xfrm_audit_policy_add(struct xfrm_policy *xp, int result, u32 auid, u32 sid)
 
 	if (audit_enabled == 0)
 		return;
-	audit_buf = xfrm_audit_start(sid, auid);
+	audit_buf = xfrm_audit_start(auid, sid);
 	if (audit_buf == NULL)
 		return;
 	audit_log_format(audit_buf, " op=SPD-add res=%u", result);
@@ -2179,7 +2179,7 @@ xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, u32 auid, u32 sid)
 
 	if (audit_enabled == 0)
 		return;
-	audit_buf = xfrm_audit_start(sid, auid);
+	audit_buf = xfrm_audit_start(auid, sid);
 	if (audit_buf == NULL)
 		return;
 	audit_log_format(audit_buf, " op=SPD-delete res=%u", result);
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 1af522b..ee1e697 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -2033,7 +2033,7 @@ xfrm_audit_state_add(struct xfrm_state *x, int result, u32 auid, u32 sid)
 
 	if (audit_enabled == 0)
 		return;
-	audit_buf = xfrm_audit_start(sid, auid);
+	audit_buf = xfrm_audit_start(auid, sid);
 	if (audit_buf == NULL)
 		return;
 	audit_log_format(audit_buf, " op=SAD-add res=%u",result);
@@ -2053,7 +2053,7 @@ xfrm_audit_state_delete(struct xfrm_state *x, int result, u32 auid, u32 sid)
 
 	if (audit_enabled == 0)
 		return;
-	audit_buf = xfrm_audit_start(sid, auid);
+	audit_buf = xfrm_audit_start(auid, sid);
 	if (audit_buf == NULL)
 		return;
 	audit_log_format(audit_buf, " op=SAD-delete res=%u",result);

Re: [PATCH] One more XFRM audit fix

[David Miller]

From: Paul Moore <paul.moore@hp.com>
Date: Wed, 19 Dec 2007 14:29:31 -0500

> The following patch is backed against David's net-2.6 tree and is pretty
> trivial.  I know we're late in the 2.6.24 cycle but I think this is worth
> merging, if you guys don't feel that way let me know and I'll resubmit it
> for 2.6.25.

Where is that patch?  Or do you mean the fix you emailed
seperately today (which I will apply, thanks)?

> As a side note, I'm unable to actually test the patch because I can't get
> the kernel to compile (M=net/xfrm works just fine).  The problem I keep
> seeing is below:
> 
> make[3]: *** No rule to make target \
>  `/blah/kernels/net-2.6_xfrm-auid-secid-fix/include/linux/ticable.h', \
>   needed by \
>  `/blah/kernels/net-2.6_xfrm-auid-secid-fix/usr/include/linux/ticable.h'. \
>   Stop.

Remove ticable.h from include/linux/Kbuild

This is already cured in Linus's tree.

Re: [PATCH] XFRM: Audit function arguments misordered

[David Miller]

From: Paul Moore <paul.moore@hp.com>
Date: Wed, 19 Dec 2007 14:29:38 -0500

> In several places the arguments to the xfrm_audit_start() function are in the
> wrong order resulting in incorrect user information being reported.  This
> patch corrects this by pacing the arguments in the correct order.
> 
> Signed-off-by: Paul Moore <paul.moore@hp.com>

Applied, thanks for fixing this bug.

Re: [PATCH] One more XFRM audit fix

[Paul Moore]

On Thursday 20 December 2007 3:00:09 am David Miller wrote:
> From: Paul Moore <paul.moore@hp.com>
> Date: Wed, 19 Dec 2007 14:29:31 -0500
>
> > The following patch is backed against David's net-2.6 tree and is pretty
> > trivial.  I know we're late in the 2.6.24 cycle but I think this is worth
> > merging, if you guys don't feel that way let me know and I'll resubmit it
> > for 2.6.25.
>
> Where is that patch?  Or do you mean the fix you emailed
> seperately today (which I will apply, thanks)?

Yes, it was the patch you applied, "XFRM: Audit function arguments 
misordered".  I was using stacked-git to post the patch and it apparently 
doesn't annotate the cover email's subject line with "0/1" when you only send 
one patch.

Sorry about that.

> > As a side note, I'm unable to actually test the patch because I can't get
> > the kernel to compile (M=net/xfrm works just fine).  The problem I keep
> > seeing is below:
> >
> > make[3]: *** No rule to make target \
> >  `/blah/kernels/net-2.6_xfrm-auid-secid-fix/include/linux/ticable.h', \
> >   needed by \
> >  `/blah/kernels/net-2.6_xfrm-auid-secid-fix/usr/include/linux/ticable.h'.
> > \ Stop.
>
> Remove ticable.h from include/linux/Kbuild
>
> This is already cured in Linus's tree.

Noted, thanks.

-- 
paul moore
linux security @ hp