tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
userns: Convert the audit loginuid to be a kuid
Always store audit loginuids in type kuid_t.
Print loginuids by converting them into uids in the appropriate user
namespace, and then printing the resulting uid.
Modify audit_get_loginuid to return a kuid_t.
Modify audit_set_loginuid to take a kuid_t.
Modify /proc/<pid>/loginuid on read to convert the loginuid into the
user namespace of the opener of the file.
Modify /proc/<pid>/loginud on write to convert the loginuid
rom the user namespace of the opener of the file.
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Cc: Paul Moore <paul@paul-moore.com> ?
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
+80
-66
+8
-6
drivers/tty/tty_audit.c
+8
-6
drivers/tty/tty_audit.c
···
61
61
}
62
62
63
63
static void tty_audit_log(const char *description, struct task_struct *tsk,
64
-
uid_t loginuid, unsigned sessionid, int major,
64
+
kuid_t loginuid, unsigned sessionid, int major,
65
65
int minor, unsigned char *data, size_t size)
66
66
{
67
67
struct audit_buffer *ab;
···
73
73
74
74
audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u "
75
75
"major=%d minor=%d comm=", description,
76
-
tsk->pid, uid, loginuid, sessionid,
76
+
tsk->pid, uid,
77
+
from_kuid(&init_user_ns, loginuid),
78
+
sessionid,
77
79
major, minor);
78
80
get_task_comm(name, tsk);
79
81
audit_log_untrustedstring(ab, name);
···
91
89
* Generate an audit message from the contents of @buf, which is owned by
92
90
* @tsk with @loginuid. @buf->mutex must be locked.
93
91
*/
94
-
static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
92
+
static void tty_audit_buf_push(struct task_struct *tsk, kuid_t loginuid,
95
93
unsigned int sessionid,
96
94
struct tty_audit_buf *buf)
97
95
{
···
114
112
*/
115
113
static void tty_audit_buf_push_current(struct tty_audit_buf *buf)
116
114
{
117
-
uid_t auid = audit_get_loginuid(current);
115
+
kuid_t auid = audit_get_loginuid(current);
118
116
unsigned int sessionid = audit_get_sessionid(current);
119
117
tty_audit_buf_push(current, auid, sessionid, buf);
120
118
}
···
181
179
}
182
180
183
181
if (should_audit && audit_enabled) {
184
-
uid_t auid;
182
+
kuid_t auid;
185
183
unsigned int sessionid;
186
184
187
185
auid = audit_get_loginuid(current);
···
201
199
* reference to the tty audit buffer if available.
202
200
* Flush the buffer or return an appropriate error code.
203
201
*/
204
-
int tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
202
+
int tty_audit_push_task(struct task_struct *tsk, kuid_t loginuid, u32 sessionid)
205
203
{
206
204
struct tty_audit_buf *buf = ERR_PTR(-EPERM);
207
205
unsigned long flags;
+10
-2
fs/proc/base.c
+10
-2
fs/proc/base.c
···
1089
1089
if (!task)
1090
1090
return -ESRCH;
1091
1091
length = scnprintf(tmpbuf, TMPBUFLEN, "%u",
1092
-
audit_get_loginuid(task));
1092
+
from_kuid(file->f_cred->user_ns,
1093
+
audit_get_loginuid(task)));
1093
1094
put_task_struct(task);
1094
1095
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
1095
1096
}
···
1102
1101
char *page, *tmp;
1103
1102
ssize_t length;
1104
1103
uid_t loginuid;
1104
+
kuid_t kloginuid;
1105
1105
1106
1106
rcu_read_lock();
1107
1107
if (current != pid_task(proc_pid(inode), PIDTYPE_PID)) {
···
1132
1130
goto out_free_page;
1133
1131
1134
1132
}
1135
-
length = audit_set_loginuid(loginuid);
1133
+
kloginuid = make_kuid(file->f_cred->user_ns, loginuid);
1134
+
if (!uid_valid(kloginuid)) {
1135
+
length = -EINVAL;
1136
+
goto out_free_page;
1137
+
}
1138
+
1139
+
length = audit_set_loginuid(kloginuid);
1136
1140
if (likely(length == 0))
1137
1141
length = count;
1138
1142
+3
-3
include/linux/audit.h
+3
-3
include/linux/audit.h
···
527
527
extern unsigned int audit_serial(void);
528
528
extern int auditsc_get_stamp(struct audit_context *ctx,
529
529
struct timespec *t, unsigned int *serial);
530
-
extern int audit_set_loginuid(uid_t loginuid);
530
+
extern int audit_set_loginuid(kuid_t loginuid);
531
531
#define audit_get_loginuid(t) ((t)->loginuid)
532
532
#define audit_get_sessionid(t) ((t)->sessionid)
533
533
extern void audit_log_task_context(struct audit_buffer *ab);
···
639
639
#define audit_core_dumps(i) do { ; } while (0)
640
640
#define audit_seccomp(i,s,c) do { ; } while (0)
641
641
#define auditsc_get_stamp(c,t,s) (0)
642
-
#define audit_get_loginuid(t) (-1)
642
+
#define audit_get_loginuid(t) (INVALID_UID)
643
643
#define audit_get_sessionid(t) (-1)
644
644
#define audit_log_task_context(b) do { ; } while (0)
645
645
#define audit_ipc_obj(i) ((void)0)
···
705
705
extern int audit_filter_user(void);
706
706
extern int audit_filter_type(int type);
707
707
extern int audit_receive_filter(int type, int pid, int seq,
708
-
void *data, size_t datasz, uid_t loginuid,
708
+
void *data, size_t datasz, kuid_t loginuid,
709
709
u32 sessionid, u32 sid);
710
710
extern int audit_enabled;
711
711
#else
+1
-1
include/linux/init_task.h
+1
-1
include/linux/init_task.h
+1
-1
include/linux/sched.h
+1
-1
include/linux/sched.h
+2
-2
include/linux/tty.h
+2
-2
include/linux/tty.h
···
553
553
extern void tty_audit_tiocsti(struct tty_struct *tty, char ch);
554
554
extern void tty_audit_push(struct tty_struct *tty);
555
555
extern int tty_audit_push_task(struct task_struct *tsk,
556
-
uid_t loginuid, u32 sessionid);
556
+
kuid_t loginuid, u32 sessionid);
557
557
#else
558
558
static inline void tty_audit_add_data(struct tty_struct *tty,
559
559
unsigned char *data, size_t size)
···
572
572
{
573
573
}
574
574
static inline int tty_audit_push_task(struct task_struct *tsk,
575
-
uid_t loginuid, u32 sessionid)
575
+
kuid_t loginuid, u32 sessionid)
576
576
{
577
577
return 0;
578
578
}
+1
-1
include/net/netlabel.h
+1
-1
include/net/netlabel.h
+12
-11
include/net/xfrm.h
+12
-11
include/net/xfrm.h
···
662
662
/* Audit Information */
663
663
struct xfrm_audit {
664
664
u32 secid;
665
-
uid_t loginuid;
665
+
kuid_t loginuid;
666
666
u32 sessionid;
667
667
};
668
668
···
681
681
return audit_buf;
682
682
}
683
683
684
-
static inline void xfrm_audit_helper_usrinfo(uid_t auid, u32 ses, u32 secid,
684
+
static inline void xfrm_audit_helper_usrinfo(kuid_t auid, u32 ses, u32 secid,
685
685
struct audit_buffer *audit_buf)
686
686
{
687
687
char *secctx;
688
688
u32 secctx_len;
689
689
690
-
audit_log_format(audit_buf, " auid=%u ses=%u", auid, ses);
690
+
audit_log_format(audit_buf, " auid=%u ses=%u",
691
+
from_kuid(&init_user_ns, auid), ses);
691
692
if (secid != 0 &&
692
693
security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) {
693
694
audit_log_format(audit_buf, " subj=%s", secctx);
···
698
697
}
699
698
700
699
extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
701
-
u32 auid, u32 ses, u32 secid);
700
+
kuid_t auid, u32 ses, u32 secid);
702
701
extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
703
-
u32 auid, u32 ses, u32 secid);
702
+
kuid_t auid, u32 ses, u32 secid);
704
703
extern void xfrm_audit_state_add(struct xfrm_state *x, int result,
705
-
u32 auid, u32 ses, u32 secid);
704
+
kuid_t auid, u32 ses, u32 secid);
706
705
extern void xfrm_audit_state_delete(struct xfrm_state *x, int result,
707
-
u32 auid, u32 ses, u32 secid);
706
+
kuid_t auid, u32 ses, u32 secid);
708
707
extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
709
708
struct sk_buff *skb);
710
709
extern void xfrm_audit_state_replay(struct xfrm_state *x,
···
717
716
#else
718
717
719
718
static inline void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
720
-
u32 auid, u32 ses, u32 secid)
719
+
kuid_t auid, u32 ses, u32 secid)
721
720
{
722
721
}
723
722
724
723
static inline void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
725
-
u32 auid, u32 ses, u32 secid)
724
+
kuid_t auid, u32 ses, u32 secid)
726
725
{
727
726
}
728
727
729
728
static inline void xfrm_audit_state_add(struct xfrm_state *x, int result,
730
-
u32 auid, u32 ses, u32 secid)
729
+
kuid_t auid, u32 ses, u32 secid)
731
730
{
732
731
}
733
732
734
733
static inline void xfrm_audit_state_delete(struct xfrm_state *x, int result,
735
-
u32 auid, u32 ses, u32 secid)
734
+
kuid_t auid, u32 ses, u32 secid)
736
735
{
737
736
}
738
737
+10
-10
kernel/audit.c
+10
-10
kernel/audit.c
···
265
265
}
266
266
267
267
static int audit_log_config_change(char *function_name, int new, int old,
268
-
uid_t loginuid, u32 sessionid, u32 sid,
268
+
kuid_t loginuid, u32 sessionid, u32 sid,
269
269
int allow_changes)
270
270
{
271
271
struct audit_buffer *ab;
···
273
273
274
274
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
275
275
audit_log_format(ab, "%s=%d old=%d auid=%u ses=%u", function_name, new,
276
-
old, loginuid, sessionid);
276
+
old, from_kuid(&init_user_ns, loginuid), sessionid);
277
277
if (sid) {
278
278
char *ctx = NULL;
279
279
u32 len;
···
293
293
}
294
294
295
295
static int audit_do_config_change(char *function_name, int *to_change,
296
-
int new, uid_t loginuid, u32 sessionid,
296
+
int new, kuid_t loginuid, u32 sessionid,
297
297
u32 sid)
298
298
{
299
299
int allow_changes, rc = 0, old = *to_change;
···
320
320
return rc;
321
321
}
322
322
323
-
static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sessionid,
323
+
static int audit_set_rate_limit(int limit, kuid_t loginuid, u32 sessionid,
324
324
u32 sid)
325
325
{
326
326
return audit_do_config_change("audit_rate_limit", &audit_rate_limit,
327
327
limit, loginuid, sessionid, sid);
328
328
}
329
329
330
-
static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sessionid,
330
+
static int audit_set_backlog_limit(int limit, kuid_t loginuid, u32 sessionid,
331
331
u32 sid)
332
332
{
333
333
return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit,
334
334
limit, loginuid, sessionid, sid);
335
335
}
336
336
337
-
static int audit_set_enabled(int state, uid_t loginuid, u32 sessionid, u32 sid)
337
+
static int audit_set_enabled(int state, kuid_t loginuid, u32 sessionid, u32 sid)
338
338
{
339
339
int rc;
340
340
if (state < AUDIT_OFF || state > AUDIT_LOCKED)
···
349
349
return rc;
350
350
}
351
351
352
-
static int audit_set_failure(int state, uid_t loginuid, u32 sessionid, u32 sid)
352
+
static int audit_set_failure(int state, kuid_t loginuid, u32 sessionid, u32 sid)
353
353
{
354
354
if (state != AUDIT_FAIL_SILENT
355
355
&& state != AUDIT_FAIL_PRINTK
···
607
607
}
608
608
609
609
static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
610
-
uid_t auid, u32 ses, u32 sid)
610
+
kuid_t auid, u32 ses, u32 sid)
611
611
{
612
612
int rc = 0;
613
613
char *ctx = NULL;
···
622
622
audit_log_format(*ab, "pid=%d uid=%u auid=%u ses=%u",
623
623
task_tgid_vnr(current),
624
624
from_kuid(&init_user_ns, current_uid()),
625
-
auid, ses);
625
+
from_kuid(&init_user_ns, auid), ses);
626
626
if (sid) {
627
627
rc = security_secid_to_secctx(sid, &ctx, &len);
628
628
if (rc)
···
644
644
int err;
645
645
struct audit_buffer *ab;
646
646
u16 msg_type = nlh->nlmsg_type;
647
-
uid_t loginuid; /* loginuid of sender */
647
+
kuid_t loginuid; /* loginuid of sender */
648
648
u32 sessionid;
649
649
struct audit_sig_info *sig_data;
650
650
char *ctx = NULL;
+1
-1
kernel/audit_watch.c
+1
-1
kernel/audit_watch.c
···
241
241
struct audit_buffer *ab;
242
242
ab = audit_log_start(NULL, GFP_NOFS, AUDIT_CONFIG_CHANGE);
243
243
audit_log_format(ab, "auid=%u ses=%u op=",
244
-
audit_get_loginuid(current),
244
+
from_kuid(&init_user_ns, audit_get_loginuid(current)),
245
245
audit_get_sessionid(current));
246
246
audit_log_string(ab, op);
247
247
audit_log_format(ab, " path=");
+4
-3
kernel/auditfilter.c
+4
-3
kernel/auditfilter.c
···
1109
1109
}
1110
1110
1111
1111
/* Log rule additions and removals */
1112
-
static void audit_log_rule_change(uid_t loginuid, u32 sessionid, u32 sid,
1112
+
static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid,
1113
1113
char *action, struct audit_krule *rule,
1114
1114
int res)
1115
1115
{
···
1121
1121
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
1122
1122
if (!ab)
1123
1123
return;
1124
-
audit_log_format(ab, "auid=%u ses=%u", loginuid, sessionid);
1124
+
audit_log_format(ab, "auid=%u ses=%u",
1125
+
from_kuid(&init_user_ns, loginuid), sessionid);
1125
1126
if (sid) {
1126
1127
char *ctx = NULL;
1127
1128
u32 len;
···
1153
1152
* @sid: SE Linux Security ID of sender
1154
1153
*/
1155
1154
int audit_receive_filter(int type, int pid, int seq, void *data,
1156
-
size_t datasz, uid_t loginuid, u32 sessionid, u32 sid)
1155
+
size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid)
1157
1156
{
1158
1157
struct task_struct *tsk;
1159
1158
struct audit_netlink_list *dest;
+11
-9
kernel/auditsc.c
+11
-9
kernel/auditsc.c
···
149
149
struct audit_aux_data_pids {
150
150
struct audit_aux_data d;
151
151
pid_t target_pid[AUDIT_AUX_PIDS];
152
-
uid_t target_auid[AUDIT_AUX_PIDS];
152
+
kuid_t target_auid[AUDIT_AUX_PIDS];
153
153
uid_t target_uid[AUDIT_AUX_PIDS];
154
154
unsigned int target_sessionid[AUDIT_AUX_PIDS];
155
155
u32 target_sid[AUDIT_AUX_PIDS];
···
214
214
int arch;
215
215
216
216
pid_t target_pid;
217
-
uid_t target_auid;
217
+
kuid_t target_auid;
218
218
uid_t target_uid;
219
219
unsigned int target_sessionid;
220
220
u32 target_sid;
···
1176
1176
}
1177
1177
1178
1178
static int audit_log_pid_context(struct audit_context *context, pid_t pid,
1179
-
uid_t auid, uid_t uid, unsigned int sessionid,
1179
+
kuid_t auid, uid_t uid, unsigned int sessionid,
1180
1180
u32 sid, char *comm)
1181
1181
{
1182
1182
struct audit_buffer *ab;
···
1188
1188
if (!ab)
1189
1189
return rc;
1190
1190
1191
-
audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, auid,
1191
+
audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid,
1192
+
from_kuid(&init_user_ns, auid),
1192
1193
uid, sessionid);
1193
1194
if (security_secid_to_secctx(sid, &ctx, &len)) {
1194
1195
audit_log_format(ab, " obj=(none)");
···
1631
1630
context->name_count,
1632
1631
context->ppid,
1633
1632
context->pid,
1634
-
tsk->loginuid,
1633
+
from_kuid(&init_user_ns, tsk->loginuid),
1635
1634
context->uid,
1636
1635
context->gid,
1637
1636
context->euid, context->suid, context->fsuid,
···
2292
2291
*
2293
2292
* Called (set) from fs/proc/base.c::proc_loginuid_write().
2294
2293
*/
2295
-
int audit_set_loginuid(uid_t loginuid)
2294
+
int audit_set_loginuid(kuid_t loginuid)
2296
2295
{
2297
2296
struct task_struct *task = current;
2298
2297
struct audit_context *context = task->audit_context;
2299
2298
unsigned int sessionid;
2300
2299
2301
2300
#ifdef CONFIG_AUDIT_LOGINUID_IMMUTABLE
2302
-
if (task->loginuid != -1)
2301
+
if (uid_valid(task->loginuid))
2303
2302
return -EPERM;
2304
2303
#else /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */
2305
2304
if (!capable(CAP_AUDIT_CONTROL))
···
2316
2315
"old auid=%u new auid=%u"
2317
2316
" old ses=%u new ses=%u",
2318
2317
task->pid, task_uid(task),
2319
-
task->loginuid, loginuid,
2318
+
from_kuid(&init_user_ns, task->loginuid),
2319
+
from_kuid(&init_user_ns, loginuid),
2320
2320
task->sessionid, sessionid);
2321
2321
audit_log_end(ab);
2322
2322
}
···
2545
2543
if (audit_pid && t->tgid == audit_pid) {
2546
2544
if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1 || sig == SIGUSR2) {
2547
2545
audit_sig_pid = tsk->pid;
2548
-
if (tsk->loginuid != -1)
2546
+
if (uid_valid(tsk->loginuid))
2549
2547
audit_sig_uid = tsk->loginuid;
2550
2548
else
2551
2549
audit_sig_uid = uid;
+1
-1
net/core/dev.c
+1
-1
net/core/dev.c
···
4524
4524
"dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u",
4525
4525
dev->name, (dev->flags & IFF_PROMISC),
4526
4526
(old_flags & IFF_PROMISC),
4527
-
audit_get_loginuid(current),
4527
+
from_kuid(&init_user_ns, audit_get_loginuid(current)),
4528
4528
from_kuid(&init_user_ns, uid),
4529
4529
from_kgid(&init_user_ns, gid),
4530
4530
audit_get_sessionid(current));
+1
-1
net/netlabel/netlabel_unlabeled.c
+1
-1
net/netlabel/netlabel_unlabeled.c
···
1541
1541
* it is called is at bootup before the audit subsystem is reporting
1542
1542
* messages so don't worry to much about these values. */
1543
1543
security_task_getsecid(current, &audit_info.secid);
1544
-
audit_info.loginuid = 0;
1544
+
audit_info.loginuid = GLOBAL_ROOT_UID;
1545
1545
audit_info.sessionid = 0;
1546
1546
1547
1547
entry = kzalloc(sizeof(*entry), GFP_KERNEL);
+1
-1
net/netlabel/netlabel_user.c
+1
-1
net/netlabel/netlabel_user.c
+4
-4
net/xfrm/xfrm_policy.c
+4
-4
net/xfrm/xfrm_policy.c
···
2630
2630
2631
2631
flush_work(&net->xfrm.policy_hash_work);
2632
2632
#ifdef CONFIG_XFRM_SUB_POLICY
2633
-
audit_info.loginuid = -1;
2633
+
audit_info.loginuid = INVALID_UID;
2634
2634
audit_info.sessionid = -1;
2635
2635
audit_info.secid = 0;
2636
2636
xfrm_policy_flush(net, XFRM_POLICY_TYPE_SUB, &audit_info);
2637
2637
#endif
2638
-
audit_info.loginuid = -1;
2638
+
audit_info.loginuid = INVALID_UID;
2639
2639
audit_info.sessionid = -1;
2640
2640
audit_info.secid = 0;
2641
2641
xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, &audit_info);
···
2742
2742
}
2743
2743
2744
2744
void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
2745
-
uid_t auid, u32 sessionid, u32 secid)
2745
+
kuid_t auid, u32 sessionid, u32 secid)
2746
2746
{
2747
2747
struct audit_buffer *audit_buf;
2748
2748
···
2757
2757
EXPORT_SYMBOL_GPL(xfrm_audit_policy_add);
2758
2758
2759
2759
void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
2760
-
uid_t auid, u32 sessionid, u32 secid)
2760
+
kuid_t auid, u32 sessionid, u32 secid)
2761
2761
{
2762
2762
struct audit_buffer *audit_buf;
2763
2763
+3
-3
net/xfrm/xfrm_state.c
+3
-3
net/xfrm/xfrm_state.c
···
2045
2045
unsigned int sz;
2046
2046
2047
2047
flush_work(&net->xfrm.state_hash_work);
2048
-
audit_info.loginuid = -1;
2048
+
audit_info.loginuid = INVALID_UID;
2049
2049
audit_info.sessionid = -1;
2050
2050
audit_info.secid = 0;
2051
2051
xfrm_state_flush(net, IPSEC_PROTO_ANY, &audit_info);
···
2112
2112
}
2113
2113
2114
2114
void xfrm_audit_state_add(struct xfrm_state *x, int result,
2115
-
uid_t auid, u32 sessionid, u32 secid)
2115
+
kuid_t auid, u32 sessionid, u32 secid)
2116
2116
{
2117
2117
struct audit_buffer *audit_buf;
2118
2118
···
2127
2127
EXPORT_SYMBOL_GPL(xfrm_audit_state_add);
2128
2128
2129
2129
void xfrm_audit_state_delete(struct xfrm_state *x, int result,
2130
-
uid_t auid, u32 sessionid, u32 secid)
2130
+
kuid_t auid, u32 sessionid, u32 secid)
2131
2131
{
2132
2132
struct audit_buffer *audit_buf;
2133
2133
+6
-6
net/xfrm/xfrm_user.c
+6
-6
net/xfrm/xfrm_user.c
···
575
575
struct xfrm_state *x;
576
576
int err;
577
577
struct km_event c;
578
-
uid_t loginuid = audit_get_loginuid(current);
578
+
kuid_t loginuid = audit_get_loginuid(current);
579
579
u32 sessionid = audit_get_sessionid(current);
580
580
u32 sid;
581
581
···
654
654
int err = -ESRCH;
655
655
struct km_event c;
656
656
struct xfrm_usersa_id *p = nlmsg_data(nlh);
657
-
uid_t loginuid = audit_get_loginuid(current);
657
+
kuid_t loginuid = audit_get_loginuid(current);
658
658
u32 sessionid = audit_get_sessionid(current);
659
659
u32 sid;
660
660
···
1369
1369
struct km_event c;
1370
1370
int err;
1371
1371
int excl;
1372
-
uid_t loginuid = audit_get_loginuid(current);
1372
+
kuid_t loginuid = audit_get_loginuid(current);
1373
1373
u32 sessionid = audit_get_sessionid(current);
1374
1374
u32 sid;
1375
1375
···
1624
1624
NETLINK_CB(skb).pid);
1625
1625
}
1626
1626
} else {
1627
-
uid_t loginuid = audit_get_loginuid(current);
1627
+
kuid_t loginuid = audit_get_loginuid(current);
1628
1628
u32 sessionid = audit_get_sessionid(current);
1629
1629
u32 sid;
1630
1630
···
1918
1918
1919
1919
err = 0;
1920
1920
if (up->hard) {
1921
-
uid_t loginuid = audit_get_loginuid(current);
1921
+
kuid_t loginuid = audit_get_loginuid(current);
1922
1922
u32 sessionid = audit_get_sessionid(current);
1923
1923
u32 sid;
1924
1924
···
1961
1961
km_state_expired(x, ue->hard, current->pid);
1962
1962
1963
1963
if (ue->hard) {
1964
-
uid_t loginuid = audit_get_loginuid(current);
1964
+
kuid_t loginuid = audit_get_loginuid(current);
1965
1965
u32 sessionid = audit_get_sessionid(current);
1966
1966
u32 sid;
1967
1967