tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

audit: enable filename recording via getname_kernel()

Enable recording of filenames in getname_kernel() and remove the
kludgy workaround in __audit_inode() now that we have proper filename
logging for kernel users.

CC: viro@zeniv.linux.org.uk
CC: linux-fsdevel@vger.kernel.org
Signed-off-by: Paul Moore <pmoore@redhat.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

authored by

Paul Moore and committed by
Al Viro fd3522fd cbaab2db

+4 -37
+1
fs/namei.c
··· 243 243 memcpy((char *)result->name, filename, len); 244 244 result->uptr = NULL; 245 245 result->aname = NULL; 246 + audit_getname(result); 246 247 247 248 return result; 248 249 }
+3 -37
kernel/auditsc.c
··· 1882 1882 n = audit_alloc_name(context, AUDIT_TYPE_UNKNOWN); 1883 1883 if (!n) 1884 1884 return; 1885 - /* unfortunately, while we may have a path name to record with the 1886 - * inode, we can't always rely on the string lasting until the end of 1887 - * the syscall so we need to create our own copy, it may fail due to 1888 - * memory allocation issues, but we do our best */ 1889 - if (name) { 1890 - /* we can't use getname_kernel() due to size limits */ 1891 - size_t len = strlen(name->name) + 1; 1892 - struct filename *new = __getname(); 1885 + if (name) 1886 + /* no need to set ->name_put as the original will cleanup */ 1887 + n->name = name; 1893 1888 1894 - if (unlikely(!new)) 1895 - goto out; 1896 - 1897 - if (len <= (PATH_MAX - sizeof(*new))) { 1898 - new->name = (char *)(new) + sizeof(*new); 1899 - new->separate = false; 1900 - } else if (len <= PATH_MAX) { 1901 - /* this looks odd, but is due to final_putname() */ 1902 - struct filename *new2; 1903 - 1904 - new2 = kmalloc(sizeof(*new2), GFP_KERNEL); 1905 - if (unlikely(!new2)) { 1906 - __putname(new); 1907 - goto out; 1908 - } 1909 - new2->name = (char *)new; 1910 - new2->separate = true; 1911 - new = new2; 1912 - } else { 1913 - /* we should never get here, but let's be safe */ 1914 - __putname(new); 1915 - goto out; 1916 - } 1917 - strlcpy((char *)new->name, name->name, len); 1918 - new->uptr = NULL; 1919 - new->aname = n; 1920 - n->name = new; 1921 - n->name_put = true; 1922 - } 1923 1889 out: 1924 1890 if (parent) { 1925 1891 n->name_len = n->name ? parent_len(n->name->name) : AUDIT_NAME_FULL;