[PATCH ghak84 v3] audit: purge audit_log_string from the intra-kernel audit API
Paul Moore
paul at paul-moore.com
Wed Jul 8 22:41:42 UTC 2020
On Fri, Jul 3, 2020 at 5:50 PM Richard Guy Briggs <rgb at redhat.com> wrote:
>
> audit_log_string() was inteded to be an internal audit function and
> since there are only two internal uses, remove them. Purge all external
> uses of it by restructuring code to use an existing audit_log_format()
> or using audit_log_format().
>
> Please see the upstream issue
> https://github.com/linux-audit/audit-kernel/issues/84
>
> Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
> ---
> Passes audit-testsuite.
>
> Changelog:
> v3
> - fix two warning: non-void function does not return a value in all control paths
> Reported-by: kernel test robot <lkp at intel.com>
>
> v2
> - restructure to piggyback on existing audit_log_format() calls, checking quoting needs for each.
>
> v1 Vlad Dronov
> - https://github.com/nefigtut/audit-kernel/commit/dbbcba46335a002f44b05874153a85b9cc18aebf
>
> include/linux/audit.h | 5 -----
> kernel/audit.c | 4 ++--
> security/apparmor/audit.c | 10 ++++------
> security/apparmor/file.c | 25 +++++++------------------
> security/apparmor/ipc.c | 46 +++++++++++++++++++++++-----------------------
> security/apparmor/net.c | 14 ++++++++------
> security/lsm_audit.c | 4 ++--
> 7 files changed, 46 insertions(+), 62 deletions(-)
...
> diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
> index 597732503815..335b5b8d300b 100644
> --- a/security/apparmor/audit.c
> +++ b/security/apparmor/audit.c
> @@ -57,18 +57,16 @@ static void audit_pre(struct audit_buffer *ab, void *ca)
> struct common_audit_data *sa = ca;
>
> if (aa_g_audit_header) {
> - audit_log_format(ab, "apparmor=");
> - audit_log_string(ab, aa_audit_type[aad(sa)->type]);
> + audit_log_format(ab, "apparmor=%s",
> + aa_audit_type[aad(sa)->type]);
> }
>
> if (aad(sa)->op) {
> - audit_log_format(ab, " operation=");
> - audit_log_string(ab, aad(sa)->op);
> + audit_log_format(ab, " operation=%s", aad(sa)->op);
> }
In the case below you've added the quotes around the string, but they
appear to be missing in the two cases above.
> if (aad(sa)->info) {
> - audit_log_format(ab, " info=");
> - audit_log_string(ab, aad(sa)->info);
> + audit_log_format(ab, " info=\"%s\"", aad(sa)->info);
> if (aad(sa)->error)
> audit_log_format(ab, " error=%d", aad(sa)->error);
> }
> diff --git a/security/apparmor/file.c b/security/apparmor/file.c
> index 9a2d14b7c9f8..70f27124d051 100644
> --- a/security/apparmor/file.c
> +++ b/security/apparmor/file.c
> @@ -35,20 +35,6 @@ static u32 map_mask_to_chr_mask(u32 mask)
> }
>
> /**
> - * audit_file_mask - convert mask to permission string
> - * @buffer: buffer to write string to (NOT NULL)
> - * @mask: permission mask to convert
> - */
> -static void audit_file_mask(struct audit_buffer *ab, u32 mask)
> -{
> - char str[10];
> -
> - aa_perm_mask_to_str(str, sizeof(str), aa_file_perm_chrs,
> - map_mask_to_chr_mask(mask));
> - audit_log_string(ab, str);
> -}
> -
> -/**
> * file_audit_cb - call back for file specific audit fields
> * @ab: audit_buffer (NOT NULL)
> * @va: audit struct to audit values of (NOT NULL)
> @@ -57,14 +43,17 @@ static void file_audit_cb(struct audit_buffer *ab, void *va)
> {
> struct common_audit_data *sa = va;
> kuid_t fsuid = current_fsuid();
> + char str[10];
>
> if (aad(sa)->request & AA_AUDIT_FILE_MASK) {
> - audit_log_format(ab, " requested_mask=");
> - audit_file_mask(ab, aad(sa)->request);
> + aa_perm_mask_to_str(str, sizeof(str), aa_file_perm_chrs,
> + map_mask_to_chr_mask(aad(sa)->request));
> + audit_log_format(ab, " requested_mask=%s", str);
> }
> if (aad(sa)->denied & AA_AUDIT_FILE_MASK) {
> - audit_log_format(ab, " denied_mask=");
> - audit_file_mask(ab, aad(sa)->denied);
> + aa_perm_mask_to_str(str, sizeof(str), aa_file_perm_chrs,
> + map_mask_to_chr_mask(aad(sa)->denied));
> + audit_log_format(ab, " denied_mask=%s", str);
> }
More missing quotes.
> if (aad(sa)->request & AA_AUDIT_FILE_MASK) {
> audit_log_format(ab, " fsuid=%d",
> diff --git a/security/apparmor/ipc.c b/security/apparmor/ipc.c
> index 4ecedffbdd33..fe431731883f 100644
> --- a/security/apparmor/ipc.c
> +++ b/security/apparmor/ipc.c
> @@ -20,25 +20,23 @@
>
> /**
> * audit_ptrace_mask - convert mask to permission string
> - * @buffer: buffer to write string to (NOT NULL)
> * @mask: permission mask to convert
> + *
> + * Returns: pointer to static string
> */
> -static void audit_ptrace_mask(struct audit_buffer *ab, u32 mask)
> +static const char *audit_ptrace_mask(u32 mask)
> {
> switch (mask) {
> case MAY_READ:
> - audit_log_string(ab, "read");
> - break;
> + return "read";
> case MAY_WRITE:
> - audit_log_string(ab, "trace");
> - break;
> + return "trace";
> case AA_MAY_BE_READ:
> - audit_log_string(ab, "readby");
> - break;
> + return "readby";
> case AA_MAY_BE_TRACED:
> - audit_log_string(ab, "tracedby");
> - break;
> + return "tracedby";
> }
> + return "";
> }
>
> /* call back to audit ptrace fields */
> @@ -47,12 +45,12 @@ static void audit_ptrace_cb(struct audit_buffer *ab, void *va)
> struct common_audit_data *sa = va;
>
> if (aad(sa)->request & AA_PTRACE_PERM_MASK) {
> - audit_log_format(ab, " requested_mask=");
> - audit_ptrace_mask(ab, aad(sa)->request);
> + audit_log_format(ab, " requested_mask=%s",
> + audit_ptrace_mask(aad(sa)->request));
>
> if (aad(sa)->denied & AA_PTRACE_PERM_MASK) {
> - audit_log_format(ab, " denied_mask=");
> - audit_ptrace_mask(ab, aad(sa)->denied);
> + audit_log_format(ab, " denied_mask=%s",
> + audit_ptrace_mask(aad(sa)->denied));
> }
Quotes. There are none.
... and it looks like there are more missing too, but I kinda stopped
seriously reading the patch here, please take a closer look at the
patch, make the necessary changes, and resubmit.
--
paul moore
www.paul-moore.com
More information about the Linux-security-module-archive
mailing list