diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-10 23:10:16 -0700 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-17 18:03:31 -0700 |
commit | 02276bda4a2bf094fcde89fb5db4d9e86347ebf4 (patch) | |
tree | 7f06da4dd9757c353133b9c512334daf96cfec1e /include/linux/audit.h | |
parent | 34e36d8ecbd958bc15f8e63deade1227de337eb1 (diff) | |
download | lwn-02276bda4a2bf094fcde89fb5db4d9e86347ebf4.tar.gz lwn-02276bda4a2bf094fcde89fb5db4d9e86347ebf4.zip |
audit: Use current instead of NETLINK_CREDS() in audit_filter
Get caller process uid and gid and pid values from the current task
instead of the NETLINK_CB. This is simpler than passing NETLINK_CREDS
from from audit_receive_msg to audit_filter_user_rules and avoid the
chance of being hit by the occassional bugs in netlink uid/gid
credential passing. This is a safe changes because all netlink
requests are processed in the task of the sending process.
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'include/linux/audit.h')
-rw-r--r-- | include/linux/audit.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 36abf2aa7e68..9c9af0e95f93 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -700,7 +700,7 @@ extern void audit_log_secctx(struct audit_buffer *ab, u32 secid); extern int audit_update_lsm_rules(void); /* Private API (for audit.c only) */ -extern int audit_filter_user(struct netlink_skb_parms *cb); +extern int audit_filter_user(void); extern int audit_filter_type(int type); extern int audit_receive_filter(int type, int pid, int uid, int seq, void *data, size_t datasz, uid_t loginuid, |