diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2007-03-20 13:58:35 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2007-05-11 05:38:25 -0400 |
commit | a5cb013da773a67ee48d1c19e96436c22a73a7eb (patch) | |
tree | 8832d105c4742674423bd50352b8a4805c44fecc /kernel/auditsc.c | |
parent | 129a84de2347002f09721cda3155ccfd19fade40 (diff) | |
download | lwn-a5cb013da773a67ee48d1c19e96436c22a73a7eb.tar.gz lwn-a5cb013da773a67ee48d1c19e96436c22a73a7eb.zip |
[PATCH] auditing ptrace
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r-- | kernel/auditsc.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 628c7ac590a0..2243c559bc03 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -209,6 +209,9 @@ struct audit_context { unsigned long personality; int arch; + pid_t target_pid; + u32 target_sid; + #if AUDIT_DEBUG int put_count; int ino_count; @@ -973,6 +976,23 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts audit_log_end(ab); } + if (context->target_pid) { + ab =audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID); + if (ab) { + char *s = NULL, *t; + u32 len; + if (selinux_sid_to_string(context->target_sid, + &s, &len)) + t = "(none)"; + else + t = s; + audit_log_format(ab, "opid=%d obj=%s", + context->target_pid, t); + audit_log_end(ab); + kfree(s); + } + } + if (context->pwd && context->pwdmnt) { ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD); if (ab) { @@ -1193,6 +1213,7 @@ void audit_syscall_exit(int valid, long return_code) } else { audit_free_names(context); audit_free_aux(context); + context->target_pid = 0; kfree(context->filterkey); context->filterkey = NULL; tsk->audit_context = context; @@ -1880,6 +1901,14 @@ int audit_sockaddr(int len, void *a) return 0; } +void __audit_ptrace(struct task_struct *t) +{ + struct audit_context *context = current->audit_context; + + context->target_pid = t->pid; + selinux_get_task_sid(t, &context->target_sid); +} + /** * audit_avc_path - record the granting or denial of permissions * @dentry: dentry to record |