Commit fd3522fd authored by Paul Moore's avatar Paul Moore Committed by Al Viro

audit: enable filename recording via getname_kernel()

Enable recording of filenames in getname_kernel() and remove the
kludgy workaround in __audit_inode() now that we have proper filename
logging for kernel users.

CC: viro@zeniv.linux.org.uk
CC: linux-fsdevel@vger.kernel.org
Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
Reviewed-by: default avatarRichard Guy Briggs <rgb@redhat.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent cbaab2db
...@@ -243,6 +243,7 @@ getname_kernel(const char * filename) ...@@ -243,6 +243,7 @@ getname_kernel(const char * filename)
memcpy((char *)result->name, filename, len); memcpy((char *)result->name, filename, len);
result->uptr = NULL; result->uptr = NULL;
result->aname = NULL; result->aname = NULL;
audit_getname(result);
return result; return result;
} }
......
...@@ -1882,44 +1882,10 @@ void __audit_inode(struct filename *name, const struct dentry *dentry, ...@@ -1882,44 +1882,10 @@ void __audit_inode(struct filename *name, const struct dentry *dentry,
n = audit_alloc_name(context, AUDIT_TYPE_UNKNOWN); n = audit_alloc_name(context, AUDIT_TYPE_UNKNOWN);
if (!n) if (!n)
return; return;
/* unfortunately, while we may have a path name to record with the if (name)
* inode, we can't always rely on the string lasting until the end of /* no need to set ->name_put as the original will cleanup */
* the syscall so we need to create our own copy, it may fail due to n->name = name;
* memory allocation issues, but we do our best */
if (name) {
/* we can't use getname_kernel() due to size limits */
size_t len = strlen(name->name) + 1;
struct filename *new = __getname();
if (unlikely(!new))
goto out;
if (len <= (PATH_MAX - sizeof(*new))) {
new->name = (char *)(new) + sizeof(*new);
new->separate = false;
} else if (len <= PATH_MAX) {
/* this looks odd, but is due to final_putname() */
struct filename *new2;
new2 = kmalloc(sizeof(*new2), GFP_KERNEL);
if (unlikely(!new2)) {
__putname(new);
goto out;
}
new2->name = (char *)new;
new2->separate = true;
new = new2;
} else {
/* we should never get here, but let's be safe */
__putname(new);
goto out;
}
strlcpy((char *)new->name, name->name, len);
new->uptr = NULL;
new->aname = n;
n->name = new;
n->name_put = true;
}
out: out:
if (parent) { if (parent) {
n->name_len = n->name ? parent_len(n->name->name) : AUDIT_NAME_FULL; n->name_len = n->name ? parent_len(n->name->name) : AUDIT_NAME_FULL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment