diff options
-rw-r--r-- | kernel/auditsc.c | 28 | ||||
-rw-r--r-- | security/selinux/avc.c | 34 |
2 files changed, 28 insertions, 34 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 8c45485..6f19313 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -610,6 +610,33 @@ static inline void audit_free_context(struct audit_context *context) printk(KERN_ERR "audit: freed %d contexts\n", count); } +static void audit_log_task_info(struct audit_buffer *ab) +{ + char name[sizeof(current->comm)]; + struct mm_struct *mm = current->mm; + struct vm_area_struct *vma; + + get_task_comm(name, current); + audit_log_format(ab, " comm=%s", name); + + if (!mm) + return; + + down_read(&mm->mmap_sem); + vma = mm->mmap; + while (vma) { + if ((vma->vm_flags & VM_EXECUTABLE) && + vma->vm_file) { + audit_log_d_path(ab, "exe=", + vma->vm_file->f_dentry, + vma->vm_file->f_vfsmnt); + break; + } + vma = vma->vm_next; + } + up_read(&mm->mmap_sem); +} + static void audit_log_exit(struct audit_context *context) { int i; @@ -639,6 +666,7 @@ static void audit_log_exit(struct audit_context *context) context->gid, context->euid, context->suid, context->fsuid, context->egid, context->sgid, context->fsgid); + audit_log_task_info(ab); audit_log_end(ab); while (context->aux) { struct audit_aux_data *aux; diff --git a/security/selinux/avc.c b/security/selinux/avc.c index fe6285e..85a6f66 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -532,7 +532,6 @@ void avc_audit(u32 ssid, u32 tsid, u16 tclass, u32 requested, struct av_decision *avd, int result, struct avc_audit_data *a) { - struct task_struct *tsk = current; struct inode *inode = NULL; u32 denied, audited; struct audit_buffer *ab; @@ -556,39 +555,6 @@ void avc_audit(u32 ssid, u32 tsid, audit_log_format(ab, "avc: %s ", denied ? "denied" : "granted"); avc_dump_av(ab, tclass,audited); audit_log_format(ab, " for "); - if (a && a->tsk) - tsk = a->tsk; - if (tsk && tsk->pid) { - struct mm_struct *mm; - struct vm_area_struct *vma; - audit_log_format(ab, " pid=%d", tsk->pid); - if (tsk == current) - mm = current->mm; - else - mm = get_task_mm(tsk); - if (mm) { - if (down_read_trylock(&mm->mmap_sem)) { - vma = mm->mmap; - while (vma) { - if ((vma->vm_flags & VM_EXECUTABLE) && - vma->vm_file) { - audit_log_d_path(ab, "exe=", - vma->vm_file->f_dentry, - vma->vm_file->f_vfsmnt); - break; - } - vma = vma->vm_next; - } - up_read(&mm->mmap_sem); - } else { - audit_log_format(ab, " comm=%s", tsk->comm); - } - if (tsk != current) - mmput(mm); - } else { - audit_log_format(ab, " comm=%s", tsk->comm); - } - } if (a) { switch (a->type) { case AVC_AUDIT_DATA_IPC: |