diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-04-07 00:01:25 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-04-07 00:01:25 +0200 |
commit | 6ad11bdd57ad31182850a54235f0e947cbfd5ad0 (patch) | |
tree | 298074cee5a8af7ac9f885f7b30d04830031312a /fs/namei.c | |
parent | Merge tag 'pstore-v4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git... (diff) | |
parent | audit: add refused symlink to audit_names (diff) | |
download | linux-6ad11bdd57ad31182850a54235f0e947cbfd5ad0.tar.xz linux-6ad11bdd57ad31182850a54235f0e947cbfd5ad0.zip |
Merge tag 'audit-pr-20180403' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
Pull audit updates from Paul Moore:
"We didn't have anything to send for v4.16, but we're back with a
little more than usual for v4.17.
Eleven patches in total, most fall into the small fix category, but
there are three non-trivial changes worth calling out:
- the audit entry filter is being removed after deprecating it for
quite a while (years of no one really using it because it turns out
to be not very practical)
- created our own version of "__mutex_owner()" because the locking
folks were upset we were using theirs
- improved our handling of kernel command line parameters to make
them more forgiving
- we fixed auditing of symlink operations
Everything passes the audit-testsuite and as of a few minutes ago it
merges well with your tree"
* tag 'audit-pr-20180403' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
audit: add refused symlink to audit_names
audit: remove path param from link denied function
audit: link denied should not directly generate PATH record
audit: make ANOM_LINK obey audit_enabled and audit_dummy_context
audit: do not panic on invalid boot parameter
audit: track the owner of the command mutex ourselves
audit: return on memory error to avoid null pointer dereference
audit: bail before bug check if audit disabled
audit: deprecate the AUDIT_FILTER_ENTRY filter
audit: session ID should not set arch quick field pointer
audit: update bugtracker and source URIs
Diffstat (limited to 'fs/namei.c')
-rw-r--r-- | fs/namei.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c index 5661da1972cd..a66ed5a1622a 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -929,7 +929,8 @@ static inline int may_follow_link(struct nameidata *nd) if (nd->flags & LOOKUP_RCU) return -ECHILD; - audit_log_link_denied("follow_link", &nd->stack[0].link); + audit_inode(nd->name, nd->stack[0].link.dentry, 0); + audit_log_link_denied("follow_link"); return -EACCES; } @@ -995,7 +996,7 @@ static int may_linkat(struct path *link) if (safe_hardlink_source(inode) || inode_owner_or_capable(inode)) return 0; - audit_log_link_denied("linkat", link); + audit_log_link_denied("linkat"); return -EPERM; } |