diff options
author | Richard Guy Briggs <rgb@redhat.com> | 2018-02-14 17:18:22 +0100 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2018-03-09 01:25:35 +0100 |
commit | 45b578fe4c3cade6f4ca1fc934ce199afd857edc (patch) | |
tree | d248b3b4dcca05f5d9a9a99f6e3ee4f43bcab90b /kernel/audit.c | |
parent | audit: make ANOM_LINK obey audit_enabled and audit_dummy_context (diff) | |
download | linux-45b578fe4c3cade6f4ca1fc934ce199afd857edc.tar.xz linux-45b578fe4c3cade6f4ca1fc934ce199afd857edc.zip |
audit: link denied should not directly generate PATH record
Audit link denied events generate duplicate PATH records which disagree
in different ways from symlink and hardlink denials.
audit_log_link_denied() should not directly generate PATH records.
See: https://github.com/linux-audit/audit-kernel/issues/21
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'kernel/audit.c')
-rw-r--r-- | kernel/audit.c | 14 |
1 files changed, 1 insertions, 13 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 46cd8f66af17..3f2f143edadf 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -2313,31 +2313,19 @@ EXPORT_SYMBOL(audit_log_task_info); void audit_log_link_denied(const char *operation, const struct path *link) { struct audit_buffer *ab; - struct audit_names *name; if (!audit_enabled || audit_dummy_context()) return; - name = kzalloc(sizeof(*name), GFP_NOFS); - if (!name) - return; - /* Generate AUDIT_ANOM_LINK with subject, operation, outcome. */ ab = audit_log_start(current->audit_context, GFP_KERNEL, AUDIT_ANOM_LINK); if (!ab) - goto out; + return; audit_log_format(ab, "op=%s", operation); audit_log_task_info(ab, current); audit_log_format(ab, " res=0"); audit_log_end(ab); - - /* Generate AUDIT_PATH record with object. */ - name->type = AUDIT_TYPE_NORMAL; - audit_copy_inode(name, link->dentry, d_backing_inode(link->dentry)); - audit_log_name(current->audit_context, name, link, 0, NULL); -out: - kfree(name); } /** |