summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2007-02-07 07:48:00 +0100
committerAl Viro <viro@zeniv.linux.org.uk>2007-02-18 03:30:15 +0100
commitdb3495099d3d52854b13874905af6e40a91f4721 (patch)
tree5a832081d70dd9dabda3498baf40b7d6ced47f24 /net
parent[PATCH] audit config lockdown (diff)
downloadlinux-db3495099d3d52854b13874905af6e40a91f4721.tar.xz
linux-db3495099d3d52854b13874905af6e40a91f4721.zip
[PATCH] AUDIT_FD_PAIR
Provide an audit record of the descriptor pair returned by pipe() and socketpair(). Rewritten from the original posted to linux-audit by John D. Ramsdell <ramsdell@mitre.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'net')
-rw-r--r--net/socket.c52
1 files changed, 39 insertions, 13 deletions
diff --git a/net/socket.c b/net/socket.c
index 0778c5442411..9566e57ac7f5 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1194,6 +1194,7 @@ asmlinkage long sys_socketpair(int family, int type, int protocol,
{
struct socket *sock1, *sock2;
int fd1, fd2, err;
+ struct file *newfile1, *newfile2;
/*
* Obtain the first socket and check if the underlying protocol
@@ -1212,18 +1213,37 @@ asmlinkage long sys_socketpair(int family, int type, int protocol,
if (err < 0)
goto out_release_both;
- fd1 = fd2 = -1;
+ fd1 = sock_alloc_fd(&newfile1);
+ if (unlikely(fd1 < 0))
+ goto out_release_both;
- err = sock_map_fd(sock1);
- if (err < 0)
+ fd2 = sock_alloc_fd(&newfile2);
+ if (unlikely(fd2 < 0)) {
+ put_filp(newfile1);
+ put_unused_fd(fd1);
goto out_release_both;
- fd1 = err;
+ }
- err = sock_map_fd(sock2);
- if (err < 0)
- goto out_close_1;
- fd2 = err;
+ err = sock_attach_fd(sock1, newfile1);
+ if (unlikely(err < 0)) {
+ goto out_fd2;
+ }
+
+ err = sock_attach_fd(sock2, newfile2);
+ if (unlikely(err < 0)) {
+ fput(newfile1);
+ goto out_fd1;
+ }
+
+ err = audit_fd_pair(fd1, fd2);
+ if (err < 0) {
+ fput(newfile1);
+ fput(newfile2);
+ goto out_fd;
+ }
+ fd_install(fd1, newfile1);
+ fd_install(fd2, newfile2);
/* fd1 and fd2 may be already another descriptors.
* Not kernel problem.
*/
@@ -1238,17 +1258,23 @@ asmlinkage long sys_socketpair(int family, int type, int protocol,
sys_close(fd1);
return err;
-out_close_1:
- sock_release(sock2);
- sys_close(fd1);
- return err;
-
out_release_both:
sock_release(sock2);
out_release_1:
sock_release(sock1);
out:
return err;
+
+out_fd2:
+ put_filp(newfile1);
+ sock_release(sock1);
+out_fd1:
+ put_filp(newfile2);
+ sock_release(sock2);
+out_fd:
+ put_unused_fd(fd1);
+ put_unused_fd(fd2);
+ goto out;
}
/*