diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2013-12-24 12:49:01 +0100 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-03-07 17:32:28 +0100 |
commit | 73a6b44a003ad5dd1af9a8d05f01589dce7cd47a (patch) | |
tree | cd1ef257eeae49811df0b79a39f0d9a6f0cd5e22 /security | |
parent | fs: move i_readcount (diff) | |
download | linux-73a6b44a003ad5dd1af9a8d05f01589dce7cd47a.tar.xz linux-73a6b44a003ad5dd1af9a8d05f01589dce7cd47a.zip |
Integrity: Pass commname via get_task_comm()
When we pass task->comm to audit_log_untrustedstring(), we need to pass it
via get_task_comm() because task->comm can be changed to contain untrusted
string by other threads after audit_log_untrustedstring() confirmed that
task->comm does not contain untrusted string.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/integrity_audit.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c index 809ec8428ee7..4b996ba48fc2 100644 --- a/security/integrity/integrity_audit.c +++ b/security/integrity/integrity_audit.c @@ -33,6 +33,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode, const char *cause, int result, int audit_info) { struct audit_buffer *ab; + char name[TASK_COMM_LEN]; if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ return; @@ -49,7 +50,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode, audit_log_format(ab, " cause="); audit_log_string(ab, cause); audit_log_format(ab, " comm="); - audit_log_untrustedstring(ab, current->comm); + audit_log_untrustedstring(ab, get_task_comm(name, current)); if (fname) { audit_log_format(ab, " name="); audit_log_untrustedstring(ab, fname); |