diff options
| author | Eric Paris <eparis@redhat.com> | 2013-04-19 13:23:09 -0400 |
|---|---|---|
| committer | Eric Paris <eparis@redhat.com> | 2013-04-30 15:31:28 -0400 |
| commit | dc9eb698f441889f2d7926b1cc6f1e14f0787f00 (patch) | |
| tree | acdd37f268633b38b370fe0725f57ccd0d4fcadc /kernel/auditfilter.c | |
| parent | 18900909163758baf2152c9102b1a0953f7f1c30 (diff) | |
audit: stop pushing loginid, uid, sessionid as arguments
We always use current. Stop pulling this when the skb comes in and
pushing it around as arguments. Just get it at the end when you need
it.
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/auditfilter.c')
| -rw-r--r-- | kernel/auditfilter.c | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index ee9af6533327..f952234da2ca 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -980,11 +980,12 @@ static void audit_list_rules(int pid, int seq, struct sk_buff_head *q) } /* Log rule additions and removals */ -static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid, - char *action, struct audit_krule *rule, - int res) +static void audit_log_rule_change(char *action, struct audit_krule *rule, int res) { struct audit_buffer *ab; + uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(current)); + u32 sessionid = audit_get_sessionid(current); + u32 sid; if (!audit_enabled) return; @@ -992,8 +993,8 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid, ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); if (!ab) return; - audit_log_format(ab, "auid=%u ses=%u", - from_kuid(&init_user_ns, loginuid), sessionid); + audit_log_format(ab, "auid=%u ses=%u" ,loginuid, sessionid); + security_task_getsecid(current, &sid); if (sid) { char *ctx = NULL; u32 len; @@ -1022,8 +1023,7 @@ static void audit_log_rule_change(kuid_t loginuid, u32 sessionid, u32 sid, * @sessionid: sessionid for netlink audit message * @sid: SE Linux Security ID of sender */ -int audit_receive_filter(int type, int pid, int seq, void *data, - size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid) +int audit_receive_filter(int type, int pid, int seq, void *data, size_t datasz) { struct task_struct *tsk; struct audit_netlink_list *dest; @@ -1061,9 +1061,7 @@ int audit_receive_filter(int type, int pid, int seq, void *data, return PTR_ERR(entry); err = audit_add_rule(entry); - audit_log_rule_change(loginuid, sessionid, sid, "add rule", - &entry->rule, !err); - + audit_log_rule_change("add rule", &entry->rule, !err); if (err) audit_free_rule(entry); break; @@ -1073,9 +1071,7 @@ int audit_receive_filter(int type, int pid, int seq, void *data, return PTR_ERR(entry); err = audit_del_rule(entry); - audit_log_rule_change(loginuid, sessionid, sid, "remove rule", - &entry->rule, !err); - + audit_log_rule_change("remove rule", &entry->rule, !err); audit_free_rule(entry); break; default: |