apparmor: move task from common_audit_data to apparmor_audit_data
apparmor is the only LSM that uses the common_audit_data tsk field. Instead of making all LSMs pay for the stack space move the aa usage into the apparmor_audit_data. Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
parent
bd5e50f9c1
commit
0972c74ecb
|
@ -111,7 +111,7 @@ static const char *const aa_audit_type[] = {
|
||||||
static void audit_pre(struct audit_buffer *ab, void *ca)
|
static void audit_pre(struct audit_buffer *ab, void *ca)
|
||||||
{
|
{
|
||||||
struct common_audit_data *sa = ca;
|
struct common_audit_data *sa = ca;
|
||||||
struct task_struct *tsk = sa->tsk ? sa->tsk : current;
|
struct task_struct *tsk = sa->aad->tsk ? sa->aad->tsk : current;
|
||||||
|
|
||||||
if (aa_g_audit_header) {
|
if (aa_g_audit_header) {
|
||||||
audit_log_format(ab, "apparmor=");
|
audit_log_format(ab, "apparmor=");
|
||||||
|
@ -149,6 +149,12 @@ static void audit_pre(struct audit_buffer *ab, void *ca)
|
||||||
audit_log_format(ab, " name=");
|
audit_log_format(ab, " name=");
|
||||||
audit_log_untrustedstring(ab, sa->aad->name);
|
audit_log_untrustedstring(ab, sa->aad->name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (sa->aad->tsk) {
|
||||||
|
audit_log_format(ab, " pid=%d comm=", tsk->pid);
|
||||||
|
audit_log_untrustedstring(ab, tsk->comm);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -205,7 +211,8 @@ int aa_audit(int type, struct aa_profile *profile, gfp_t gfp,
|
||||||
aa_audit_msg(type, sa, cb);
|
aa_audit_msg(type, sa, cb);
|
||||||
|
|
||||||
if (sa->aad->type == AUDIT_APPARMOR_KILL)
|
if (sa->aad->type == AUDIT_APPARMOR_KILL)
|
||||||
(void)send_sig_info(SIGKILL, NULL, sa->tsk ? sa->tsk : current);
|
(void)send_sig_info(SIGKILL, NULL,
|
||||||
|
sa->aad->tsk ? sa->aad->tsk : current);
|
||||||
|
|
||||||
if (sa->aad->type == AUDIT_APPARMOR_ALLOWED)
|
if (sa->aad->type == AUDIT_APPARMOR_ALLOWED)
|
||||||
return complain_error(sa->aad->error);
|
return complain_error(sa->aad->error);
|
||||||
|
|
|
@ -67,8 +67,8 @@ static int audit_caps(struct aa_profile *profile, struct task_struct *task,
|
||||||
struct apparmor_audit_data aad = {0,};
|
struct apparmor_audit_data aad = {0,};
|
||||||
COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_CAP);
|
COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_CAP);
|
||||||
sa.aad = &aad;
|
sa.aad = &aad;
|
||||||
sa.tsk = task;
|
|
||||||
sa.u.cap = cap;
|
sa.u.cap = cap;
|
||||||
|
sa.aad->tsk = task;
|
||||||
sa.aad->op = OP_CAPABLE;
|
sa.aad->op = OP_CAPABLE;
|
||||||
sa.aad->error = error;
|
sa.aad->error = error;
|
||||||
|
|
||||||
|
|
|
@ -110,6 +110,7 @@ struct apparmor_audit_data {
|
||||||
void *profile;
|
void *profile;
|
||||||
const char *name;
|
const char *name;
|
||||||
const char *info;
|
const char *info;
|
||||||
|
struct task_struct *tsk;
|
||||||
union {
|
union {
|
||||||
void *target;
|
void *target;
|
||||||
struct {
|
struct {
|
||||||
|
|
Reference in New Issue