Signed-off-by: John Johansen <[email protected]>
---
security/apparmor/audit.c | 23 +++++++++++++++--------
security/apparmor/include/audit.h | 5 ++---
security/apparmor/lsm.c | 2 +-
3 files changed, 18 insertions(+), 12 deletions(-)
diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index 7ffb818..796752f 100644
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -130,19 +130,26 @@ static void audit_pre(struct audit_buffer *ab, void *ca)
audit_log_format(ab, " error=%d", sa->aad->error);
}
- if (sa->aad->profile) {
- struct aa_profile *profile = sa->aad->profile;
+ if (sa->aad->label) {
+ struct aa_label *label = sa->aad->label;
pid_t pid;
rcu_read_lock();
pid = rcu_dereference(tsk->real_parent)->pid;
rcu_read_unlock();
audit_log_format(ab, " parent=%d", pid);
- if (profile->ns != root_ns) {
- audit_log_format(ab, " namespace=");
- audit_log_untrustedstring(ab, profile->ns->base.hname);
+ if (label_isprofile(label)) {
+ struct aa_profile *profile = labels_profile(label);
+ if (profile->ns != root_ns) {
+ audit_log_format(ab, " namespace=");
+ audit_log_untrustedstring(ab,
+
profile->ns->base.hname);
+ }
+ audit_log_format(ab, " profile=");
+ audit_log_untrustedstring(ab, profile->base.hname);
+ } else {
+ audit_log_format(ab, " label=");
+ aa_label_audit(ab, root_ns, label, false, GFP_ATOMIC);
}
- audit_log_format(ab, " profile=");
- audit_log_untrustedstring(ab, profile->base.hname);
}
if (sa->aad->name) {
@@ -206,7 +213,7 @@ int aa_audit(int type, struct aa_profile *profile, gfp_t
gfp,
type = AUDIT_APPARMOR_KILL;
if (!profile_unconfined(profile))
- sa->aad->profile = profile;
+ sa->aad->label = &profile->label;
aa_audit_msg(type, sa, cb);
diff --git a/security/apparmor/include/audit.h
b/security/apparmor/include/audit.h
index 30e8d76..4bd6b8a 100644
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -22,8 +22,7 @@
#include <linux/slab.h>
#include "file.h"
-
-struct aa_profile;
+#include "label.h"
extern const char *const audit_mode_names[];
#define AUDIT_MAX_INDEX 5
@@ -106,7 +105,7 @@ struct apparmor_audit_data {
int error;
int op;
int type;
- void *profile;
+ struct aa_label *label;
const char *name;
const char *info;
struct task_struct *tsk;
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 55f76d9..c4eb445 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -595,7 +595,7 @@ static int apparmor_setprocattr(struct task_struct *task,
char *name,
fail:
sa.type = LSM_AUDIT_DATA_NONE;
sa.aad = &aad;
- aad.profile = labels_profile(aa_current_label());
+ aad.label = aa_current_label();
aad.op = OP_SETPROCATTR;
aad.info = name;
aad.error = -EINVAL;
--
1.8.1.2
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
