From: Alexander Viro <aviro@redhat.com>
Subject: [RHEL 5.1 PATCH] bz#251232
Date: Tue, 7 Aug 2007 19:13:16 -0400
Bugzilla: 251232
Message-Id: <20070807231316.GY13539@devserv.devel.redhat.com>
Changelog: [audit] sub-tree signal handling fix
Check for audit_signals is misplaced, check for audit_dummy_context()
is missing. So if we send signal to auditd with audit_signals > 0 and
from a process with NULL ->audit_context, we get an oops there
--- linux-2.6.18.x86_64/kernel/auditsc.c 2007-08-07 17:17:08.000000000 -0400
+++ linux-2.6.18.x86_64-1/kernel/auditsc.c 2007-08-07 17:44:02.000000000 -0400
@@ -2124,19 +2124,19 @@
extern uid_t audit_sig_uid;
extern u32 audit_sig_sid;
- if (audit_pid && t->tgid == audit_pid &&
- (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1)) {
- audit_sig_pid = tsk->pid;
- if (ctx)
- audit_sig_uid = ctx->loginuid;
- else
- audit_sig_uid = tsk->uid;
- selinux_get_task_sid(tsk, &audit_sig_sid);
+ if (audit_pid && t->tgid == audit_pid) {
+ if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1) {
+ audit_sig_pid = tsk->pid;
+ if (ctx)
+ audit_sig_uid = ctx->loginuid;
+ else
+ audit_sig_uid = tsk->uid;
+ selinux_get_task_sid(tsk, &audit_sig_sid);
+ }
+ if (!audit_signals || audit_dummy_context())
+ return 0;
}
- if (!audit_signals) /* audit_context checked in wrapper */
- return 0;
-
/* optimize the common case by putting first signal recipient directly
* in audit_context */
if (!ctx->target_pid) {
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
fc11cd6e1c513a17304da94a5390f3cd
>
files
>
3744
