lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1384447002.3813.6.camel@localhost>
Date:	Thu, 14 Nov 2013 11:36:42 -0500
From:	Eric Paris <eparis@...hat.com>
To:	torvalds@...ux-foundation.org
Cc:	rgb@...hat.com, linux-kernel@...r.kernel.org
Subject: [GIT PULL] Audit tree for 3.13

Please pull audit changes for 3.13.  

git://git.infradead.org/users/eparis/audit.git master

Nothing amazing.  Formatting, small bug fixes, couple of fixes where we
didn't get records due to some old VFS changes, and a change to how we
collect execve info...

There is a merge conflict which sfr has been carrying in linux-next in
fs/exec.c due to some changes in the bprm handling.  It is easy for you
to solve.  My instructions to sfr on solving the conflict was:

1) Take everything of Linus's
2) delete the 4 line audit_bprm() block of code
3) call audit_bprm() inside exec_binprm() just before
trace_sched_process_exec().   Note: audit_bprm() now returns void.

My merge diff was:

diff --cc fs/exec.c
index 8875dd1,c5c24f2..47d7edb
--- a/fs/exec.c
+++ b/fs/exec.c
@@@ -1385,71 -1383,72 +1385,68 @@@ int search_binary_handler(struct linux_
        if (retval)
                return retval;
  
-       retval = audit_bprm(bprm);
-       if (retval)
-               return retval;
- 
 +      retval = -ENOENT;
 + retry:
 +      read_lock(&binfmt_lock);
 +      list_for_each_entry(fmt, &formats, lh) {
 +              if (!try_module_get(fmt->module))
 +                      continue;
 +              read_unlock(&binfmt_lock);
 +              bprm->recursion_depth++;
 +              retval = fmt->load_binary(bprm);
 +              bprm->recursion_depth--;
 +              if (retval >= 0 || retval != -ENOEXEC ||
 +                  bprm->mm == NULL || bprm->file == NULL) {
 +                      put_binfmt(fmt);
 +                      return retval;
 +              }
 +              read_lock(&binfmt_lock);
 +              put_binfmt(fmt);
 +      }
 +      read_unlock(&binfmt_lock);
 +
 +      if (need_retry && retval == -ENOEXEC) {
 +              if (printable(bprm->buf[0]) && printable(bprm->buf[1]) &&
 +                  printable(bprm->buf[2]) && printable(bprm->buf[3]))
 +                      return retval;
 +              if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0)
 +                      return retval;
 +              need_retry = false;
 +              goto retry;
 +      }
 +
 +      return retval;
 +}
 +EXPORT_SYMBOL(search_binary_handler);
 +
 +static int exec_binprm(struct linux_binprm *bprm)
 +{
 +      pid_t old_pid, old_vpid;
 +      int ret;
 +
        /* Need to fetch pid before load_binary changes it */
        old_pid = current->pid;
        rcu_read_lock();
        old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
        rcu_read_unlock();
  
 -      retval = -ENOENT;
 -      for (try=0; try<2; try++) {
 -              read_lock(&binfmt_lock);
 -              list_for_each_entry(fmt, &formats, lh) {
 -                      int (*fn)(struct linux_binprm *) = fmt->load_binary;
 -                      if (!fn)
 -                              continue;
 -                      if (!try_module_get(fmt->module))
 -                              continue;
 -                      read_unlock(&binfmt_lock);
 -                      bprm->recursion_depth = depth + 1;
 -                      retval = fn(bprm);
 -                      bprm->recursion_depth = depth;
 -                      if (retval >= 0) {
 -                              if (depth == 0) {
 -                                      audit_bprm(bprm);
 -                                      trace_sched_process_exec(current, old_pid, bprm);
 -                                      ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
 -                              }
 -                              put_binfmt(fmt);
 -                              allow_write_access(bprm->file);
 -                              if (bprm->file)
 -                                      fput(bprm->file);
 -                              bprm->file = NULL;
 -                              current->did_exec = 1;
 -                              proc_exec_connector(current);
 -                              return retval;
 -                      }
 -                      read_lock(&binfmt_lock);
 -                      put_binfmt(fmt);
 -                      if (retval != -ENOEXEC || bprm->mm == NULL)
 -                              break;
 -                      if (!bprm->file) {
 -                              read_unlock(&binfmt_lock);
 -                              return retval;
 -                      }
 +      ret = search_binary_handler(bprm);
 +      if (ret >= 0) {
++              audit_bprm(bprm);
 +              trace_sched_process_exec(current, old_pid, bprm);
 +              ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
 +              current->did_exec = 1;
 +              proc_exec_connector(current);
 +
 +              if (bprm->file) {
 +                      allow_write_access(bprm->file);
 +                      fput(bprm->file);
 +                      bprm->file = NULL; /* to catch use-after-free */
                }
 -              read_unlock(&binfmt_lock);
 -#ifdef CONFIG_MODULES
 -              if (retval != -ENOEXEC || bprm->mm == NULL) {
 -                      break;
 -              } else {
 -#define printable(c) (((c)=='\t') || ((c)=='\n') || (0x20<=(c) && (c)<=0x7e))
 -                      if (printable(bprm->buf[0]) &&
 -                          printable(bprm->buf[1]) &&
 -                          printable(bprm->buf[2]) &&
 -                          printable(bprm->buf[3]))
 -                              break; /* -ENOEXEC */
 -                      if (try)
 -                              break; /* -ENOEXEC */
 -                      request_module("binfmt-%04x", *(unsigned short *)(&bprm->buf[2]));
 -              }
 -#else
 -              break;
 -#endif
        }
 -      return retval;
 -}
  
 -EXPORT_SYMBOL(search_binary_handler);
 +      return ret;
 +}
  
  /*
   * sys_execve() executes a new program.


The following changes since commit 6e4664525b1db28f8c4e1130957f70a94c19213e:

  Linux 3.11 (2013-09-02 13:46:10 -0700)

are available in the git repository at:

  git://git.infradead.org/users/eparis/audit.git master

for you to fetch changes up to 9175c9d2aed528800175ef81c90569d00d23f9be:

  audit: fix type of sessionid in audit_set_loginuid() (2013-11-06 11:47:24 -0500)

----------------------------------------------------------------
Eric Paris (10):
      audit: implement generic feature setting and retrieving
      selinux: apply selinux checks on new audit message types
      audit: loginuid functions coding style
      audit: remove CONFIG_AUDIT_LOGINUID_IMMUTABLE
      audit: allow unsetting the loginuid (with priv)
      audit: audit feature to only allow unsetting the loginuid
      audit: audit feature to set loginuid immutable
      audit: use memset instead of trying to initialize field by field
      audit: do not reject all AUDIT_INODE filter types
      audit: fix type of sessionid in audit_set_loginuid()

Eric W. Biederman (1):
      audit: Kill the unused struct audit_aux_data_capset

Gao feng (1):
      Audit: remove duplicate comments

Ilya V. Matveychikov (1):
      audit: remove duplicate inclusion of the netlink header

Jeff Layton (2):
      audit: add child record before the create to handle case where create fails
      audit: log the audit_names record type

Mathias Krause (2):
      audit: fix info leak in AUDIT_GET requests
      audit: use nlmsg_len() to get message payload length

Oleg Nesterov (1):
      audit_alloc: clear TIF_SYSCALL_AUDIT if !audit_context

Richard Guy Briggs (9):
      audit: format user messages to size of MAX_AUDIT_MESSAGE_LENGTH
      audit: remove newline accidentally added during session id helper refactor
      audit: change decimal constant to macro for invalid uid
      audit: update AUDIT_INODE filter rule to comparator function
      audit: use given values in tty_audit enable api
      audit: suppress stock memalloc failure warnings since already managed
      audit: remove unused envc member of audit_aux_data_execve
      audit: move audit_aux_data_execve contents into audit_context union
      audit: call audit_bprm() only once to add AUDIT_EXECVE information

Tyler Hicks (1):
      audit: printk USER_AVC messages when audit isn't enabled

 fs/exec.c                   |   5 +----
 fs/namei.c                  |   1 +
 fs/proc/base.c              |  14 ++++++++++----
 include/linux/audit.h       |  15 +++++++--------
 include/uapi/linux/audit.h  |  26 ++++++++++++++++++++++++++
 init/Kconfig                |  14 --------------
 kernel/audit.c              | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------
 kernel/audit.h              |   3 +++
 kernel/auditfilter.c        |   3 ++-
 kernel/auditsc.c            | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------------------------------------------------
 security/lsm_audit.c        |   3 ++-
 security/selinux/nlmsgtab.c |   2 ++
 12 files changed, 259 insertions(+), 113 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ