kernel-ark/kernel
Al Viro 291041e935 fix bogus reporting of signals by audit
Async signals should not be reported as sent by current in audit log.  As
it is, we call audit_signal_info() too early in check_kill_permission().
Note that check_kill_permission() has that test already - it needs to know
if it should apply current-based permission checks.  So the solution is to
move the call of audit_signal_info() between those.

Bogosity in question is easily reproduced - add a rule watching for e.g.
kill(2) from specific process (so that audit_signal_info() would not
short-circuit to nothing), say load_policy, watch the bogus OBJ_PID entry
in audit logs claiming that write(2) on selinuxfs file issued by
load_policy(8) had somehow managed to send a signal to syslogd...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Steve Grubb <sgrubb@redhat.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-07 16:28:43 -07:00
..
irq request_irq: fix DEBUG_SHIRQ handling 2007-08-31 01:42:23 -07:00
power hibernation doesn't even build on frv - tons of helpers are missing 2007-09-26 09:22:04 -07:00
time Fix timer_stats printout of events/sec 2007-10-07 16:28:43 -07:00
.gitignore
acct.c
audit.c
audit.h
auditfilter.c
auditsc.c kernel/auditsc.c: fix an off-by-one 2007-08-22 19:52:44 -07:00
capability.c
compat.c
configs.c
cpu.c PM: Fix dependencies of CONFIG_SUSPEND and CONFIG_HIBERNATION 2007-08-31 01:42:22 -07:00
cpuset.c
delayacct.c
die_notifier.c
dma.c
exec_domain.c
exit.c signalfd simplification 2007-09-20 13:19:59 -07:00
extable.c
fork.c signalfd simplification 2007-09-20 13:19:59 -07:00
futex_compat.c robust futex thread exit race 2007-10-01 07:52:23 -07:00
futex.c robust futex thread exit race 2007-10-01 07:52:23 -07:00
hrtimer.c
itimer.c
kallsyms.c
Kconfig.hz
Kconfig.preempt
kexec.c
kfifo.c
kmod.c Restore call_usermodehelper_pipe() behaviour 2007-09-11 17:21:20 -07:00
kprobes.c
ksysfs.c
kthread.c
latency.c
lockdep_internals.h
lockdep_proc.c
lockdep.c
Makefile
module.c Fix Off-by-one in /sys/module/*/refcnt 2007-08-22 14:35:35 -07:00
mutex-debug.c
mutex-debug.h
mutex.c
mutex.h
nsproxy.c
panic.c
params.c
pid.c
posix-cpu-timers.c
posix-timers.c posix-timers: fix creation race 2007-08-22 19:52:46 -07:00
printk.c fix - ensure we don't use bootconsoles after init has been released 2007-08-21 20:23:53 -07:00
profile.c
ptrace.c Fix spurious syscall tracing after PTRACE_DETACH + PTRACE_ATTACH 2007-09-10 18:57:47 -07:00
rcupdate.c
rcutorture.c
relay.c
resource.c
rtmutex_common.h
rtmutex-debug.c
rtmutex-debug.h
rtmutex-tester.c
rtmutex.c
rtmutex.h
rwsem.c
sched_debug.c sched: debug: fix sum_exec_runtime clearing 2007-09-05 14:32:49 +02:00
sched_fair.c sched: fix profile=sleep 2007-10-02 14:13:08 +02:00
sched_idletask.c
sched_rt.c sched: optimize task_tick_rt() a bit 2007-08-24 20:39:10 +02:00
sched_stats.h
sched.c sched: fix invalid sched_class use 2007-09-19 23:34:46 +02:00
seccomp.c
signal.c fix bogus reporting of signals by audit 2007-10-07 16:28:43 -07:00
softirq.c
softlockup.c
spinlock.c
srcu.c
stacktrace.c
stop_machine.c
sys_ni.c
sys.c Fix SMP poweroff hangs 2007-10-01 07:52:23 -07:00
sysctl.c sched: add /proc/sys/kernel/sched_compat_yield 2007-09-19 23:34:46 +02:00
taskstats.c
time.c
timer.c
tsacct.c
uid16.c
user_namespace.c Fix user namespace exiting OOPs 2007-09-19 11:24:18 -07:00
user.c Fix user namespace exiting OOPs 2007-09-19 11:24:18 -07:00
utsname_sysctl.c
utsname.c Fix UTS corruption during clone(CLONE_NEWUTS) 2007-09-19 11:24:17 -07:00
wait.c
workqueue.c fix bogus hotplug cpu warning 2007-08-27 10:27:48 -07:00