Fix auditing of canonical mode (rhbz 1188695)
This commit is contained in:
parent
1c448df41f
commit
fcaffe5661
|
@ -0,0 +1,64 @@
|
|||
From 9983ea5b8ff57286d625787ee8fd6ce5df430fbc Mon Sep 17 00:00:00 2001
|
||||
From: Laura Abbott <labbott@fedoraproject.org>
|
||||
Date: Wed, 13 May 2015 17:03:06 -0700
|
||||
Subject: [PATCH] n_tty: Fix auditing support for cannonical mode
|
||||
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
To: Jiri Slaby <jslaby@suse.cz>
|
||||
To: Peter Hurley <peter@hurleysoftware.com>
|
||||
To: Andy Lutomirski <luto@amacapital.net>
|
||||
Cc: linux-kernel@vger.kernel.org
|
||||
|
||||
Commit 32f13521ca68bc624ff6effc77f308a52b038bf0
|
||||
("n_tty: Line copy to user buffer in canonical mode")
|
||||
changed cannonical mode copying to use copy_to_user
|
||||
but missed adding the call to the audit framework.
|
||||
Add in the appropriate functions to get audit support.
|
||||
|
||||
Fixes: 32f13521ca68 ("n_tty: Line copy to user buffer in canonical mode")
|
||||
Reported-by: Miloslav Trmač <mitr@redhat.com>
|
||||
Signed-off-by: Laura Abbott <labbott@fedoraproject.org>
|
||||
---
|
||||
drivers/tty/n_tty.c | 17 ++++++++++++++---
|
||||
1 file changed, 14 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c
|
||||
index cf6e0f2..1a3d39b 100644
|
||||
--- a/drivers/tty/n_tty.c
|
||||
+++ b/drivers/tty/n_tty.c
|
||||
@@ -162,6 +162,17 @@ static inline int tty_put_user(struct tty_struct *tty, unsigned char x,
|
||||
return put_user(x, ptr);
|
||||
}
|
||||
|
||||
+static inline int tty_copy_to_user(struct tty_struct *tty,
|
||||
+ void __user *to,
|
||||
+ const void *from,
|
||||
+ unsigned long n)
|
||||
+{
|
||||
+ struct n_tty_data *ldata = tty->disc_data;
|
||||
+
|
||||
+ tty_audit_add_data(tty, to, n, ldata->icanon);
|
||||
+ return copy_to_user(to, from, n);
|
||||
+}
|
||||
+
|
||||
/**
|
||||
* n_tty_kick_worker - start input worker (if required)
|
||||
* @tty: terminal
|
||||
@@ -2072,12 +2083,12 @@ static int canon_copy_from_read_buf(struct tty_struct *tty,
|
||||
__func__, eol, found, n, c, size, more);
|
||||
|
||||
if (n > size) {
|
||||
- ret = copy_to_user(*b, read_buf_addr(ldata, tail), size);
|
||||
+ ret = tty_copy_to_user(tty, *b, read_buf_addr(ldata, tail), size);
|
||||
if (ret)
|
||||
return -EFAULT;
|
||||
- ret = copy_to_user(*b + size, ldata->read_buf, n - size);
|
||||
+ ret = tty_copy_to_user(tty, *b + size, ldata->read_buf, n - size);
|
||||
} else
|
||||
- ret = copy_to_user(*b, read_buf_addr(ldata, tail), n);
|
||||
+ ret = tty_copy_to_user(tty, *b, read_buf_addr(ldata, tail), n);
|
||||
|
||||
if (ret)
|
||||
return -EFAULT;
|
||||
--
|
||||
2.1.0
|
||||
|
|
@ -802,6 +802,9 @@ Patch26216: 0001-target-use-vfs_iter_read-write-in-fd_do_rw.patch
|
|||
#CVE-2015-1420 rhbz 1187534 1227417
|
||||
Patch26217: vfs-read-file_handle-only-once-in-handle_to_path.patch
|
||||
|
||||
#rhbz 1188695
|
||||
Patch26218: 0001-n_tty-Fix-auditing-support-for-cannonical-mode.patch
|
||||
|
||||
# END OF PATCH DEFINITIONS
|
||||
|
||||
%endif
|
||||
|
@ -1573,6 +1576,9 @@ ApplyPatch 0001-target-use-vfs_iter_read-write-in-fd_do_rw.patch
|
|||
#CVE-2015-1420 rhbz 1187534 1227417
|
||||
ApplyPatch vfs-read-file_handle-only-once-in-handle_to_path.patch
|
||||
|
||||
#rhbz 1188695
|
||||
ApplyPatch 0001-n_tty-Fix-auditing-support-for-cannonical-mode.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
%endif
|
||||
|
@ -2384,6 +2390,9 @@ fi
|
|||
# ||----w |
|
||||
# || ||
|
||||
%changelog
|
||||
* Wed Jun 03 2015 Laura Abbott <labbott@fedoraproject.org>
|
||||
- Fix auditing of canonical mode (rhbz 1188695)
|
||||
|
||||
* Wed Jun 03 2015 Josh Boyer <jwboyer@fedoraproject.org>
|
||||
- CVE-2015-1420 fhandle race condition (rhbz 1187534 1227417)
|
||||
|
||||
|
|
Loading…
Reference in New Issue