This patch translates the call of interface audit_log_start to
the namespace aware interface audit_log_start_ns.
After we finish translation, we can rename audit_log_start_ns
to audit_log_start.
Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
---
kernel/audit.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index f723fe2..926d59b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1489,9 +1489,10 @@ void audit_log_key(struct audit_buffer *ab, char *key)
void audit_log_link_denied(const char *operation, struct path *link)
{
struct audit_buffer *ab;
+ struct user_namespace *ns = current_user_ns();
- ab = audit_log_start(current->audit_context, GFP_KERNEL,
- AUDIT_ANOM_LINK);
+ ab = audit_log_start_ns(ns, current->audit_context, GFP_KERNEL,
+ AUDIT_ANOM_LINK);
if (!ab)
return;
audit_log_format(ab, "op=%s action=denied", operation);
@@ -1501,7 +1502,7 @@ void audit_log_link_denied(const char *operation, struct path *link)
audit_log_format(ab, " dev=");
audit_log_untrustedstring(ab, link->dentry->d_inode->i_sb->s_id);
audit_log_format(ab, " ino=%lu", link->dentry->d_inode->i_ino);
- audit_log_end(ab);
+ audit_log_end_ns(ns, ab);
}
void audit_log_end_ns(struct user_namespace *ns, struct audit_buffer *ab)
@@ -1558,12 +1559,12 @@ void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
struct audit_buffer *ab;
va_list args;
- ab = audit_log_start(ctx, gfp_mask, type);
+ ab = audit_log_start_ns(&init_user_ns, ctx, gfp_mask, type);
if (ab) {
va_start(args, fmt);
audit_log_vformat(ab, fmt, args);
va_end(args);
- audit_log_end(ab);
+ audit_log_end_ns(&init_user_ns, ab);
}
}
--
1.8.1.4
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/containers
