Re: FAILED: patch "[PATCH] audit: convert PPIDs to the inital PID namespace." failed to apply to 3.14-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 14/05/01, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
> 
> The patch below does not apply to the 3.14-stable tree.
> If someone wants it applied there, or to any other stable or longterm
> tree, then please email the backport, including the original git commit
> id to <stable@xxxxxxxxxxxxxxx>.

Odd.  It applies to my checkout of 3.14.y at tag 3.14.2 with:

patching file kernel/audit.c
Hunk #1 succeeded at 1829 (offset 10 lines).
patching file kernel/auditsc.c
Hunk #1 succeeded at 459 (offset -6 lines).

Are the offsets the problem?

> thanks,
> 
> greg k-h
> 
> ------------------ original commit in Linus's tree ------------------
> 
> From c92cdeb45eea38515e82187f48c2e4f435fb4e25 Mon Sep 17 00:00:00 2001
> From: Richard Guy Briggs <rgb@xxxxxxxxxx>
> Date: Tue, 10 Dec 2013 22:10:41 -0500
> Subject: [PATCH] audit: convert PPIDs to the inital PID namespace.
> 
> sys_getppid() returns the parent pid of the current process in its own pid
> namespace.  Since audit filters are based in the init pid namespace, a process
> could avoid a filter or trigger an unintended one by being in an alternate pid
> namespace or log meaningless information.
> 
> Switch to task_ppid_nr() for PPIDs to anchor all audit filters in the
> init_pid_ns.
> 
> (informed by ebiederman's 6c621b7e)
> Cc: stable@xxxxxxxxxxxxxxx
> Cc: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> Signed-off-by: Richard Guy Briggs <rgb@xxxxxxxxxx>
> 
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 7b44bd47759c..e1e1b2137048 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -1819,10 +1819,10 @@ void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
>  	spin_unlock_irq(&tsk->sighand->siglock);
>  
>  	audit_log_format(ab,
> -			 " ppid=%ld pid=%d auid=%u uid=%u gid=%u"
> +			 " ppid=%d pid=%d auid=%u uid=%u gid=%u"
>  			 " euid=%u suid=%u fsuid=%u"
>  			 " egid=%u sgid=%u fsgid=%u tty=%s ses=%u",
> -			 sys_getppid(),
> +			 task_ppid_nr(tsk),
>  			 tsk->pid,
>  			 from_kuid(&init_user_ns, audit_get_loginuid(tsk)),
>  			 from_kuid(&init_user_ns, cred->uid),
> diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> index 57bf178ca7d5..a6cf7ab56e61 100644
> --- a/kernel/auditsc.c
> +++ b/kernel/auditsc.c
> @@ -465,7 +465,7 @@ static int audit_filter_rules(struct task_struct *tsk,
>  		case AUDIT_PPID:
>  			if (ctx) {
>  				if (!ctx->ppid)
> -					ctx->ppid = sys_getppid();
> +					ctx->ppid = task_ppid_nr(tsk);
>  				result = audit_comparator(ctx->ppid, f->op, f->val);
>  			}
>  			break;
> 

- RGB

--
Richard Guy Briggs <rbriggs@xxxxxxxxxx>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]