On Wed, 2014-04-02 at 12:19 -0400, Richard Guy Briggs wrote: > When task->comm is passed directly to audit_log_untrustedstring() without > getting a copy or using the task_lock, there is a race that could happen that > would output a NULL (\0) in the output string that would effectively truncate > the rest of the report text after the comm= field in the audit, losing fields. > > Use get_task_comm() to get a copy while acquiring the task_lock to prevent > this and to prevent the result from being a mixture of old and new values of > comm. > > Signed-off-by: Richard Guy Briggs <r...@redhat.com> > --- > security/integrity/integrity_audit.c | 3 ++- > 1 files changed, 2 insertions(+), 1 deletions(-) > > diff --git a/security/integrity/integrity_audit.c > b/security/integrity/integrity_audit.c > index 85253b5..11706a2 100644 > --- a/security/integrity/integrity_audit.c > +++ b/security/integrity/integrity_audit.c > @@ -33,6 +33,7 @@ void integrity_audit_msg(int audit_msgno, struct inode > *inode, > const char *cause, int result, int audit_info) > { > struct audit_buffer *ab; > + char comm[sizeof(current->comm)]; > > if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ > return; > @@ -49,7 +50,7 @@ void integrity_audit_msg(int audit_msgno, struct inode > *inode, > audit_log_format(ab, " cause="); > audit_log_string(ab, cause); > audit_log_format(ab, " comm="); > - audit_log_untrustedstring(ab, current->comm); > + audit_log_untrustedstring(ab, get_task_comm(comm, current)); > if (fname) { > audit_log_format(ab, " name="); > audit_log_untrustedstring(ab, fname);
This change is already being upstreamed as commit 73a6b44 "Integrity: Pass commname via get_task_comm()". thanks, Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/