Discussion:
[PATCH] audit: use existing session info function
(too old to reply)
Richard Guy Briggs
2018-05-18 02:01:48 UTC
Permalink
Use the existing audit_log_session_info() function rather than
hardcoding its functionality.

Signed-off-by: Richard Guy Briggs <***@redhat.com>
---
kernel/auditfilter.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index d7a807e..9e87377 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -1089,8 +1089,6 @@ static void audit_list_rules(int seq, struct sk_buff_head *q)
static void audit_log_rule_change(char *action, struct audit_krule *rule, int res)
{
struct audit_buffer *ab;
- uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(current));
- unsigned int sessionid = audit_get_sessionid(current);

if (!audit_enabled)
return;
@@ -1098,7 +1096,7 @@ static void audit_log_rule_change(char *action, struct audit_krule *rule, int re
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
if (!ab)
return;
- audit_log_format(ab, "auid=%u ses=%u" ,loginuid, sessionid);
+ audit_log_session_info(ab);
audit_log_task_context(ab);
audit_log_format(ab, " op=%s", action);
audit_log_key(ab, rule->filterkey);
--
1.8.3.1
Paul Moore
2018-05-18 19:49:53 UTC
Permalink
Post by Richard Guy Briggs
Use the existing audit_log_session_info() function rather than
hardcoding its functionality.
---
kernel/auditfilter.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
Merged into audit/next, thanks.
Post by Richard Guy Briggs
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index d7a807e..9e87377 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -1089,8 +1089,6 @@ static void audit_list_rules(int seq, struct sk_buff_head *q)
static void audit_log_rule_change(char *action, struct audit_krule *rule, int res)
{
struct audit_buffer *ab;
- uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(current));
- unsigned int sessionid = audit_get_sessionid(current);
if (!audit_enabled)
return;
@@ -1098,7 +1096,7 @@ static void audit_log_rule_change(char *action, struct audit_krule *rule, int re
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
if (!ab)
return;
- audit_log_format(ab, "auid=%u ses=%u" ,loginuid, sessionid);
+ audit_log_session_info(ab);
audit_log_task_context(ab);
audit_log_format(ab, " op=%s", action);
audit_log_key(ab, rule->filterkey);
--
1.8.3.1
--
paul moore
www.paul-moore.com
Loading...