Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-12 23:23:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

tty: audit: Poison tty_audit_buf while process exits

Browse Source 
Warn if tty_audit_buf use is attempted after tty_audit_exit() has
already freed it.

Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Peter Hurley 2016-01-09 22:55:39 -08:00 committed by Greg Kroah-Hartman
parent 82b5c93a00
commit 55b6314a17
1 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
drivers/tty/tty_audit.c
View File

@ -21,6 +21,15 @@ struct tty_audit_buf {
unsigned char *data; /* Allocated size N_TTY_BUF_SIZE */ unsigned char *data; /* Allocated size N_TTY_BUF_SIZE */
}; };
static struct tty_audit_buf *tty_audit_buf_ref(void)
{
struct tty_audit_buf *buf;
buf = current->signal->tty_audit_buf;
WARN_ON(buf == ERR_PTR(-ESRCH));
return buf;
}
static struct tty_audit_buf *tty_audit_buf_alloc(void) static struct tty_audit_buf *tty_audit_buf_alloc(void)
{ {
struct tty_audit_buf *buf; struct tty_audit_buf *buf;
@ -106,8 +115,7 @@ void tty_audit_exit(void)
{ {
struct tty_audit_buf *buf; struct tty_audit_buf *buf;
buf = current->signal->tty_audit_buf; buf = xchg(&current->signal->tty_audit_buf, ERR_PTR(-ESRCH));
current->signal->tty_audit_buf = NULL;
if (!buf) if (!buf)
return; return;
@ -158,8 +166,8 @@ int tty_audit_push(void)
if (~current->signal->audit_tty & AUDIT_TTY_ENABLE) if (~current->signal->audit_tty & AUDIT_TTY_ENABLE)
return -EPERM; return -EPERM;
buf = current->signal->tty_audit_buf; buf = tty_audit_buf_ref();
if (buf) { if (!IS_ERR_OR_NULL(buf)) {
mutex_lock(&buf->mutex); mutex_lock(&buf->mutex);
tty_audit_buf_push(buf); tty_audit_buf_push(buf);
mutex_unlock(&buf->mutex); mutex_unlock(&buf->mutex);
@ -171,13 +179,14 @@ int tty_audit_push(void)
* tty_audit_buf_get - Get an audit buffer. * tty_audit_buf_get - Get an audit buffer.
* *
* Get an audit buffer, allocate it if necessary. Return %NULL * Get an audit buffer, allocate it if necessary. Return %NULL
* if out of memory. Otherwise, return a new reference to the buffer. * if out of memory or ERR_PTR(-ESRCH) if tty_audit_exit() has already
* occurred. Otherwise, return a new reference to the buffer.
*/ */
static struct tty_audit_buf *tty_audit_buf_get(void) static struct tty_audit_buf *tty_audit_buf_get(void)
{ {
struct tty_audit_buf *buf; struct tty_audit_buf *buf;
buf = current->signal->tty_audit_buf; buf = tty_audit_buf_ref();
if (buf) if (buf)
return buf; return buf;
@ -190,7 +199,7 @@ static struct tty_audit_buf *tty_audit_buf_get(void)
/* Race to use this buffer, free it if another wins */ /* Race to use this buffer, free it if another wins */
if (cmpxchg(&current->signal->tty_audit_buf, NULL, buf) != NULL) if (cmpxchg(&current->signal->tty_audit_buf, NULL, buf) != NULL)
tty_audit_buf_free(buf); tty_audit_buf_free(buf);
return current->signal->tty_audit_buf; return tty_audit_buf_ref();
} }
/** /**
@ -220,7 +229,7 @@ void tty_audit_add_data(struct tty_struct *tty, const void *data, size_t size)
return; return;
buf = tty_audit_buf_get(); buf = tty_audit_buf_get();
if (!buf) if (IS_ERR_OR_NULL(buf))
return; return;
mutex_lock(&buf->mutex); mutex_lock(&buf->mutex);