apparmor: move task from common_audit_data to apparmor_audit_data

apparmor is the only LSM that uses the common_audit_data tsk field.
Instead of making all LSMs pay for the stack space move the aa usage into
the apparmor_audit_data.

Signed-off-by: Eric Paris <eparis@redhat.com>

diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index cc3520d39a78dbc3b8283fa195138ad6786f6071..3ae28db5a64fb8595aadf512ebca42020e4e8106 100644 (file)
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -111,7 +111,7 @@ static const char *const aa_audit_type[] = {
 static void audit_pre(struct audit_buffer *ab, void *ca)
 {
        struct common_audit_data *sa = ca;
-       struct task_struct *tsk = sa->tsk ? sa->tsk : current;
+       struct task_struct *tsk = sa->aad->tsk ? sa->aad->tsk : current;
 
        if (aa_g_audit_header) {
                audit_log_format(ab, "apparmor=");
@@ -149,6 +149,12 @@ static void audit_pre(struct audit_buffer *ab, void *ca)
                audit_log_format(ab, " name=");
                audit_log_untrustedstring(ab, sa->aad->name);
        }
+
+       if (sa->aad->tsk) {
+               audit_log_format(ab, " pid=%d comm=", tsk->pid);
+               audit_log_untrustedstring(ab, tsk->comm);
+       }
+
 }
 
 /**
@@ -205,7 +211,8 @@ int aa_audit(int type, struct aa_profile *profile, gfp_t gfp,
        aa_audit_msg(type, sa, cb);
 
        if (sa->aad->type == AUDIT_APPARMOR_KILL)
-               (void)send_sig_info(SIGKILL, NULL, sa->tsk ? sa->tsk : current);
+               (void)send_sig_info(SIGKILL, NULL,
+                                   sa->aad->tsk ?  sa->aad->tsk : current);
 
        if (sa->aad->type == AUDIT_APPARMOR_ALLOWED)
                return complain_error(sa->aad->error);

diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index 3ecb8b7d850275fae0ed33d2b358eb673d34d83a..b66a0e4a56933a89ab63095635474dba5f7f7f6e 100644 (file)
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c
@@ -67,8 +67,8 @@ static int audit_caps(struct aa_profile *profile, struct task_struct *task,
        struct apparmor_audit_data aad = {0,};
        COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_CAP);
        sa.aad = &aad;
-       sa.tsk = task;
        sa.u.cap = cap;
+       sa.aad->tsk = task;
        sa.aad->op = OP_CAPABLE;
        sa.aad->error = error;
 

diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h
index 3868b1e5d5baa729b8ff0fcfd1d89060b8cf71c5..4b7e18951aea31da2fd90cf7635f1d2707df1034 100644 (file)
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -110,6 +110,7 @@ struct apparmor_audit_data {
        void *profile;
        const char *name;
        const char *info;
+       struct task_struct *tsk;
        union {
                void *target;
                struct {