Add bug fixes for link security auditing

svn path=/dists/sid/linux/; revision=19441

debian/changelog

@@ -94,6 +94,8 @@ linux (3.2.32-1) UNRELEASED; urgency=low
     - sched: Better debug output for might sleep
     - stomp_machine: Use mutex_trylock when called from inactive cpu
   * [x86] storvsc: Account for in-transit packets in the RESET path
+  * fs: handle failed audit_log_start properly
+  * fs: prevent use after free in auditing when symlink following was denied
 
  -- Ben Hutchings <ben@decadent.org.uk>  Sat, 29 Sep 2012 14:19:46 +0200
 

debian/patches/features/all/fs-handle-failed-audit_log_start-properly.patch

@@ -0,0 +1,30 @@
+From: Sasha Levin <sasha.levin@oracle.com>
+Date: Thu, 4 Oct 2012 19:57:31 -0400
+Subject: fs: handle failed audit_log_start properly
+
+commit d1c7d97ad58836affde6e39980b96527510b572e upstream.
+
+audit_log_start() may return NULL, this is unchecked by the caller in
+audit_log_link_denied() and could cause a NULL ptr deref.
+
+Introduced by commit a51d9eaa ("fs: add link restriction audit reporting").
+
+Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+---
+ kernel/audit.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/kernel/audit.c b/kernel/audit.c
+index 4d0ceed..40414e9 100644
+--- a/kernel/audit.c
++++ b/kernel/audit.c
+@@ -1440,6 +1440,8 @@ void audit_log_link_denied(const char *operation, struct path *link)
+ 
+ 	ab = audit_log_start(current->audit_context, GFP_KERNEL,
+ 			     AUDIT_ANOM_LINK);
++	if (!ab)
++		return;
+ 	audit_log_format(ab, "op=%s action=denied", operation);
+ 	audit_log_format(ab, " pid=%d comm=", current->pid);
+ 	audit_log_untrustedstring(ab, current->comm);

debian/patches/features/all/fs-prevent-use-after-free-in-auditing-when-symlink-f.patch

@@ -0,0 +1,30 @@
+From: Sasha Levin <sasha.levin@oracle.com>
+Date: Thu, 4 Oct 2012 19:56:40 -0400
+Subject: fs: prevent use after free in auditing when symlink following was
+ denied
+
+commit ffd8d101a3a7d3f2e79deee1e342801703b6dc70 upstream.
+
+Commit "fs: add link restriction audit reporting" has added auditing of failed
+attempts to follow symlinks. Unfortunately, the auditing was being done after
+the struct path structure was released earlier.
+
+Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+---
+ fs/namei.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -664,9 +664,9 @@ static inline int may_follow_link(struct
+ 	if (parent->i_uid == inode->i_uid)
+ 		return 0;
+ 
++	audit_log_link_denied("follow_link", link);
+ 	path_put_conditional(link, nd);
+ 	path_put(&nd->path);
+-	audit_log_link_denied("follow_link", link);
+ 	return -EACCES;
+ }
+ 

debian/patches/series

@@ -64,6 +64,8 @@ features/all/hwmon-it87-Add-IT8728F-support.patch
 # Add link security restrictions from 3.6
 features/all/fs-add-link-restrictions.patch
 features/all/fs-add-link-restriction-audit-reporting.patch
+features/all/fs-handle-failed-audit_log_start-properly.patch
+features/all/fs-prevent-use-after-free-in-auditing-when-symlink-f.patch
 
 # Update all Hyper-V drivers to 3.4-rc1 (no longer staging)
 features/x86/hyperv/0001-NLS-improve-UTF8-UTF16-string-conversion-routine.patch