From b50819f437c094b4beb2e8684fbe12bbe79fb331 Mon Sep 17 00:00:00 2001 From: Peter Hurley Date: Sat, 9 Jan 2016 22:55:30 -0800 Subject: tty: audit: Ignore current association for audit push In canonical read mode, each line read and logged is pushed separately with tty_audit_push(). For all single-threaded processes and multi-threaded processes reading from only one tty, this patch has no effect; the last line read will still be the entry pushed to the audit log because the tty association cannot have changed between tty_audit_add_data() and tty_audit_push(). For multi-threaded processes reading from different ttys concurrently, the audit log will have mixed log entries anyway. Consider two ttys audited concurrently: CPU0 CPU1 ---------- ------------ tty_audit_add_data(ttyA) tty_audit_add_data(ttyB) tty_audit_push() tty_audit_add_data(ttyB) tty_audit_push() This patch will now cause the ttyB output to be split into separate audit log entries. However, this possibility is equally likely without this patch: CPU0 CPU1 ---------- ------------ tty_audit_add_data(ttyB) tty_audit_add_data(ttyA) tty_audit_push() tty_audit_add_data(ttyB) tty_audit_push() Mixed canonical and non-canonical reads have similar races. Signed-off-by: Peter Hurley Signed-off-by: Greg Kroah-Hartman --- drivers/tty/n_tty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'drivers/tty/n_tty.c') diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c index 4fbc5defbcd8..827206914b02 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -2072,7 +2072,7 @@ static int canon_copy_from_read_buf(struct tty_struct *tty, ldata->line_start = ldata->read_tail; else ldata->push = 0; - tty_audit_push(tty); + tty_audit_push(); } return 0; } -- cgit v1.2.1