audit,module: restore audit logging in load failure case

The move of the module sanity check to earlier skipped the audit logging
call in the case of failure and to a place where the previously used
context is unavailable.

Add an audit logging call for the module loading failure case and get
the module name when possible.

Link: https://issues.redhat.com/browse/RHEL-52839
Fixes: 02da2cbab452 ("module: move check_modinfo() early to early_mod_check()")
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Reviewed-by: Petr Pavlu <petr.pavlu@suse.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/include/linux/audit.h b/include/linux/audit.h
index 0050ef288ab3cef002a4aaf02c8fe6cf039ed67d..a394614ccd0b81e199dbe1d9ad81de4d766ad3b3 100644 (file)
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -417,7 +417,7 @@ extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
 extern void __audit_log_capset(const struct cred *new, const struct cred *old);
 extern void __audit_mmap_fd(int fd, int flags);
 extern void __audit_openat2_how(struct open_how *how);
-extern void __audit_log_kern_module(char *name);
+extern void __audit_log_kern_module(const char *name);
 extern void __audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar);
 extern void __audit_tk_injoffset(struct timespec64 offset);
 extern void __audit_ntp_log(const struct audit_ntp_data *ad);
@@ -519,7 +519,7 @@ static inline void audit_openat2_how(struct open_how *how)
                __audit_openat2_how(how);
 }
 
-static inline void audit_log_kern_module(char *name)
+static inline void audit_log_kern_module(const char *name)
 {
        if (!audit_dummy_context())
                __audit_log_kern_module(name);
@@ -677,9 +677,8 @@ static inline void audit_mmap_fd(int fd, int flags)
 static inline void audit_openat2_how(struct open_how *how)
 { }
 
-static inline void audit_log_kern_module(char *name)
-{
-}
+static inline void audit_log_kern_module(const char *name)
+{ }
 
 static inline void audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar)
 { }

diff --git a/kernel/audit.h b/kernel/audit.h
index 0211cb307d3028f805fa130bcd68331b5d64c62c..2a24d01c5fb0e28372389d3f9e8b73acc084e4b4 100644 (file)
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -200,7 +200,7 @@ struct audit_context {
                        int                     argc;
                } execve;
                struct {
-                       char                    *name;
+                       const char              *name;
                } module;
                struct {
                        struct audit_ntp_data   ntp_data;

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 78fd876a5473fb6d0a5c5cb535aa84e1bb05c670..eb98cd6fe91fb575c18f694efc05d6124d851a60 100644 (file)
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2864,7 +2864,7 @@ void __audit_openat2_how(struct open_how *how)
        context->type = AUDIT_OPENAT2;
 }
 
-void __audit_log_kern_module(char *name)
+void __audit_log_kern_module(const char *name)
 {
        struct audit_context *context = audit_context();
 

diff --git a/kernel/module/main.c b/kernel/module/main.c
index 413ac6ea37021bc8ae260f624ca2745ed85333fc..1ac487d2f7c4b28f56a3e11ff34ce2a8c997ef3b 100644 (file)
--- a/kernel/module/main.c
+++ b/kernel/module/main.c
@@ -3368,7 +3368,7 @@ static int load_module(struct load_info *info, const char __user *uargs,
 
        module_allocated = true;
 
-       audit_log_kern_module(mod->name);
+       audit_log_kern_module(info->name);
 
        /* Reserve our place in the list. */
        err = add_unformed_module(mod);
@@ -3532,8 +3532,10 @@ static int load_module(struct load_info *info, const char __user *uargs,
         * failures once the proper module was allocated and
         * before that.
         */
-       if (!module_allocated)
+       if (!module_allocated) {
+               audit_log_kern_module(info->name ? info->name : "?");
                mod_stat_bump_becoming(info, flags);
+       }
        free_copy(info, flags);
        return err;
 }