Commit 98cf5bbf authored by John Johansen's avatar John Johansen

apparmor: fix logging of the existence test for signals

The existence test is not being properly logged as the signal mapping
maps it to the last entry in the named signal table. This is done
to help catch bugs by making the 0 mapped signal value invalid so
that we can catch the signal value not being filled in.

When fixing the off-by-one comparision logic the reporting of the
existence test was broken, because the logic behind the mapped named
table was hidden. Fix this by adding a define for the name lookup
and using it.

Cc: Stable <stable@vger.kernel.org>
Fixes: f7dc4c9a ("apparmor: fix off-by-one comparison on MAXMAPPED_SIG")
Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
parent b5beb07a
...@@ -2,6 +2,8 @@ ...@@ -2,6 +2,8 @@
#define SIGUNKNOWN 0 #define SIGUNKNOWN 0
#define MAXMAPPED_SIG 35 #define MAXMAPPED_SIG 35
#define MAXMAPPED_SIGNAME (MAXMAPPED_SIG + 1)
/* provide a mapping of arch signal to internal signal # for mediation /* provide a mapping of arch signal to internal signal # for mediation
* those that are always an alias SIGCLD for SIGCLHD and SIGPOLL for SIGIO * those that are always an alias SIGCLD for SIGCLHD and SIGPOLL for SIGIO
* map to the same entry those that may/or may not get a separate entry * map to the same entry those that may/or may not get a separate entry
...@@ -56,7 +58,7 @@ static const int sig_map[MAXMAPPED_SIG] = { ...@@ -56,7 +58,7 @@ static const int sig_map[MAXMAPPED_SIG] = {
}; };
/* this table is ordered post sig_map[sig] mapping */ /* this table is ordered post sig_map[sig] mapping */
static const char *const sig_names[MAXMAPPED_SIG + 1] = { static const char *const sig_names[MAXMAPPED_SIGNAME] = {
"unknown", "unknown",
"hup", "hup",
"int", "int",
......
...@@ -174,7 +174,7 @@ static void audit_signal_cb(struct audit_buffer *ab, void *va) ...@@ -174,7 +174,7 @@ static void audit_signal_cb(struct audit_buffer *ab, void *va)
audit_signal_mask(ab, aad(sa)->denied); audit_signal_mask(ab, aad(sa)->denied);
} }
} }
if (aad(sa)->signal < MAXMAPPED_SIG) if (aad(sa)->signal < MAXMAPPED_SIGNAME)
audit_log_format(ab, " signal=%s", sig_names[aad(sa)->signal]); audit_log_format(ab, " signal=%s", sig_names[aad(sa)->signal]);
else else
audit_log_format(ab, " signal=rtmin+%d", audit_log_format(ab, " signal=rtmin+%d",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment