audit: skip sessionid sentinel value when auto-incrementing

Submitted by Richard Guy Briggs on Nov. 10, 2016, 6:41 a.m.

Details

Message ID 2e99896c655ae31ea481240692a720e9701b0a76.1478758980.git.rgb@redhat.com
State New
Series "audit: skip sessionid sentinel value when auto-incrementing"
Headers show

Commit Message

Richard Guy Briggs Nov. 10, 2016, 6:41 a.m.
The value (unsigned int)-1 is used as a sentinel to indicate the
sessionID is unset.  Skip this value when the session_id value wraps.

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
---
 kernel/auditsc.c |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

Patch hide | download patch | download mbox

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 5abf1dc..e414dfa 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2025,8 +2025,11 @@  int audit_set_loginuid(kuid_t loginuid)
 		goto out;
 
 	/* are we setting or clearing? */
-	if (uid_valid(loginuid))
+	if (uid_valid(loginuid)) {
 		sessionid = (unsigned int)atomic_inc_return(&session_id);
+		if (unlikely(sessionid == (unsigned int)-1))
+			sessionid = (unsigned int)atomic_inc_return(&session_id);
+	}
 
 	task->sessionid = sessionid;
 	task->loginuid = loginuid;

Comments

Paul Moore Nov. 14, 2016, 8:17 p.m.
On Thu, Nov 10, 2016 at 1:41 AM, Richard Guy Briggs <rgb@redhat.com> wrote:
> The value (unsigned int)-1 is used as a sentinel to indicate the
> sessionID is unset.  Skip this value when the session_id value wraps.
>
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> ---
>  kernel/auditsc.c |    5 ++++-
>  1 files changed, 4 insertions(+), 1 deletions(-)

Since we haven't merged the session ID kernel patches into audit#next
yet, why don't you just squash this patch in with the session ID patch
and resubmit upstream in one nice neat patch.

> diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> index 5abf1dc..e414dfa 100644
> --- a/kernel/auditsc.c
> +++ b/kernel/auditsc.c
> @@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid)
>                 goto out;
>
>         /* are we setting or clearing? */
> -       if (uid_valid(loginuid))
> +       if (uid_valid(loginuid)) {
>                 sessionid = (unsigned int)atomic_inc_return(&session_id);
> +               if (unlikely(sessionid == (unsigned int)-1))
> +                       sessionid = (unsigned int)atomic_inc_return(&session_id);
> +       }
>
>         task->sessionid = sessionid;
>         task->loginuid = loginuid;
> --
> 1.7.1
>
> --
> Linux-audit mailing list
> Linux-audit@redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit