apparmor: move task from common_audit_data to apparmor_audit_data
apparmor is the only LSM that uses the common_audit_data tsk field.
Instead of making all LSMs pay for the stack space move the aa usage into
the apparmor_audit_data.
Signed-off-by: Eric Paris <eparis@redhat.com>
diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index cc3520d..3ae28db 100644
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -111,7 +111,7 @@
static void audit_pre(struct audit_buffer *ab, void *ca)
{
struct common_audit_data *sa = ca;
- struct task_struct *tsk = sa->tsk ? sa->tsk : current;
+ struct task_struct *tsk = sa->aad->tsk ? sa->aad->tsk : current;
if (aa_g_audit_header) {
audit_log_format(ab, "apparmor=");
@@ -149,6 +149,12 @@
audit_log_format(ab, " name=");
audit_log_untrustedstring(ab, sa->aad->name);
}
+
+ if (sa->aad->tsk) {
+ audit_log_format(ab, " pid=%d comm=", tsk->pid);
+ audit_log_untrustedstring(ab, tsk->comm);
+ }
+
}
/**
@@ -205,7 +211,8 @@
aa_audit_msg(type, sa, cb);
if (sa->aad->type == AUDIT_APPARMOR_KILL)
- (void)send_sig_info(SIGKILL, NULL, sa->tsk ? sa->tsk : current);
+ (void)send_sig_info(SIGKILL, NULL,
+ sa->aad->tsk ? sa->aad->tsk : current);
if (sa->aad->type == AUDIT_APPARMOR_ALLOWED)
return complain_error(sa->aad->error);
diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index 3ecb8b7..b66a0e4 100644
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c
@@ -67,8 +67,8 @@
struct apparmor_audit_data aad = {0,};
COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_CAP);
sa.aad = &aad;
- sa.tsk = task;
sa.u.cap = cap;
+ sa.aad->tsk = task;
sa.aad->op = OP_CAPABLE;
sa.aad->error = error;
diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h
index 3868b1e..4b7e189 100644
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -110,6 +110,7 @@
void *profile;
const char *name;
const char *info;
+ struct task_struct *tsk;
union {
void *target;
struct {
