[RFC PATCH] audit: Fix possible return value truncation in audit_get_context()

[RFC PATCH] audit: Fix possible return value truncation in audit_get_context()

[Paul Moore]

The audit subsystem treats syscall return codes as type long, unfortunately
the audit_get_context() function mistakenly converts the return code to an
int type in the parameters which could cause problems on systems where the
sizeof(int) != sizeof(long).

Signed-off-by: Paul Moore <paul.moore@hp.com>
---

 kernel/auditsc.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 8cbddff..8d76dfc 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -751,7 +751,7 @@ static void audit_set_auditable(struct audit_context *ctx)
 
 static inline struct audit_context *audit_get_context(struct task_struct *tsk,
 						      int return_valid,
-						      int return_code)
+						      long return_code)
 {
 	struct audit_context *context = tsk->audit_context;
 

Re: [RFC PATCH] audit: Fix possible return value truncation in audit_get_context()

[Alexander Viro]

On Wed, Apr 01, 2009 at 03:47:27PM -0400, Paul Moore wrote:
> The audit subsystem treats syscall return codes as type long, unfortunately
> the audit_get_context() function mistakenly converts the return code to an
> int type in the parameters which could cause problems on systems where the
> sizeof(int) != sizeof(long).
> 
> Signed-off-by: Paul Moore <paul.moore@hp.com>

Applied.  E.g. for mmap() it's actually easy to trigger on 64bit boxen.