diff options
Diffstat (limited to 'security/integrity/ima/ima_audit.c')
| -rw-r--r-- | security/integrity/ima/ima_audit.c | 32 |
1 files changed, 7 insertions, 25 deletions
diff --git a/security/integrity/ima/ima_audit.c b/security/integrity/ima/ima_audit.c index 1e082bb987b..ff513ff737f 100644 --- a/security/integrity/ima/ima_audit.c +++ b/security/integrity/ima/ima_audit.c | |||
| @@ -22,18 +22,9 @@ static int ima_audit; | |||
| 22 | static int __init ima_audit_setup(char *str) | 22 | static int __init ima_audit_setup(char *str) |
| 23 | { | 23 | { |
| 24 | unsigned long audit; | 24 | unsigned long audit; |
| 25 | int rc, result = 0; | ||
| 26 | char *op = "ima_audit"; | ||
| 27 | char *cause; | ||
| 28 | 25 | ||
| 29 | rc = strict_strtoul(str, 0, &audit); | 26 | if (!strict_strtoul(str, 0, &audit)) |
| 30 | if (rc || audit > 1) | 27 | ima_audit = audit ? 1 : 0; |
| 31 | result = 1; | ||
| 32 | else | ||
| 33 | ima_audit = audit; | ||
| 34 | cause = ima_audit ? "enabled" : "not_enabled"; | ||
| 35 | integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL, | ||
| 36 | op, cause, result, 0); | ||
| 37 | return 1; | 28 | return 1; |
| 38 | } | 29 | } |
| 39 | __setup("ima_audit=", ima_audit_setup); | 30 | __setup("ima_audit=", ima_audit_setup); |
| @@ -50,23 +41,14 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode, | |||
| 50 | 41 | ||
| 51 | ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); | 42 | ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); |
| 52 | audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u ses=%u", | 43 | audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u ses=%u", |
| 53 | current->pid, current->cred->uid, | 44 | current->pid, current_cred()->uid, |
| 54 | audit_get_loginuid(current), | 45 | audit_get_loginuid(current), |
| 55 | audit_get_sessionid(current)); | 46 | audit_get_sessionid(current)); |
| 56 | audit_log_task_context(ab); | 47 | audit_log_task_context(ab); |
| 57 | switch (audit_msgno) { | 48 | audit_log_format(ab, " op="); |
| 58 | case AUDIT_INTEGRITY_DATA: | 49 | audit_log_string(ab, op); |
| 59 | case AUDIT_INTEGRITY_METADATA: | 50 | audit_log_format(ab, " cause="); |
| 60 | case AUDIT_INTEGRITY_PCR: | 51 | audit_log_string(ab, cause); |
| 61 | case AUDIT_INTEGRITY_STATUS: | ||
| 62 | audit_log_format(ab, " op=%s cause=%s", op, cause); | ||
| 63 | break; | ||
| 64 | case AUDIT_INTEGRITY_HASH: | ||
| 65 | audit_log_format(ab, " op=%s hash=%s", op, cause); | ||
| 66 | break; | ||
| 67 | default: | ||
| 68 | audit_log_format(ab, " op=%s", op); | ||
| 69 | } | ||
| 70 | audit_log_format(ab, " comm="); | 52 | audit_log_format(ab, " comm="); |
| 71 | audit_log_untrustedstring(ab, current->comm); | 53 | audit_log_untrustedstring(ab, current->comm); |
| 72 | if (fname) { | 54 | if (fname) { |