aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAhmed S. Darwish <darwish.07@gmail.com>2008-03-01 15:01:11 -0500
committerJames Morris <jmorris@namei.org>2008-04-18 19:52:37 -0400
commitd7a96f3a1ae279a2129653d6cb18d722f2f00f91 (patch)
treefc38736f303133f80912f1640f2d4fac0027fe04
parent03d37d25e0f91b28c4b6d002be6221f1af4b19d8 (diff)
Audit: internally use the new LSM audit hooks
Convert Audit to use the new LSM Audit hooks instead of the exported SELinux interface. Basically, use: security_audit_rule_init secuirty_audit_rule_free security_audit_rule_known security_audit_rule_match instad of (respectively) : selinux_audit_rule_init selinux_audit_rule_free audit_rule_has_selinux selinux_audit_rule_match Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
-rw-r--r--kernel/audit.c7
-rw-r--r--kernel/auditfilter.c61
-rw-r--r--kernel/auditsc.c9
3 files changed, 22 insertions, 55 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 784a48e9f382..a7b16086d36f 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -21,7 +21,7 @@
21 * 21 *
22 * Written by Rickard E. (Rik) Faith <faith@redhat.com> 22 * Written by Rickard E. (Rik) Faith <faith@redhat.com>
23 * 23 *
24 * Goals: 1) Integrate fully with SELinux. 24 * Goals: 1) Integrate fully with Security Modules.
25 * 2) Minimal run-time overhead: 25 * 2) Minimal run-time overhead:
26 * a) Minimal when syscall auditing is disabled (audit_enable=0). 26 * a) Minimal when syscall auditing is disabled (audit_enable=0).
27 * b) Small when syscall auditing is enabled and no audit record 27 * b) Small when syscall auditing is enabled and no audit record
@@ -55,7 +55,6 @@
55#include <net/netlink.h> 55#include <net/netlink.h>
56#include <linux/skbuff.h> 56#include <linux/skbuff.h>
57#include <linux/netlink.h> 57#include <linux/netlink.h>
58#include <linux/selinux.h>
59#include <linux/inotify.h> 58#include <linux/inotify.h>
60#include <linux/freezer.h> 59#include <linux/freezer.h>
61#include <linux/tty.h> 60#include <linux/tty.h>
@@ -882,10 +881,6 @@ static int __init audit_init(void)
882 audit_enabled = audit_default; 881 audit_enabled = audit_default;
883 audit_ever_enabled |= !!audit_default; 882 audit_ever_enabled |= !!audit_default;
884 883
885 /* Register the callback with selinux. This callback will be invoked
886 * when a new policy is loaded. */
887 selinux_audit_set_callback(&selinux_audit_rule_update);
888
889 audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized"); 884 audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized");
890 885
891#ifdef CONFIG_AUDITSYSCALL 886#ifdef CONFIG_AUDITSYSCALL
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 35e58a146eff..7c69cb5e44fb 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -29,7 +29,6 @@
29#include <linux/sched.h> 29#include <linux/sched.h>
30#include <linux/inotify.h> 30#include <linux/inotify.h>
31#include <linux/security.h> 31#include <linux/security.h>
32#include <linux/selinux.h>
33#include "audit.h" 32#include "audit.h"
34 33
35/* 34/*
@@ -39,7 +38,7 @@
39 * Synchronizes writes and blocking reads of audit's filterlist 38 * Synchronizes writes and blocking reads of audit's filterlist
40 * data. Rcu is used to traverse the filterlist and access 39 * data. Rcu is used to traverse the filterlist and access
41 * contents of structs audit_entry, audit_watch and opaque 40 * contents of structs audit_entry, audit_watch and opaque
42 * selinux rules during filtering. If modified, these structures 41 * LSM rules during filtering. If modified, these structures
43 * must be copied and replace their counterparts in the filterlist. 42 * must be copied and replace their counterparts in the filterlist.
44 * An audit_parent struct is not accessed during filtering, so may 43 * An audit_parent struct is not accessed during filtering, so may
45 * be written directly provided audit_filter_mutex is held. 44 * be written directly provided audit_filter_mutex is held.
@@ -141,7 +140,7 @@ static inline void audit_free_rule(struct audit_entry *e)
141 for (i = 0; i < e->rule.field_count; i++) { 140 for (i = 0; i < e->rule.field_count; i++) {
142 struct audit_field *f = &e->rule.fields[i]; 141 struct audit_field *f = &e->rule.fields[i];
143 kfree(f->se_str); 142 kfree(f->se_str);
144 selinux_audit_rule_free(f->se_rule); 143 security_audit_rule_free(f->se_rule);
145 } 144 }
146 kfree(e->rule.fields); 145 kfree(e->rule.fields);
147 kfree(e->rule.filterkey); 146 kfree(e->rule.filterkey);
@@ -598,12 +597,12 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
598 goto exit_free; 597 goto exit_free;
599 entry->rule.buflen += f->val; 598 entry->rule.buflen += f->val;
600 599
601 err = selinux_audit_rule_init(f->type, f->op, str, 600 err = security_audit_rule_init(f->type, f->op, str,
602 &f->se_rule); 601 (void **)&f->se_rule);
603 /* Keep currently invalid fields around in case they 602 /* Keep currently invalid fields around in case they
604 * become valid after a policy reload. */ 603 * become valid after a policy reload. */
605 if (err == -EINVAL) { 604 if (err == -EINVAL) {
606 printk(KERN_WARNING "audit rule for selinux " 605 printk(KERN_WARNING "audit rule for LSM "
607 "\'%s\' is invalid\n", str); 606 "\'%s\' is invalid\n", str);
608 err = 0; 607 err = 0;
609 } 608 }
@@ -863,9 +862,9 @@ out:
863 return new; 862 return new;
864} 863}
865 864
866/* Duplicate selinux field information. The se_rule is opaque, so must be 865/* Duplicate LSM field information. The se_rule is opaque, so must be
867 * re-initialized. */ 866 * re-initialized. */
868static inline int audit_dupe_selinux_field(struct audit_field *df, 867static inline int audit_dupe_lsm_field(struct audit_field *df,
869 struct audit_field *sf) 868 struct audit_field *sf)
870{ 869{
871 int ret = 0; 870 int ret = 0;
@@ -878,12 +877,12 @@ static inline int audit_dupe_selinux_field(struct audit_field *df,
878 df->se_str = se_str; 877 df->se_str = se_str;
879 878
880 /* our own (refreshed) copy of se_rule */ 879 /* our own (refreshed) copy of se_rule */
881 ret = selinux_audit_rule_init(df->type, df->op, df->se_str, 880 ret = security_audit_rule_init(df->type, df->op, df->se_str,
882 &df->se_rule); 881 (void **)&df->se_rule);
883 /* Keep currently invalid fields around in case they 882 /* Keep currently invalid fields around in case they
884 * become valid after a policy reload. */ 883 * become valid after a policy reload. */
885 if (ret == -EINVAL) { 884 if (ret == -EINVAL) {
886 printk(KERN_WARNING "audit rule for selinux \'%s\' is " 885 printk(KERN_WARNING "audit rule for LSM \'%s\' is "
887 "invalid\n", df->se_str); 886 "invalid\n", df->se_str);
888 ret = 0; 887 ret = 0;
889 } 888 }
@@ -892,7 +891,7 @@ static inline int audit_dupe_selinux_field(struct audit_field *df,
892} 891}
893 892
894/* Duplicate an audit rule. This will be a deep copy with the exception 893/* Duplicate an audit rule. This will be a deep copy with the exception
895 * of the watch - that pointer is carried over. The selinux specific fields 894 * of the watch - that pointer is carried over. The LSM specific fields
896 * will be updated in the copy. The point is to be able to replace the old 895 * will be updated in the copy. The point is to be able to replace the old
897 * rule with the new rule in the filterlist, then free the old rule. 896 * rule with the new rule in the filterlist, then free the old rule.
898 * The rlist element is undefined; list manipulations are handled apart from 897 * The rlist element is undefined; list manipulations are handled apart from
@@ -945,7 +944,7 @@ static struct audit_entry *audit_dupe_rule(struct audit_krule *old,
945 case AUDIT_OBJ_TYPE: 944 case AUDIT_OBJ_TYPE:
946 case AUDIT_OBJ_LEV_LOW: 945 case AUDIT_OBJ_LEV_LOW:
947 case AUDIT_OBJ_LEV_HIGH: 946 case AUDIT_OBJ_LEV_HIGH:
948 err = audit_dupe_selinux_field(&new->fields[i], 947 err = audit_dupe_lsm_field(&new->fields[i],
949 &old->fields[i]); 948 &old->fields[i]);
950 break; 949 break;
951 case AUDIT_FILTERKEY: 950 case AUDIT_FILTERKEY:
@@ -1763,38 +1762,12 @@ unlock_and_return:
1763 return result; 1762 return result;
1764} 1763}
1765 1764
1766/* Check to see if the rule contains any selinux fields. Returns 1 if there
1767 are selinux fields specified in the rule, 0 otherwise. */
1768static inline int audit_rule_has_selinux(struct audit_krule *rule)
1769{
1770 int i;
1771
1772 for (i = 0; i < rule->field_count; i++) {
1773 struct audit_field *f = &rule->fields[i];
1774 switch (f->type) {
1775 case AUDIT_SUBJ_USER:
1776 case AUDIT_SUBJ_ROLE:
1777 case AUDIT_SUBJ_TYPE:
1778 case AUDIT_SUBJ_SEN:
1779 case AUDIT_SUBJ_CLR:
1780 case AUDIT_OBJ_USER:
1781 case AUDIT_OBJ_ROLE:
1782 case AUDIT_OBJ_TYPE:
1783 case AUDIT_OBJ_LEV_LOW:
1784 case AUDIT_OBJ_LEV_HIGH:
1785 return 1;
1786 }
1787 }
1788
1789 return 0;
1790}
1791
1792/* This function will re-initialize the se_rule field of all applicable rules. 1765/* This function will re-initialize the se_rule field of all applicable rules.
1793 * It will traverse the filter lists serarching for rules that contain selinux 1766 * It will traverse the filter lists serarching for rules that contain LSM
1794 * specific filter fields. When such a rule is found, it is copied, the 1767 * specific filter fields. When such a rule is found, it is copied, the
1795 * selinux field is re-initialized, and the old rule is replaced with the 1768 * LSM field is re-initialized, and the old rule is replaced with the
1796 * updated rule. */ 1769 * updated rule. */
1797int selinux_audit_rule_update(void) 1770int audit_update_lsm_rules(void)
1798{ 1771{
1799 struct audit_entry *entry, *n, *nentry; 1772 struct audit_entry *entry, *n, *nentry;
1800 struct audit_watch *watch; 1773 struct audit_watch *watch;
@@ -1806,7 +1779,7 @@ int selinux_audit_rule_update(void)
1806 1779
1807 for (i = 0; i < AUDIT_NR_FILTERS; i++) { 1780 for (i = 0; i < AUDIT_NR_FILTERS; i++) {
1808 list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) { 1781 list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) {
1809 if (!audit_rule_has_selinux(&entry->rule)) 1782 if (!security_audit_rule_known(&entry->rule))
1810 continue; 1783 continue;
1811 1784
1812 watch = entry->rule.watch; 1785 watch = entry->rule.watch;
@@ -1817,7 +1790,7 @@ int selinux_audit_rule_update(void)
1817 * return value */ 1790 * return value */
1818 if (!err) 1791 if (!err)
1819 err = PTR_ERR(nentry); 1792 err = PTR_ERR(nentry);
1820 audit_panic("error updating selinux filters"); 1793 audit_panic("error updating LSM filters");
1821 if (watch) 1794 if (watch)
1822 list_del(&entry->rule.rlist); 1795 list_del(&entry->rule.rlist);
1823 list_del_rcu(&entry->list); 1796 list_del_rcu(&entry->list);
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 6a83c706b504..c0700535e5c5 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -61,7 +61,6 @@
61#include <linux/security.h> 61#include <linux/security.h>
62#include <linux/list.h> 62#include <linux/list.h>
63#include <linux/tty.h> 63#include <linux/tty.h>
64#include <linux/selinux.h>
65#include <linux/binfmts.h> 64#include <linux/binfmts.h>
66#include <linux/highmem.h> 65#include <linux/highmem.h>
67#include <linux/syscalls.h> 66#include <linux/syscalls.h>
@@ -533,7 +532,7 @@ static int audit_filter_rules(struct task_struct *tsk,
533 security_task_getsecid(tsk, &sid); 532 security_task_getsecid(tsk, &sid);
534 need_sid = 0; 533 need_sid = 0;
535 } 534 }
536 result = selinux_audit_rule_match(sid, f->type, 535 result = security_audit_rule_match(sid, f->type,
537 f->op, 536 f->op,
538 f->se_rule, 537 f->se_rule,
539 ctx); 538 ctx);
@@ -549,12 +548,12 @@ static int audit_filter_rules(struct task_struct *tsk,
549 if (f->se_rule) { 548 if (f->se_rule) {
550 /* Find files that match */ 549 /* Find files that match */
551 if (name) { 550 if (name) {
552 result = selinux_audit_rule_match( 551 result = security_audit_rule_match(
553 name->osid, f->type, f->op, 552 name->osid, f->type, f->op,
554 f->se_rule, ctx); 553 f->se_rule, ctx);
555 } else if (ctx) { 554 } else if (ctx) {
556 for (j = 0; j < ctx->name_count; j++) { 555 for (j = 0; j < ctx->name_count; j++) {
557 if (selinux_audit_rule_match( 556 if (security_audit_rule_match(
558 ctx->names[j].osid, 557 ctx->names[j].osid,
559 f->type, f->op, 558 f->type, f->op,
560 f->se_rule, ctx)) { 559 f->se_rule, ctx)) {
@@ -570,7 +569,7 @@ static int audit_filter_rules(struct task_struct *tsk,
570 aux = aux->next) { 569 aux = aux->next) {
571 if (aux->type == AUDIT_IPC) { 570 if (aux->type == AUDIT_IPC) {
572 struct audit_aux_data_ipcctl *axi = (void *)aux; 571 struct audit_aux_data_ipcctl *axi = (void *)aux;
573 if (selinux_audit_rule_match(axi->osid, f->type, f->op, f->se_rule, ctx)) { 572 if (security_audit_rule_match(axi->osid, f->type, f->op, f->se_rule, ctx)) {
574 ++result; 573 ++result;
575 break; 574 break;
576 } 575 }