diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-09-10 02:24:56 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-09-13 18:27:06 -0400 |
commit | 1f067a682a9bd252107ac6f6946b7332fde42344 (patch) | |
tree | 379bbbf02f0a802453e585a2a482192409308fbb | |
parent | 059d84dbb3897d4ee494a9c842c5dda54316cb47 (diff) |
TOMOYO: Allow controlling generation of access granted logs for per an entry basis.
Add per-entry flag which controls generation of grant logs because Xen and KVM
issues ioctl requests so frequently. For example,
file ioctl /dev/null 0x5401 grant_log=no
will suppress /sys/kernel/security/tomoyo/audit even if preference says
grant_log=yes .
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/tomoyo/audit.c | 7 | ||||
-rw-r--r-- | security/tomoyo/common.c | 4 | ||||
-rw-r--r-- | security/tomoyo/common.h | 12 | ||||
-rw-r--r-- | security/tomoyo/condition.c | 15 | ||||
-rw-r--r-- | security/tomoyo/domain.c | 1 |
5 files changed, 38 insertions, 1 deletions
diff --git a/security/tomoyo/audit.c b/security/tomoyo/audit.c index 5dbb1f7617c0..075c3a6d1649 100644 --- a/security/tomoyo/audit.c +++ b/security/tomoyo/audit.c | |||
@@ -313,6 +313,7 @@ static unsigned int tomoyo_log_count; | |||
313 | */ | 313 | */ |
314 | static bool tomoyo_get_audit(const struct tomoyo_policy_namespace *ns, | 314 | static bool tomoyo_get_audit(const struct tomoyo_policy_namespace *ns, |
315 | const u8 profile, const u8 index, | 315 | const u8 profile, const u8 index, |
316 | const struct tomoyo_acl_info *matched_acl, | ||
316 | const bool is_granted) | 317 | const bool is_granted) |
317 | { | 318 | { |
318 | u8 mode; | 319 | u8 mode; |
@@ -324,6 +325,9 @@ static bool tomoyo_get_audit(const struct tomoyo_policy_namespace *ns, | |||
324 | p = tomoyo_profile(ns, profile); | 325 | p = tomoyo_profile(ns, profile); |
325 | if (tomoyo_log_count >= p->pref[TOMOYO_PREF_MAX_AUDIT_LOG]) | 326 | if (tomoyo_log_count >= p->pref[TOMOYO_PREF_MAX_AUDIT_LOG]) |
326 | return false; | 327 | return false; |
328 | if (is_granted && matched_acl && matched_acl->cond && | ||
329 | matched_acl->cond->grant_log != TOMOYO_GRANTLOG_AUTO) | ||
330 | return matched_acl->cond->grant_log == TOMOYO_GRANTLOG_YES; | ||
327 | mode = p->config[index]; | 331 | mode = p->config[index]; |
328 | if (mode == TOMOYO_CONFIG_USE_DEFAULT) | 332 | if (mode == TOMOYO_CONFIG_USE_DEFAULT) |
329 | mode = p->config[category]; | 333 | mode = p->config[category]; |
@@ -350,7 +354,8 @@ void tomoyo_write_log2(struct tomoyo_request_info *r, int len, const char *fmt, | |||
350 | char *buf; | 354 | char *buf; |
351 | struct tomoyo_log *entry; | 355 | struct tomoyo_log *entry; |
352 | bool quota_exceeded = false; | 356 | bool quota_exceeded = false; |
353 | if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type, r->granted)) | 357 | if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type, |
358 | r->matched_acl, r->granted)) | ||
354 | goto out; | 359 | goto out; |
355 | buf = tomoyo_init_log(r, len, fmt, args); | 360 | buf = tomoyo_init_log(r, len, fmt, args); |
356 | if (!buf) | 361 | if (!buf) |
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 85d915587a71..2704c384bf1e 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
@@ -1272,6 +1272,10 @@ static bool tomoyo_print_condition(struct tomoyo_io_buffer *head, | |||
1272 | head->r.cond_step++; | 1272 | head->r.cond_step++; |
1273 | /* fall through */ | 1273 | /* fall through */ |
1274 | case 3: | 1274 | case 3: |
1275 | if (cond->grant_log != TOMOYO_GRANTLOG_AUTO) | ||
1276 | tomoyo_io_printf(head, " grant_log=%s", | ||
1277 | tomoyo_yesno(cond->grant_log == | ||
1278 | TOMOYO_GRANTLOG_YES)); | ||
1275 | tomoyo_set_lf(head); | 1279 | tomoyo_set_lf(head); |
1276 | return true; | 1280 | return true; |
1277 | } | 1281 | } |
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index d1c758e7f92b..435b3d869fc5 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
@@ -179,6 +179,16 @@ enum tomoyo_domain_info_flags_index { | |||
179 | TOMOYO_MAX_DOMAIN_INFO_FLAGS | 179 | TOMOYO_MAX_DOMAIN_INFO_FLAGS |
180 | }; | 180 | }; |
181 | 181 | ||
182 | /* Index numbers for audit type. */ | ||
183 | enum tomoyo_grant_log { | ||
184 | /* Follow profile's configuration. */ | ||
185 | TOMOYO_GRANTLOG_AUTO, | ||
186 | /* Do not generate grant log. */ | ||
187 | TOMOYO_GRANTLOG_NO, | ||
188 | /* Generate grant_log. */ | ||
189 | TOMOYO_GRANTLOG_YES, | ||
190 | }; | ||
191 | |||
182 | /* Index numbers for group entries. */ | 192 | /* Index numbers for group entries. */ |
183 | enum tomoyo_group_id { | 193 | enum tomoyo_group_id { |
184 | TOMOYO_PATH_GROUP, | 194 | TOMOYO_PATH_GROUP, |
@@ -471,6 +481,7 @@ struct tomoyo_request_info { | |||
471 | int need_dev; | 481 | int need_dev; |
472 | } mount; | 482 | } mount; |
473 | } param; | 483 | } param; |
484 | struct tomoyo_acl_info *matched_acl; | ||
474 | u8 param_type; | 485 | u8 param_type; |
475 | bool granted; | 486 | bool granted; |
476 | u8 retry; | 487 | u8 retry; |
@@ -635,6 +646,7 @@ struct tomoyo_condition { | |||
635 | u16 names_count; /* Number of "struct tomoyo_name_union names". */ | 646 | u16 names_count; /* Number of "struct tomoyo_name_union names". */ |
636 | u16 argc; /* Number of "struct tomoyo_argv". */ | 647 | u16 argc; /* Number of "struct tomoyo_argv". */ |
637 | u16 envc; /* Number of "struct tomoyo_envp". */ | 648 | u16 envc; /* Number of "struct tomoyo_envp". */ |
649 | u8 grant_log; /* One of values in "enum tomoyo_grant_log". */ | ||
638 | /* | 650 | /* |
639 | * struct tomoyo_condition_element condition[condc]; | 651 | * struct tomoyo_condition_element condition[condc]; |
640 | * struct tomoyo_number_union values[numbers_count]; | 652 | * struct tomoyo_number_union values[numbers_count]; |
diff --git a/security/tomoyo/condition.c b/security/tomoyo/condition.c index 8a05f71eaf67..3a05eb3e2a64 100644 --- a/security/tomoyo/condition.c +++ b/security/tomoyo/condition.c | |||
@@ -348,6 +348,7 @@ static inline bool tomoyo_same_condition(const struct tomoyo_condition *a, | |||
348 | a->numbers_count == b->numbers_count && | 348 | a->numbers_count == b->numbers_count && |
349 | a->names_count == b->names_count && | 349 | a->names_count == b->names_count && |
350 | a->argc == b->argc && a->envc == b->envc && | 350 | a->argc == b->argc && a->envc == b->envc && |
351 | a->grant_log == b->grant_log && | ||
351 | !memcmp(a + 1, b + 1, a->size - sizeof(*a)); | 352 | !memcmp(a + 1, b + 1, a->size - sizeof(*a)); |
352 | } | 353 | } |
353 | 354 | ||
@@ -486,6 +487,20 @@ rerun: | |||
486 | goto out; | 487 | goto out; |
487 | dprintk(KERN_WARNING "%u: <%s>%s=<%s>\n", __LINE__, left_word, | 488 | dprintk(KERN_WARNING "%u: <%s>%s=<%s>\n", __LINE__, left_word, |
488 | is_not ? "!" : "", right_word); | 489 | is_not ? "!" : "", right_word); |
490 | if (!strcmp(left_word, "grant_log")) { | ||
491 | if (entry) { | ||
492 | if (is_not || | ||
493 | entry->grant_log != TOMOYO_GRANTLOG_AUTO) | ||
494 | goto out; | ||
495 | else if (!strcmp(right_word, "yes")) | ||
496 | entry->grant_log = TOMOYO_GRANTLOG_YES; | ||
497 | else if (!strcmp(right_word, "no")) | ||
498 | entry->grant_log = TOMOYO_GRANTLOG_NO; | ||
499 | else | ||
500 | goto out; | ||
501 | } | ||
502 | continue; | ||
503 | } | ||
489 | if (!strncmp(left_word, "exec.argv[", 10)) { | 504 | if (!strncmp(left_word, "exec.argv[", 10)) { |
490 | if (!argv) { | 505 | if (!argv) { |
491 | e.argc++; | 506 | e.argc++; |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 5931fb1c04d5..498fea732f48 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
@@ -157,6 +157,7 @@ retry: | |||
157 | continue; | 157 | continue; |
158 | if (!tomoyo_condition(r, ptr->cond)) | 158 | if (!tomoyo_condition(r, ptr->cond)) |
159 | continue; | 159 | continue; |
160 | r->matched_acl = ptr; | ||
160 | r->granted = true; | 161 | r->granted = true; |
161 | return; | 162 | return; |
162 | } | 163 | } |