diff options
| author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-20 18:37:56 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-20 18:37:56 -0400 |
| commit | d9eaec9e295a84a80b663996d0489fcff3a1dca9 (patch) | |
| tree | 85cfc09bb5f0eb42d3be7dfbddaad31353307796 /include/linux/audit.h | |
| parent | cee4cca740d209bcb4b9857baa2253d5ba4e3fbe (diff) | |
| parent | 41757106b9ca7867dafb2404d618f947b4786fd7 (diff) | |
Merge branch 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (25 commits)
[PATCH] make set_loginuid obey audit_enabled
[PATCH] log more info for directory entry change events
[PATCH] fix AUDIT_FILTER_PREPEND handling
[PATCH] validate rule fields' types
[PATCH] audit: path-based rules
[PATCH] Audit of POSIX Message Queue Syscalls v.2
[PATCH] fix se_sen audit filter
[PATCH] deprecate AUDIT_POSSBILE
[PATCH] inline more audit helpers
[PATCH] proc_loginuid_write() uses simple_strtoul() on non-terminated array
[PATCH] update of IPC audit record cleanup
[PATCH] minor audit updates
[PATCH] fix audit_krule_to_{rule,data} return values
[PATCH] add filtering by ppid
[PATCH] log ppid
[PATCH] collect sid of those who send signals to auditd
[PATCH] execve argument logging
[PATCH] fix deadlocks in AUDIT_LIST/AUDIT_LIST_RULES
[PATCH] audit_panic() is audit-internal
[PATCH] inotify (5/5): update kernel documentation
...
Manual fixup of conflict in unclude/linux/inotify.h
Diffstat (limited to 'include/linux/audit.h')
| -rw-r--r-- | include/linux/audit.h | 99 |
1 files changed, 85 insertions, 14 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 14259f6db5bc..e051ff9c5b50 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -82,7 +82,12 @@ | |||
| 82 | #define AUDIT_CONFIG_CHANGE 1305 /* Audit system configuration change */ | 82 | #define AUDIT_CONFIG_CHANGE 1305 /* Audit system configuration change */ |
| 83 | #define AUDIT_SOCKADDR 1306 /* sockaddr copied as syscall arg */ | 83 | #define AUDIT_SOCKADDR 1306 /* sockaddr copied as syscall arg */ |
| 84 | #define AUDIT_CWD 1307 /* Current working directory */ | 84 | #define AUDIT_CWD 1307 /* Current working directory */ |
| 85 | #define AUDIT_EXECVE 1309 /* execve arguments */ | ||
| 85 | #define AUDIT_IPC_SET_PERM 1311 /* IPC new permissions record type */ | 86 | #define AUDIT_IPC_SET_PERM 1311 /* IPC new permissions record type */ |
| 87 | #define AUDIT_MQ_OPEN 1312 /* POSIX MQ open record type */ | ||
| 88 | #define AUDIT_MQ_SENDRECV 1313 /* POSIX MQ send/receive record type */ | ||
| 89 | #define AUDIT_MQ_NOTIFY 1314 /* POSIX MQ notify record type */ | ||
| 90 | #define AUDIT_MQ_GETSETATTR 1315 /* POSIX MQ get/set attribute record type */ | ||
| 86 | 91 | ||
| 87 | #define AUDIT_AVC 1400 /* SE Linux avc denial or grant */ | 92 | #define AUDIT_AVC 1400 /* SE Linux avc denial or grant */ |
| 88 | #define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */ | 93 | #define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */ |
| @@ -150,6 +155,7 @@ | |||
| 150 | #define AUDIT_SE_TYPE 15 /* security label type */ | 155 | #define AUDIT_SE_TYPE 15 /* security label type */ |
| 151 | #define AUDIT_SE_SEN 16 /* security label sensitivity label */ | 156 | #define AUDIT_SE_SEN 16 /* security label sensitivity label */ |
| 152 | #define AUDIT_SE_CLR 17 /* security label clearance label */ | 157 | #define AUDIT_SE_CLR 17 /* security label clearance label */ |
| 158 | #define AUDIT_PPID 18 | ||
| 153 | 159 | ||
| 154 | /* These are ONLY useful when checking | 160 | /* These are ONLY useful when checking |
| 155 | * at syscall exit time (AUDIT_AT_EXIT). */ | 161 | * at syscall exit time (AUDIT_AT_EXIT). */ |
| @@ -158,6 +164,7 @@ | |||
| 158 | #define AUDIT_INODE 102 | 164 | #define AUDIT_INODE 102 |
| 159 | #define AUDIT_EXIT 103 | 165 | #define AUDIT_EXIT 103 |
| 160 | #define AUDIT_SUCCESS 104 /* exit >= 0; value ignored */ | 166 | #define AUDIT_SUCCESS 104 /* exit >= 0; value ignored */ |
| 167 | #define AUDIT_WATCH 105 | ||
| 161 | 168 | ||
| 162 | #define AUDIT_ARG0 200 | 169 | #define AUDIT_ARG0 200 |
| 163 | #define AUDIT_ARG1 (AUDIT_ARG0+1) | 170 | #define AUDIT_ARG1 (AUDIT_ARG0+1) |
| @@ -277,12 +284,16 @@ struct audit_rule { /* for AUDIT_LIST, AUDIT_ADD, and AUDIT_DEL */ | |||
| 277 | struct audit_sig_info { | 284 | struct audit_sig_info { |
| 278 | uid_t uid; | 285 | uid_t uid; |
| 279 | pid_t pid; | 286 | pid_t pid; |
| 287 | char ctx[0]; | ||
| 280 | }; | 288 | }; |
| 281 | 289 | ||
| 282 | struct audit_buffer; | 290 | struct audit_buffer; |
| 283 | struct audit_context; | 291 | struct audit_context; |
| 284 | struct inode; | 292 | struct inode; |
| 285 | struct netlink_skb_parms; | 293 | struct netlink_skb_parms; |
| 294 | struct linux_binprm; | ||
| 295 | struct mq_attr; | ||
| 296 | struct mqstat; | ||
| 286 | 297 | ||
| 287 | #define AUDITSC_INVALID 0 | 298 | #define AUDITSC_INVALID 0 |
| 288 | #define AUDITSC_SUCCESS 1 | 299 | #define AUDITSC_SUCCESS 1 |
| @@ -297,15 +308,19 @@ extern void audit_syscall_entry(int arch, | |||
| 297 | int major, unsigned long a0, unsigned long a1, | 308 | int major, unsigned long a0, unsigned long a1, |
| 298 | unsigned long a2, unsigned long a3); | 309 | unsigned long a2, unsigned long a3); |
| 299 | extern void audit_syscall_exit(int failed, long return_code); | 310 | extern void audit_syscall_exit(int failed, long return_code); |
| 300 | extern void audit_getname(const char *name); | 311 | extern void __audit_getname(const char *name); |
| 301 | extern void audit_putname(const char *name); | 312 | extern void audit_putname(const char *name); |
| 302 | extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); | 313 | extern void __audit_inode(const char *name, const struct inode *inode); |
| 303 | extern void __audit_inode_child(const char *dname, const struct inode *inode, | 314 | extern void __audit_inode_child(const char *dname, const struct inode *inode, |
| 304 | unsigned long pino); | 315 | unsigned long pino); |
| 305 | static inline void audit_inode(const char *name, const struct inode *inode, | 316 | static inline void audit_getname(const char *name) |
| 306 | unsigned flags) { | 317 | { |
| 307 | if (unlikely(current->audit_context)) | 318 | if (unlikely(current->audit_context)) |
| 308 | __audit_inode(name, inode, flags); | 319 | __audit_getname(name); |
| 320 | } | ||
| 321 | static inline void audit_inode(const char *name, const struct inode *inode) { | ||
| 322 | if (unlikely(current->audit_context)) | ||
| 323 | __audit_inode(name, inode); | ||
| 309 | } | 324 | } |
| 310 | static inline void audit_inode_child(const char *dname, | 325 | static inline void audit_inode_child(const char *dname, |
| 311 | const struct inode *inode, | 326 | const struct inode *inode, |
| @@ -320,13 +335,61 @@ extern void auditsc_get_stamp(struct audit_context *ctx, | |||
| 320 | struct timespec *t, unsigned int *serial); | 335 | struct timespec *t, unsigned int *serial); |
| 321 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); | 336 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); |
| 322 | extern uid_t audit_get_loginuid(struct audit_context *ctx); | 337 | extern uid_t audit_get_loginuid(struct audit_context *ctx); |
| 323 | extern int audit_ipc_obj(struct kern_ipc_perm *ipcp); | 338 | extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); |
| 324 | extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp); | 339 | extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); |
| 340 | extern int audit_bprm(struct linux_binprm *bprm); | ||
| 325 | extern int audit_socketcall(int nargs, unsigned long *args); | 341 | extern int audit_socketcall(int nargs, unsigned long *args); |
| 326 | extern int audit_sockaddr(int len, void *addr); | 342 | extern int audit_sockaddr(int len, void *addr); |
| 327 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); | 343 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); |
| 328 | extern void audit_signal_info(int sig, struct task_struct *t); | ||
| 329 | extern int audit_set_macxattr(const char *name); | 344 | extern int audit_set_macxattr(const char *name); |
| 345 | extern int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr); | ||
| 346 | extern int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout); | ||
| 347 | extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout); | ||
| 348 | extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification); | ||
| 349 | extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat); | ||
| 350 | |||
| 351 | static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp) | ||
| 352 | { | ||
| 353 | if (unlikely(current->audit_context)) | ||
| 354 | return __audit_ipc_obj(ipcp); | ||
| 355 | return 0; | ||
| 356 | } | ||
| 357 | static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) | ||
| 358 | { | ||
| 359 | if (unlikely(current->audit_context)) | ||
| 360 | return __audit_ipc_set_perm(qbytes, uid, gid, mode); | ||
| 361 | return 0; | ||
| 362 | } | ||
| 363 | static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr) | ||
| 364 | { | ||
| 365 | if (unlikely(current->audit_context)) | ||
| 366 | return __audit_mq_open(oflag, mode, u_attr); | ||
| 367 | return 0; | ||
| 368 | } | ||
| 369 | static inline int audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout) | ||
| 370 | { | ||
| 371 | if (unlikely(current->audit_context)) | ||
| 372 | return __audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout); | ||
| 373 | return 0; | ||
| 374 | } | ||
| 375 | static inline int audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout) | ||
| 376 | { | ||
| 377 | if (unlikely(current->audit_context)) | ||
| 378 | return __audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout); | ||
| 379 | return 0; | ||
| 380 | } | ||
| 381 | static inline int audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification) | ||
| 382 | { | ||
| 383 | if (unlikely(current->audit_context)) | ||
| 384 | return __audit_mq_notify(mqdes, u_notification); | ||
| 385 | return 0; | ||
| 386 | } | ||
| 387 | static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) | ||
| 388 | { | ||
| 389 | if (unlikely(current->audit_context)) | ||
| 390 | return __audit_mq_getsetattr(mqdes, mqstat); | ||
| 391 | return 0; | ||
| 392 | } | ||
| 330 | #else | 393 | #else |
| 331 | #define audit_alloc(t) ({ 0; }) | 394 | #define audit_alloc(t) ({ 0; }) |
| 332 | #define audit_free(t) do { ; } while (0) | 395 | #define audit_free(t) do { ; } while (0) |
| @@ -334,19 +397,24 @@ extern int audit_set_macxattr(const char *name); | |||
| 334 | #define audit_syscall_exit(f,r) do { ; } while (0) | 397 | #define audit_syscall_exit(f,r) do { ; } while (0) |
| 335 | #define audit_getname(n) do { ; } while (0) | 398 | #define audit_getname(n) do { ; } while (0) |
| 336 | #define audit_putname(n) do { ; } while (0) | 399 | #define audit_putname(n) do { ; } while (0) |
| 337 | #define __audit_inode(n,i,f) do { ; } while (0) | 400 | #define __audit_inode(n,i) do { ; } while (0) |
| 338 | #define __audit_inode_child(d,i,p) do { ; } while (0) | 401 | #define __audit_inode_child(d,i,p) do { ; } while (0) |
| 339 | #define audit_inode(n,i,f) do { ; } while (0) | 402 | #define audit_inode(n,i) do { ; } while (0) |
| 340 | #define audit_inode_child(d,i,p) do { ; } while (0) | 403 | #define audit_inode_child(d,i,p) do { ; } while (0) |
| 341 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) | 404 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) |
| 342 | #define audit_get_loginuid(c) ({ -1; }) | 405 | #define audit_get_loginuid(c) ({ -1; }) |
| 343 | #define audit_ipc_obj(i) ({ 0; }) | 406 | #define audit_ipc_obj(i) ({ 0; }) |
| 344 | #define audit_ipc_set_perm(q,u,g,m,i) ({ 0; }) | 407 | #define audit_ipc_set_perm(q,u,g,m) ({ 0; }) |
| 408 | #define audit_bprm(p) ({ 0; }) | ||
| 345 | #define audit_socketcall(n,a) ({ 0; }) | 409 | #define audit_socketcall(n,a) ({ 0; }) |
| 346 | #define audit_sockaddr(len, addr) ({ 0; }) | 410 | #define audit_sockaddr(len, addr) ({ 0; }) |
| 347 | #define audit_avc_path(dentry, mnt) ({ 0; }) | 411 | #define audit_avc_path(dentry, mnt) ({ 0; }) |
| 348 | #define audit_signal_info(s,t) do { ; } while (0) | ||
| 349 | #define audit_set_macxattr(n) do { ; } while (0) | 412 | #define audit_set_macxattr(n) do { ; } while (0) |
| 413 | #define audit_mq_open(o,m,a) ({ 0; }) | ||
| 414 | #define audit_mq_timedsend(d,l,p,t) ({ 0; }) | ||
| 415 | #define audit_mq_timedreceive(d,l,p,t) ({ 0; }) | ||
| 416 | #define audit_mq_notify(d,n) ({ 0; }) | ||
| 417 | #define audit_mq_getsetattr(d,s) ({ 0; }) | ||
| 350 | #endif | 418 | #endif |
| 351 | 419 | ||
| 352 | #ifdef CONFIG_AUDIT | 420 | #ifdef CONFIG_AUDIT |
| @@ -364,8 +432,11 @@ extern void audit_log_end(struct audit_buffer *ab); | |||
| 364 | extern void audit_log_hex(struct audit_buffer *ab, | 432 | extern void audit_log_hex(struct audit_buffer *ab, |
| 365 | const unsigned char *buf, | 433 | const unsigned char *buf, |
| 366 | size_t len); | 434 | size_t len); |
| 367 | extern void audit_log_untrustedstring(struct audit_buffer *ab, | 435 | extern const char * audit_log_untrustedstring(struct audit_buffer *ab, |
| 368 | const char *string); | 436 | const char *string); |
| 437 | extern const char * audit_log_n_untrustedstring(struct audit_buffer *ab, | ||
| 438 | size_t n, | ||
| 439 | const char *string); | ||
| 369 | extern void audit_log_d_path(struct audit_buffer *ab, | 440 | extern void audit_log_d_path(struct audit_buffer *ab, |
| 370 | const char *prefix, | 441 | const char *prefix, |
| 371 | struct dentry *dentry, | 442 | struct dentry *dentry, |
| @@ -383,8 +454,8 @@ extern int audit_receive_filter(int type, int pid, int uid, int seq, | |||
| 383 | #define audit_log_end(b) do { ; } while (0) | 454 | #define audit_log_end(b) do { ; } while (0) |
| 384 | #define audit_log_hex(a,b,l) do { ; } while (0) | 455 | #define audit_log_hex(a,b,l) do { ; } while (0) |
| 385 | #define audit_log_untrustedstring(a,s) do { ; } while (0) | 456 | #define audit_log_untrustedstring(a,s) do { ; } while (0) |
| 457 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) | ||
| 386 | #define audit_log_d_path(b,p,d,v) do { ; } while (0) | 458 | #define audit_log_d_path(b,p,d,v) do { ; } while (0) |
| 387 | #define audit_panic(m) do { ; } while (0) | ||
| 388 | #endif | 459 | #endif |
| 389 | #endif | 460 | #endif |
| 390 | #endif | 461 | #endif |