aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorDarrel Goeddel <dgoeddel@trustedcs.com>2006-02-24 16:44:05 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2006-05-01 06:06:24 -0400
commit376bd9cb357ec945ac893feaeb63af7370a6e70b (patch)
tree7e2848792982dfe30e19a600a41fa5cb49ee6e6e /include/linux
parent97e94c453073a2aba4bb5e0825ddc5e923debf11 (diff)
[PATCH] support for context based audit filtering
The following patch provides selinux interfaces that will allow the audit system to perform filtering based on the process context (user, role, type, sensitivity, and clearance). These interfaces will allow the selinux module to perform efficient matches based on lower level selinux constructs, rather than relying on context retrievals and string comparisons within the audit module. It also allows for dominance checks on the mls portion of the contexts that are impossible with only string comparisons. Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/audit.h5
-rw-r--r--include/linux/selinux.h112
2 files changed, 117 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 39fef6ebb854..740f950397b7 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -145,6 +145,11 @@
145#define AUDIT_PERS 10 145#define AUDIT_PERS 10
146#define AUDIT_ARCH 11 146#define AUDIT_ARCH 11
147#define AUDIT_MSGTYPE 12 147#define AUDIT_MSGTYPE 12
148#define AUDIT_SE_USER 13 /* security label user */
149#define AUDIT_SE_ROLE 14 /* security label role */
150#define AUDIT_SE_TYPE 15 /* security label type */
151#define AUDIT_SE_SEN 16 /* security label sensitivity label */
152#define AUDIT_SE_CLR 17 /* security label clearance label */
148 153
149 /* These are ONLY useful when checking 154 /* These are ONLY useful when checking
150 * at syscall exit time (AUDIT_AT_EXIT). */ 155 * at syscall exit time (AUDIT_AT_EXIT). */
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
new file mode 100644
index 000000000000..9d684b1728b0
--- /dev/null
+++ b/include/linux/selinux.h
@@ -0,0 +1,112 @@
1/*
2 * SELinux services exported to the rest of the kernel.
3 *
4 * Author: James Morris <jmorris@redhat.com>
5 *
6 * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
7 * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2,
11 * as published by the Free Software Foundation.
12 */
13#ifndef _LINUX_SELINUX_H
14#define _LINUX_SELINUX_H
15
16struct selinux_audit_rule;
17struct audit_context;
18
19#ifdef CONFIG_SECURITY_SELINUX
20
21/**
22 * selinux_audit_rule_init - alloc/init an selinux audit rule structure.
23 * @field: the field this rule refers to
24 * @op: the operater the rule uses
25 * @rulestr: the text "target" of the rule
26 * @rule: pointer to the new rule structure returned via this
27 *
28 * Returns 0 if successful, -errno if not. On success, the rule structure
29 * will be allocated internally. The caller must free this structure with
30 * selinux_audit_rule_free() after use.
31 */
32int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
33 struct selinux_audit_rule **rule);
34
35/**
36 * selinux_audit_rule_free - free an selinux audit rule structure.
37 * @rule: pointer to the audit rule to be freed
38 *
39 * This will free all memory associated with the given rule.
40 * If @rule is NULL, no operation is performed.
41 */
42void selinux_audit_rule_free(struct selinux_audit_rule *rule);
43
44/**
45 * selinux_audit_rule_match - determine if a context ID matches a rule.
46 * @ctxid: the context ID to check
47 * @field: the field this rule refers to
48 * @op: the operater the rule uses
49 * @rule: pointer to the audit rule to check against
50 * @actx: the audit context (can be NULL) associated with the check
51 *
52 * Returns 1 if the context id matches the rule, 0 if it does not, and
53 * -errno on failure.
54 */
55int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
56 struct selinux_audit_rule *rule,
57 struct audit_context *actx);
58
59/**
60 * selinux_audit_set_callback - set the callback for policy reloads.
61 * @callback: the function to call when the policy is reloaded
62 *
63 * This sets the function callback function that will update the rules
64 * upon policy reloads. This callback should rebuild all existing rules
65 * using selinux_audit_rule_init().
66 */
67void selinux_audit_set_callback(int (*callback)(void));
68
69/**
70 * selinux_task_ctxid - determine a context ID for a process.
71 * @tsk: the task object
72 * @ctxid: ID value returned via this
73 *
74 * On return, ctxid will contain an ID for the context. This value
75 * should only be used opaquely.
76 */
77void selinux_task_ctxid(struct task_struct *tsk, u32 *ctxid);
78
79#else
80
81static inline int selinux_audit_rule_init(u32 field, u32 op,
82 char *rulestr,
83 struct selinux_audit_rule **rule)
84{
85 return -ENOTSUPP;
86}
87
88static inline void selinux_audit_rule_free(struct selinux_audit_rule *rule)
89{
90 return;
91}
92
93static inline int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
94 struct selinux_audit_rule *rule,
95 struct audit_context *actx)
96{
97 return 0;
98}
99
100static inline void selinux_audit_set_callback(int (*callback)(void))
101{
102 return;
103}
104
105static inline void selinux_task_ctxid(struct task_struct *tsk, u32 *ctxid)
106{
107 *ctxid = 0;
108}
109
110#endif /* CONFIG_SECURITY_SELINUX */
111
112#endif /* _LINUX_SELINUX_H */