aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2008-04-18 10:09:25 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2008-04-28 06:18:03 -0400
commit2532386f480eefbdd67b48be55fb4fb3e5a6081c (patch)
treedd6a5a3c4116a67380a1336319c16632f04f80f9 /include/linux
parent436c405c7d19455a71f42c9bec5fd5e028f1eb4e (diff)
Audit: collect sessionid in netlink messages
Previously I added sessionid output to all audit messages where it was available but we still didn't know the sessionid of the sender of netlink messages. This patch adds that information to netlink messages so we can audit who sent netlink messages. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/audit.h3
-rw-r--r--include/linux/netlink.h1
-rw-r--r--include/linux/tty.h4
3 files changed, 5 insertions, 3 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 4ccb048cae1d..25f6ae30dd4b 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -569,7 +569,8 @@ extern int audit_update_lsm_rules(void);
569extern int audit_filter_user(struct netlink_skb_parms *cb, int type); 569extern int audit_filter_user(struct netlink_skb_parms *cb, int type);
570extern int audit_filter_type(int type); 570extern int audit_filter_type(int type);
571extern int audit_receive_filter(int type, int pid, int uid, int seq, 571extern int audit_receive_filter(int type, int pid, int uid, int seq,
572 void *data, size_t datasz, uid_t loginuid, u32 sid); 572 void *data, size_t datasz, uid_t loginuid,
573 u32 sessionid, u32 sid);
573extern int audit_enabled; 574extern int audit_enabled;
574#else 575#else
575#define audit_log(c,g,t,f,...) do { ; } while (0) 576#define audit_log(c,g,t,f,...) do { ; } while (0)
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index fb0713b6ffaf..bec1062a25a1 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -166,6 +166,7 @@ struct netlink_skb_parms
166 __u32 dst_group; 166 __u32 dst_group;
167 kernel_cap_t eff_cap; 167 kernel_cap_t eff_cap;
168 __u32 loginuid; /* Login (audit) uid */ 168 __u32 loginuid; /* Login (audit) uid */
169 __u32 sessionid; /* Session id (audit) */
169 __u32 sid; /* SELinux security id */ 170 __u32 sid; /* SELinux security id */
170}; 171};
171 172
diff --git a/include/linux/tty.h b/include/linux/tty.h
index dd8e08fe8855..430624504ca0 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -351,7 +351,7 @@ extern void tty_audit_add_data(struct tty_struct *tty, unsigned char *data,
351extern void tty_audit_exit(void); 351extern void tty_audit_exit(void);
352extern void tty_audit_fork(struct signal_struct *sig); 352extern void tty_audit_fork(struct signal_struct *sig);
353extern void tty_audit_push(struct tty_struct *tty); 353extern void tty_audit_push(struct tty_struct *tty);
354extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid); 354extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid);
355extern void tty_audit_opening(void); 355extern void tty_audit_opening(void);
356#else 356#else
357static inline void tty_audit_add_data(struct tty_struct *tty, 357static inline void tty_audit_add_data(struct tty_struct *tty,
@@ -367,7 +367,7 @@ static inline void tty_audit_fork(struct signal_struct *sig)
367static inline void tty_audit_push(struct tty_struct *tty) 367static inline void tty_audit_push(struct tty_struct *tty)
368{ 368{
369} 369}
370static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid) 370static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
371{ 371{
372} 372}
373static inline void tty_audit_opening(void) 373static inline void tty_audit_opening(void)