diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-29 14:41:22 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-29 14:41:22 -0400 |
| commit | 9781db7b345b5dfe93787aaaf310c861db7c1ede (patch) | |
| tree | d9796e29fd914ca04835636be95bbd5082a034fd /include/linux | |
| parent | 97094dcf5cefc8ccfdf93839f54dac2c4d316165 (diff) | |
| parent | 8b67dca9420474623709e00d72a066068a502b20 (diff) | |
Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[PATCH] new predicate - AUDIT_FILETYPE
[patch 2/2] Use find_task_by_vpid in audit code
[patch 1/2] audit: let userspace fully control TTY input auditing
[PATCH 2/2] audit: fix sparse shadowed variable warnings
[PATCH 1/2] audit: move extern declarations to audit.h
Audit: MAINTAINERS update
Audit: increase the maximum length of the key field
Audit: standardize string audit interfaces
Audit: stop deadlock from signals under load
Audit: save audit_backlog_limit audit messages in case auditd comes back
Audit: collect sessionid in netlink messages
Audit: end printk with newline
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/audit.h | 28 | ||||
| -rw-r--r-- | include/linux/netlink.h | 1 | ||||
| -rw-r--r-- | include/linux/tty.h | 9 |
3 files changed, 21 insertions, 17 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 4ccb048cae1d..63c3bb98558f 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -146,7 +146,7 @@ | |||
| 146 | /* Rule structure sizes -- if these change, different AUDIT_ADD and | 146 | /* Rule structure sizes -- if these change, different AUDIT_ADD and |
| 147 | * AUDIT_LIST commands must be implemented. */ | 147 | * AUDIT_LIST commands must be implemented. */ |
| 148 | #define AUDIT_MAX_FIELDS 64 | 148 | #define AUDIT_MAX_FIELDS 64 |
| 149 | #define AUDIT_MAX_KEY_LEN 32 | 149 | #define AUDIT_MAX_KEY_LEN 256 |
| 150 | #define AUDIT_BITMASK_SIZE 64 | 150 | #define AUDIT_BITMASK_SIZE 64 |
| 151 | #define AUDIT_WORD(nr) ((__u32)((nr)/32)) | 151 | #define AUDIT_WORD(nr) ((__u32)((nr)/32)) |
| 152 | #define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32)) | 152 | #define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32)) |
| @@ -209,6 +209,7 @@ | |||
| 209 | #define AUDIT_WATCH 105 | 209 | #define AUDIT_WATCH 105 |
| 210 | #define AUDIT_PERM 106 | 210 | #define AUDIT_PERM 106 |
| 211 | #define AUDIT_DIR 107 | 211 | #define AUDIT_DIR 107 |
| 212 | #define AUDIT_FILETYPE 108 | ||
| 212 | 213 | ||
| 213 | #define AUDIT_ARG0 200 | 214 | #define AUDIT_ARG0 200 |
| 214 | #define AUDIT_ARG1 (AUDIT_ARG0+1) | 215 | #define AUDIT_ARG1 (AUDIT_ARG0+1) |
| @@ -549,16 +550,20 @@ extern void audit_log_format(struct audit_buffer *ab, | |||
| 549 | const char *fmt, ...) | 550 | const char *fmt, ...) |
| 550 | __attribute__((format(printf,2,3))); | 551 | __attribute__((format(printf,2,3))); |
| 551 | extern void audit_log_end(struct audit_buffer *ab); | 552 | extern void audit_log_end(struct audit_buffer *ab); |
| 552 | extern void audit_log_hex(struct audit_buffer *ab, | ||
| 553 | const unsigned char *buf, | ||
| 554 | size_t len); | ||
| 555 | extern int audit_string_contains_control(const char *string, | 553 | extern int audit_string_contains_control(const char *string, |
| 556 | size_t len); | 554 | size_t len); |
| 555 | extern void audit_log_n_hex(struct audit_buffer *ab, | ||
| 556 | const unsigned char *buf, | ||
| 557 | size_t len); | ||
| 558 | extern void audit_log_n_string(struct audit_buffer *ab, | ||
| 559 | const char *buf, | ||
| 560 | size_t n); | ||
| 561 | #define audit_log_string(a,b) audit_log_n_string(a, b, strlen(b)); | ||
| 562 | extern void audit_log_n_untrustedstring(struct audit_buffer *ab, | ||
| 563 | const char *string, | ||
| 564 | size_t n); | ||
| 557 | extern void audit_log_untrustedstring(struct audit_buffer *ab, | 565 | extern void audit_log_untrustedstring(struct audit_buffer *ab, |
| 558 | const char *string); | 566 | const char *string); |
| 559 | extern void audit_log_n_untrustedstring(struct audit_buffer *ab, | ||
| 560 | size_t n, | ||
| 561 | const char *string); | ||
| 562 | extern void audit_log_d_path(struct audit_buffer *ab, | 567 | extern void audit_log_d_path(struct audit_buffer *ab, |
| 563 | const char *prefix, | 568 | const char *prefix, |
| 564 | struct path *path); | 569 | struct path *path); |
| @@ -569,7 +574,8 @@ extern int audit_update_lsm_rules(void); | |||
| 569 | extern int audit_filter_user(struct netlink_skb_parms *cb, int type); | 574 | extern int audit_filter_user(struct netlink_skb_parms *cb, int type); |
| 570 | extern int audit_filter_type(int type); | 575 | extern int audit_filter_type(int type); |
| 571 | extern int audit_receive_filter(int type, int pid, int uid, int seq, | 576 | extern int audit_receive_filter(int type, int pid, int uid, int seq, |
| 572 | void *data, size_t datasz, uid_t loginuid, u32 sid); | 577 | void *data, size_t datasz, uid_t loginuid, |
| 578 | u32 sessionid, u32 sid); | ||
| 573 | extern int audit_enabled; | 579 | extern int audit_enabled; |
| 574 | #else | 580 | #else |
| 575 | #define audit_log(c,g,t,f,...) do { ; } while (0) | 581 | #define audit_log(c,g,t,f,...) do { ; } while (0) |
| @@ -577,9 +583,11 @@ extern int audit_enabled; | |||
| 577 | #define audit_log_vformat(b,f,a) do { ; } while (0) | 583 | #define audit_log_vformat(b,f,a) do { ; } while (0) |
| 578 | #define audit_log_format(b,f,...) do { ; } while (0) | 584 | #define audit_log_format(b,f,...) do { ; } while (0) |
| 579 | #define audit_log_end(b) do { ; } while (0) | 585 | #define audit_log_end(b) do { ; } while (0) |
| 580 | #define audit_log_hex(a,b,l) do { ; } while (0) | 586 | #define audit_log_n_hex(a,b,l) do { ; } while (0) |
| 581 | #define audit_log_untrustedstring(a,s) do { ; } while (0) | 587 | #define audit_log_n_string(a,c,l) do { ; } while (0) |
| 588 | #define audit_log_string(a,c) do { ; } while (0) | ||
| 582 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) | 589 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) |
| 590 | #define audit_log_untrustedstring(a,s) do { ; } while (0) | ||
| 583 | #define audit_log_d_path(b, p, d) do { ; } while (0) | 591 | #define audit_log_d_path(b, p, d) do { ; } while (0) |
| 584 | #define audit_enabled 0 | 592 | #define audit_enabled 0 |
| 585 | #endif | 593 | #endif |
diff --git a/include/linux/netlink.h b/include/linux/netlink.h index fb0713b6ffaf..bec1062a25a1 100644 --- a/include/linux/netlink.h +++ b/include/linux/netlink.h | |||
| @@ -166,6 +166,7 @@ struct netlink_skb_parms | |||
| 166 | __u32 dst_group; | 166 | __u32 dst_group; |
| 167 | kernel_cap_t eff_cap; | 167 | kernel_cap_t eff_cap; |
| 168 | __u32 loginuid; /* Login (audit) uid */ | 168 | __u32 loginuid; /* Login (audit) uid */ |
| 169 | __u32 sessionid; /* Session id (audit) */ | ||
| 169 | __u32 sid; /* SELinux security id */ | 170 | __u32 sid; /* SELinux security id */ |
| 170 | }; | 171 | }; |
| 171 | 172 | ||
diff --git a/include/linux/tty.h b/include/linux/tty.h index dd8e08fe8855..265831ccaa88 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h | |||
| @@ -300,7 +300,6 @@ extern void tty_hangup(struct tty_struct * tty); | |||
| 300 | extern void tty_vhangup(struct tty_struct * tty); | 300 | extern void tty_vhangup(struct tty_struct * tty); |
| 301 | extern void tty_unhangup(struct file *filp); | 301 | extern void tty_unhangup(struct file *filp); |
| 302 | extern int tty_hung_up_p(struct file * filp); | 302 | extern int tty_hung_up_p(struct file * filp); |
| 303 | extern int is_tty(struct file *filp); | ||
| 304 | extern void do_SAK(struct tty_struct *tty); | 303 | extern void do_SAK(struct tty_struct *tty); |
| 305 | extern void __do_SAK(struct tty_struct *tty); | 304 | extern void __do_SAK(struct tty_struct *tty); |
| 306 | extern void disassociate_ctty(int priv); | 305 | extern void disassociate_ctty(int priv); |
| @@ -351,8 +350,7 @@ extern void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, | |||
| 351 | extern void tty_audit_exit(void); | 350 | extern void tty_audit_exit(void); |
| 352 | extern void tty_audit_fork(struct signal_struct *sig); | 351 | extern void tty_audit_fork(struct signal_struct *sig); |
| 353 | extern void tty_audit_push(struct tty_struct *tty); | 352 | extern void tty_audit_push(struct tty_struct *tty); |
| 354 | extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid); | 353 | extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid); |
| 355 | extern void tty_audit_opening(void); | ||
| 356 | #else | 354 | #else |
| 357 | static inline void tty_audit_add_data(struct tty_struct *tty, | 355 | static inline void tty_audit_add_data(struct tty_struct *tty, |
| 358 | unsigned char *data, size_t size) | 356 | unsigned char *data, size_t size) |
| @@ -367,10 +365,7 @@ static inline void tty_audit_fork(struct signal_struct *sig) | |||
| 367 | static inline void tty_audit_push(struct tty_struct *tty) | 365 | static inline void tty_audit_push(struct tty_struct *tty) |
| 368 | { | 366 | { |
| 369 | } | 367 | } |
| 370 | static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid) | 368 | static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) |
| 371 | { | ||
| 372 | } | ||
| 373 | static inline void tty_audit_opening(void) | ||
| 374 | { | 369 | { |
| 375 | } | 370 | } |
| 376 | #endif | 371 | #endif |