aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2008-04-18 10:09:25 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2008-04-28 06:18:03 -0400
commit2532386f480eefbdd67b48be55fb4fb3e5a6081c (patch)
treedd6a5a3c4116a67380a1336319c16632f04f80f9 /include/net
parent436c405c7d19455a71f42c9bec5fd5e028f1eb4e (diff)
Audit: collect sessionid in netlink messages
Previously I added sessionid output to all audit messages where it was available but we still didn't know the sessionid of the sender of netlink messages. This patch adds that information to netlink messages so we can audit who sent netlink messages. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netlabel.h1
-rw-r--r--include/net/xfrm.h23
2 files changed, 13 insertions, 11 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 5e53a85b5ca1..e4d2d6baa983 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -103,6 +103,7 @@ struct cipso_v4_doi;
103struct netlbl_audit { 103struct netlbl_audit {
104 u32 secid; 104 u32 secid;
105 uid_t loginuid; 105 uid_t loginuid;
106 u32 sessionid;
106}; 107};
107 108
108/* 109/*
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index baa9f372cfd1..d1350bcccb03 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -597,8 +597,9 @@ struct xfrm_spi_skb_cb {
597/* Audit Information */ 597/* Audit Information */
598struct xfrm_audit 598struct xfrm_audit
599{ 599{
600 u32 loginuid;
601 u32 secid; 600 u32 secid;
601 uid_t loginuid;
602 u32 sessionid;
602}; 603};
603 604
604#ifdef CONFIG_AUDITSYSCALL 605#ifdef CONFIG_AUDITSYSCALL
@@ -616,13 +617,13 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op)
616 return audit_buf; 617 return audit_buf;
617} 618}
618 619
619static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, 620static inline void xfrm_audit_helper_usrinfo(uid_t auid, u32 ses, u32 secid,
620 struct audit_buffer *audit_buf) 621 struct audit_buffer *audit_buf)
621{ 622{
622 char *secctx; 623 char *secctx;
623 u32 secctx_len; 624 u32 secctx_len;
624 625
625 audit_log_format(audit_buf, " auid=%u", auid); 626 audit_log_format(audit_buf, " auid=%u ses=%u", auid, ses);
626 if (secid != 0 && 627 if (secid != 0 &&
627 security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { 628 security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) {
628 audit_log_format(audit_buf, " subj=%s", secctx); 629 audit_log_format(audit_buf, " subj=%s", secctx);
@@ -632,13 +633,13 @@ static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid,
632} 633}
633 634
634extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, 635extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
635 u32 auid, u32 secid); 636 u32 auid, u32 ses, u32 secid);
636extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, 637extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
637 u32 auid, u32 secid); 638 u32 auid, u32 ses, u32 secid);
638extern void xfrm_audit_state_add(struct xfrm_state *x, int result, 639extern void xfrm_audit_state_add(struct xfrm_state *x, int result,
639 u32 auid, u32 secid); 640 u32 auid, u32 ses, u32 secid);
640extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, 641extern void xfrm_audit_state_delete(struct xfrm_state *x, int result,
641 u32 auid, u32 secid); 642 u32 auid, u32 ses, u32 secid);
642extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, 643extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
643 struct sk_buff *skb); 644 struct sk_buff *skb);
644extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); 645extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family);
@@ -647,10 +648,10 @@ extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family,
647extern void xfrm_audit_state_icvfail(struct xfrm_state *x, 648extern void xfrm_audit_state_icvfail(struct xfrm_state *x,
648 struct sk_buff *skb, u8 proto); 649 struct sk_buff *skb, u8 proto);
649#else 650#else
650#define xfrm_audit_policy_add(x, r, a, s) do { ; } while (0) 651#define xfrm_audit_policy_add(x, r, a, se, s) do { ; } while (0)
651#define xfrm_audit_policy_delete(x, r, a, s) do { ; } while (0) 652#define xfrm_audit_policy_delete(x, r, a, se, s) do { ; } while (0)
652#define xfrm_audit_state_add(x, r, a, s) do { ; } while (0) 653#define xfrm_audit_state_add(x, r, a, se, s) do { ; } while (0)
653#define xfrm_audit_state_delete(x, r, a, s) do { ; } while (0) 654#define xfrm_audit_state_delete(x, r, a, se, s) do { ; } while (0)
654#define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) 655#define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0)
655#define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) 656#define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0)
656#define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) 657#define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0)