diff options
author | Eric Paris <eparis@redhat.com> | 2008-04-18 10:09:25 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2008-04-28 06:18:03 -0400 |
commit | 2532386f480eefbdd67b48be55fb4fb3e5a6081c (patch) | |
tree | dd6a5a3c4116a67380a1336319c16632f04f80f9 /include/net | |
parent | 436c405c7d19455a71f42c9bec5fd5e028f1eb4e (diff) |
Audit: collect sessionid in netlink messages
Previously I added sessionid output to all audit messages where it was
available but we still didn't know the sessionid of the sender of
netlink messages. This patch adds that information to netlink messages
so we can audit who sent netlink messages.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netlabel.h | 1 | ||||
-rw-r--r-- | include/net/xfrm.h | 23 |
2 files changed, 13 insertions, 11 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 5e53a85b5ca1..e4d2d6baa983 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h | |||
@@ -103,6 +103,7 @@ struct cipso_v4_doi; | |||
103 | struct netlbl_audit { | 103 | struct netlbl_audit { |
104 | u32 secid; | 104 | u32 secid; |
105 | uid_t loginuid; | 105 | uid_t loginuid; |
106 | u32 sessionid; | ||
106 | }; | 107 | }; |
107 | 108 | ||
108 | /* | 109 | /* |
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index baa9f372cfd1..d1350bcccb03 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h | |||
@@ -597,8 +597,9 @@ struct xfrm_spi_skb_cb { | |||
597 | /* Audit Information */ | 597 | /* Audit Information */ |
598 | struct xfrm_audit | 598 | struct xfrm_audit |
599 | { | 599 | { |
600 | u32 loginuid; | ||
601 | u32 secid; | 600 | u32 secid; |
601 | uid_t loginuid; | ||
602 | u32 sessionid; | ||
602 | }; | 603 | }; |
603 | 604 | ||
604 | #ifdef CONFIG_AUDITSYSCALL | 605 | #ifdef CONFIG_AUDITSYSCALL |
@@ -616,13 +617,13 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op) | |||
616 | return audit_buf; | 617 | return audit_buf; |
617 | } | 618 | } |
618 | 619 | ||
619 | static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, | 620 | static inline void xfrm_audit_helper_usrinfo(uid_t auid, u32 ses, u32 secid, |
620 | struct audit_buffer *audit_buf) | 621 | struct audit_buffer *audit_buf) |
621 | { | 622 | { |
622 | char *secctx; | 623 | char *secctx; |
623 | u32 secctx_len; | 624 | u32 secctx_len; |
624 | 625 | ||
625 | audit_log_format(audit_buf, " auid=%u", auid); | 626 | audit_log_format(audit_buf, " auid=%u ses=%u", auid, ses); |
626 | if (secid != 0 && | 627 | if (secid != 0 && |
627 | security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { | 628 | security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { |
628 | audit_log_format(audit_buf, " subj=%s", secctx); | 629 | audit_log_format(audit_buf, " subj=%s", secctx); |
@@ -632,13 +633,13 @@ static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, | |||
632 | } | 633 | } |
633 | 634 | ||
634 | extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, | 635 | extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, |
635 | u32 auid, u32 secid); | 636 | u32 auid, u32 ses, u32 secid); |
636 | extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, | 637 | extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, |
637 | u32 auid, u32 secid); | 638 | u32 auid, u32 ses, u32 secid); |
638 | extern void xfrm_audit_state_add(struct xfrm_state *x, int result, | 639 | extern void xfrm_audit_state_add(struct xfrm_state *x, int result, |
639 | u32 auid, u32 secid); | 640 | u32 auid, u32 ses, u32 secid); |
640 | extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, | 641 | extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, |
641 | u32 auid, u32 secid); | 642 | u32 auid, u32 ses, u32 secid); |
642 | extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, | 643 | extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, |
643 | struct sk_buff *skb); | 644 | struct sk_buff *skb); |
644 | extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); | 645 | extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); |
@@ -647,10 +648,10 @@ extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, | |||
647 | extern void xfrm_audit_state_icvfail(struct xfrm_state *x, | 648 | extern void xfrm_audit_state_icvfail(struct xfrm_state *x, |
648 | struct sk_buff *skb, u8 proto); | 649 | struct sk_buff *skb, u8 proto); |
649 | #else | 650 | #else |
650 | #define xfrm_audit_policy_add(x, r, a, s) do { ; } while (0) | 651 | #define xfrm_audit_policy_add(x, r, a, se, s) do { ; } while (0) |
651 | #define xfrm_audit_policy_delete(x, r, a, s) do { ; } while (0) | 652 | #define xfrm_audit_policy_delete(x, r, a, se, s) do { ; } while (0) |
652 | #define xfrm_audit_state_add(x, r, a, s) do { ; } while (0) | 653 | #define xfrm_audit_state_add(x, r, a, se, s) do { ; } while (0) |
653 | #define xfrm_audit_state_delete(x, r, a, s) do { ; } while (0) | 654 | #define xfrm_audit_state_delete(x, r, a, se, s) do { ; } while (0) |
654 | #define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) | 655 | #define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) |
655 | #define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) | 656 | #define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) |
656 | #define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) | 657 | #define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) |