aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorAl Viro <viro@ZenIV.linux.org.uk>2008-12-09 04:23:33 -0500
committerJames Morris <jmorris@namei.org>2008-12-09 04:32:06 -0500
commit1e641743f055f075ed9a4edd75f1fb1e05669ddc (patch)
tree8016113a4965a344415e8bd6366f07c23eee7d5f /include
parent94d6a5f7341ebaff53d4e41cc81fab37f0d9fbed (diff)
Audit: Log TIOCSTI
AUDIT_TTY records currently log all data read by processes marked for TTY input auditing, even if the data was "pushed back" using the TIOCSTI ioctl, not typed by the user. This patch records all TIOCSTI calls to disambiguate the input. It generates one audit message per character pushed back; considering TIOCSTI is used very rarely, this simple solution is probably good enough. (The only program I could find that uses TIOCSTI is mailx/nail in "header editing" mode, e.g. using the ~h escape. mailx is used very rarely, and the escapes are used even rarer.) Signed-Off-By: Miloslav Trmac <mitr@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/tty.h4
1 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/tty.h b/include/linux/tty.h
index 3b8121d4e36f..580700f20a1c 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -442,6 +442,7 @@ extern void tty_audit_add_data(struct tty_struct *tty, unsigned char *data,
442 size_t size); 442 size_t size);
443extern void tty_audit_exit(void); 443extern void tty_audit_exit(void);
444extern void tty_audit_fork(struct signal_struct *sig); 444extern void tty_audit_fork(struct signal_struct *sig);
445extern void tty_audit_tiocsti(struct tty_struct *tty, char ch);
445extern void tty_audit_push(struct tty_struct *tty); 446extern void tty_audit_push(struct tty_struct *tty);
446extern void tty_audit_push_task(struct task_struct *tsk, 447extern void tty_audit_push_task(struct task_struct *tsk,
447 uid_t loginuid, u32 sessionid); 448 uid_t loginuid, u32 sessionid);
@@ -450,6 +451,9 @@ static inline void tty_audit_add_data(struct tty_struct *tty,
450 unsigned char *data, size_t size) 451 unsigned char *data, size_t size)
451{ 452{
452} 453}
454static inline void tty_audit_tiocsti(struct tty_struct *tty, char ch)
455{
456}
453static inline void tty_audit_exit(void) 457static inline void tty_audit_exit(void)
454{ 458{
455} 459}