aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/auditsc.c
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2007-02-07 01:48:00 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2007-02-17 21:30:15 -0500
commitdb3495099d3d52854b13874905af6e40a91f4721 (patch)
tree5a832081d70dd9dabda3498baf40b7d6ced47f24 /kernel/auditsc.c
parent6a01b07fae482f9b34491b317056c89d3b96ca2e (diff)
[PATCH] AUDIT_FD_PAIR
Provide an audit record of the descriptor pair returned by pipe() and socketpair(). Rewritten from the original posted to linux-audit by John D. Ramsdell <ramsdell@mitre.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r--kernel/auditsc.c40
1 files changed, 40 insertions, 0 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 298897559ca4..359955800dd2 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -170,6 +170,11 @@ struct audit_aux_data_sockaddr {
170 char a[0]; 170 char a[0];
171}; 171};
172 172
173struct audit_aux_data_fd_pair {
174 struct audit_aux_data d;
175 int fd[2];
176};
177
173struct audit_aux_data_path { 178struct audit_aux_data_path {
174 struct audit_aux_data d; 179 struct audit_aux_data d;
175 struct dentry *dentry; 180 struct dentry *dentry;
@@ -961,6 +966,11 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
961 audit_log_d_path(ab, "path=", axi->dentry, axi->mnt); 966 audit_log_d_path(ab, "path=", axi->dentry, axi->mnt);
962 break; } 967 break; }
963 968
969 case AUDIT_FD_PAIR: {
970 struct audit_aux_data_fd_pair *axs = (void *)aux;
971 audit_log_format(ab, "fd0=%d fd1=%d", axs->fd[0], axs->fd[1]);
972 break; }
973
964 } 974 }
965 audit_log_end(ab); 975 audit_log_end(ab);
966 } 976 }
@@ -1815,6 +1825,36 @@ int audit_socketcall(int nargs, unsigned long *args)
1815} 1825}
1816 1826
1817/** 1827/**
1828 * __audit_fd_pair - record audit data for pipe and socketpair
1829 * @fd1: the first file descriptor
1830 * @fd2: the second file descriptor
1831 *
1832 * Returns 0 for success or NULL context or < 0 on error.
1833 */
1834int __audit_fd_pair(int fd1, int fd2)
1835{
1836 struct audit_context *context = current->audit_context;
1837 struct audit_aux_data_fd_pair *ax;
1838
1839 if (likely(!context)) {
1840 return 0;
1841 }
1842
1843 ax = kmalloc(sizeof(*ax), GFP_KERNEL);
1844 if (!ax) {
1845 return -ENOMEM;
1846 }
1847
1848 ax->fd[0] = fd1;
1849 ax->fd[1] = fd2;
1850
1851 ax->d.type = AUDIT_FD_PAIR;
1852 ax->d.next = context->aux;
1853 context->aux = (void *)ax;
1854 return 0;
1855}
1856
1857/**
1818 * audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto 1858 * audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto
1819 * @len: data length in user space 1859 * @len: data length in user space
1820 * @a: data address in kernel space 1860 * @a: data address in kernel space