aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_audit.c
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2009-02-11 11:12:28 -0500
committerJames Morris <jmorris@namei.org>2009-02-11 17:40:14 -0500
commit523979adfa0b79d4e3aa053220c37a9233294206 (patch)
tree15ff42f935f9d443220edb118f3980432f924360 /security/integrity/ima/ima_audit.c
parented850a52af971528b048812c4215cef298af0d3b (diff)
integrity: audit update
Based on discussions on linux-audit, as per Steve Grubb's request http://lkml.org/lkml/2009/2/6/269, the following changes were made: - forced audit result to be either 0 or 1. - made template names const - Added new stand-alone message type: AUDIT_INTEGRITY_RULE Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity/ima/ima_audit.c')
-rw-r--r--security/integrity/ima/ima_audit.c21
1 files changed, 12 insertions, 9 deletions
diff --git a/security/integrity/ima/ima_audit.c b/security/integrity/ima/ima_audit.c
index 8a0f1e23ccf1..1e082bb987be 100644
--- a/security/integrity/ima/ima_audit.c
+++ b/security/integrity/ima/ima_audit.c
@@ -22,16 +22,18 @@ static int ima_audit;
22static int __init ima_audit_setup(char *str) 22static int __init ima_audit_setup(char *str)
23{ 23{
24 unsigned long audit; 24 unsigned long audit;
25 int rc; 25 int rc, result = 0;
26 char *op; 26 char *op = "ima_audit";
27 char *cause;
27 28
28 rc = strict_strtoul(str, 0, &audit); 29 rc = strict_strtoul(str, 0, &audit);
29 if (rc || audit > 1) 30 if (rc || audit > 1)
30 printk(KERN_INFO "ima: invalid ima_audit value\n"); 31 result = 1;
31 else 32 else
32 ima_audit = audit; 33 ima_audit = audit;
33 op = ima_audit ? "ima_audit_enabled" : "ima_audit_not_enabled"; 34 cause = ima_audit ? "enabled" : "not_enabled";
34 integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL, NULL, op, 0, 0); 35 integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL,
36 op, cause, result, 0);
35 return 1; 37 return 1;
36} 38}
37__setup("ima_audit=", ima_audit_setup); 39__setup("ima_audit=", ima_audit_setup);
@@ -47,20 +49,21 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
47 return; 49 return;
48 50
49 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); 51 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
50 audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u", 52 audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u ses=%u",
51 current->pid, current->cred->uid, 53 current->pid, current->cred->uid,
52 audit_get_loginuid(current)); 54 audit_get_loginuid(current),
55 audit_get_sessionid(current));
53 audit_log_task_context(ab); 56 audit_log_task_context(ab);
54 switch (audit_msgno) { 57 switch (audit_msgno) {
55 case AUDIT_INTEGRITY_DATA: 58 case AUDIT_INTEGRITY_DATA:
56 case AUDIT_INTEGRITY_METADATA: 59 case AUDIT_INTEGRITY_METADATA:
57 case AUDIT_INTEGRITY_PCR: 60 case AUDIT_INTEGRITY_PCR:
61 case AUDIT_INTEGRITY_STATUS:
58 audit_log_format(ab, " op=%s cause=%s", op, cause); 62 audit_log_format(ab, " op=%s cause=%s", op, cause);
59 break; 63 break;
60 case AUDIT_INTEGRITY_HASH: 64 case AUDIT_INTEGRITY_HASH:
61 audit_log_format(ab, " op=%s hash=%s", op, cause); 65 audit_log_format(ab, " op=%s hash=%s", op, cause);
62 break; 66 break;
63 case AUDIT_INTEGRITY_STATUS:
64 default: 67 default:
65 audit_log_format(ab, " op=%s", op); 68 audit_log_format(ab, " op=%s", op);
66 } 69 }
@@ -73,6 +76,6 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
73 if (inode) 76 if (inode)
74 audit_log_format(ab, " dev=%s ino=%lu", 77 audit_log_format(ab, " dev=%s ino=%lu",
75 inode->i_sb->s_id, inode->i_ino); 78 inode->i_sb->s_id, inode->i_ino);
76 audit_log_format(ab, " res=%d", result); 79 audit_log_format(ab, " res=%d", !result ? 0 : 1);
77 audit_log_end(ab); 80 audit_log_end(ab);
78} 81}
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-01 05:44:08 -0400