diff options
| author | Darrel Goeddel <dgoeddel@trustedcs.com> | 2006-06-29 17:57:08 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-07-01 05:44:19 -0400 |
| commit | 6e5a2d1d32596850a0ebf7fb3e54c0d69901dabd (patch) | |
| tree | 27718d7df96c9b9f08a2ba333aa36c8e9ebbadfe /security | |
| parent | 3a6b9f85c641a3b89420b0c8150ed377526a1fe1 (diff) | |
[PATCH] audit: support for object context filters
This patch introduces object audit filters based on the elements
of the SELinux context.
Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
kernel/auditfilter.c | 25 +++++++++++++++++++++++++
kernel/auditsc.c | 40 ++++++++++++++++++++++++++++++++++++++++
security/selinux/ss/services.c | 18 +++++++++++++++++-
3 files changed, 82 insertions(+), 1 deletion(-)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/ss/services.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 92e80b99d183..d2e80e62ff0c 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
| @@ -1848,12 +1848,17 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, | |||
| 1848 | case AUDIT_SUBJ_USER: | 1848 | case AUDIT_SUBJ_USER: |
| 1849 | case AUDIT_SUBJ_ROLE: | 1849 | case AUDIT_SUBJ_ROLE: |
| 1850 | case AUDIT_SUBJ_TYPE: | 1850 | case AUDIT_SUBJ_TYPE: |
| 1851 | case AUDIT_OBJ_USER: | ||
| 1852 | case AUDIT_OBJ_ROLE: | ||
| 1853 | case AUDIT_OBJ_TYPE: | ||
| 1851 | /* only 'equals' and 'not equals' fit user, role, and type */ | 1854 | /* only 'equals' and 'not equals' fit user, role, and type */ |
| 1852 | if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL) | 1855 | if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL) |
| 1853 | return -EINVAL; | 1856 | return -EINVAL; |
| 1854 | break; | 1857 | break; |
| 1855 | case AUDIT_SUBJ_SEN: | 1858 | case AUDIT_SUBJ_SEN: |
| 1856 | case AUDIT_SUBJ_CLR: | 1859 | case AUDIT_SUBJ_CLR: |
| 1860 | case AUDIT_OBJ_LEV_LOW: | ||
| 1861 | case AUDIT_OBJ_LEV_HIGH: | ||
| 1857 | /* we do not allow a range, indicated by the presense of '-' */ | 1862 | /* we do not allow a range, indicated by the presense of '-' */ |
| 1858 | if (strchr(rulestr, '-')) | 1863 | if (strchr(rulestr, '-')) |
| 1859 | return -EINVAL; | 1864 | return -EINVAL; |
| @@ -1875,6 +1880,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, | |||
| 1875 | 1880 | ||
| 1876 | switch (field) { | 1881 | switch (field) { |
| 1877 | case AUDIT_SUBJ_USER: | 1882 | case AUDIT_SUBJ_USER: |
| 1883 | case AUDIT_OBJ_USER: | ||
| 1878 | userdatum = hashtab_search(policydb.p_users.table, rulestr); | 1884 | userdatum = hashtab_search(policydb.p_users.table, rulestr); |
| 1879 | if (!userdatum) | 1885 | if (!userdatum) |
| 1880 | rc = -EINVAL; | 1886 | rc = -EINVAL; |
| @@ -1882,6 +1888,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, | |||
| 1882 | tmprule->au_ctxt.user = userdatum->value; | 1888 | tmprule->au_ctxt.user = userdatum->value; |
| 1883 | break; | 1889 | break; |
| 1884 | case AUDIT_SUBJ_ROLE: | 1890 | case AUDIT_SUBJ_ROLE: |
| 1891 | case AUDIT_OBJ_ROLE: | ||
| 1885 | roledatum = hashtab_search(policydb.p_roles.table, rulestr); | 1892 | roledatum = hashtab_search(policydb.p_roles.table, rulestr); |
| 1886 | if (!roledatum) | 1893 | if (!roledatum) |
| 1887 | rc = -EINVAL; | 1894 | rc = -EINVAL; |
| @@ -1889,6 +1896,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, | |||
| 1889 | tmprule->au_ctxt.role = roledatum->value; | 1896 | tmprule->au_ctxt.role = roledatum->value; |
| 1890 | break; | 1897 | break; |
| 1891 | case AUDIT_SUBJ_TYPE: | 1898 | case AUDIT_SUBJ_TYPE: |
| 1899 | case AUDIT_OBJ_TYPE: | ||
| 1892 | typedatum = hashtab_search(policydb.p_types.table, rulestr); | 1900 | typedatum = hashtab_search(policydb.p_types.table, rulestr); |
| 1893 | if (!typedatum) | 1901 | if (!typedatum) |
| 1894 | rc = -EINVAL; | 1902 | rc = -EINVAL; |
| @@ -1897,6 +1905,8 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, | |||
| 1897 | break; | 1905 | break; |
| 1898 | case AUDIT_SUBJ_SEN: | 1906 | case AUDIT_SUBJ_SEN: |
| 1899 | case AUDIT_SUBJ_CLR: | 1907 | case AUDIT_SUBJ_CLR: |
| 1908 | case AUDIT_OBJ_LEV_LOW: | ||
| 1909 | case AUDIT_OBJ_LEV_HIGH: | ||
| 1900 | rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC); | 1910 | rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC); |
| 1901 | break; | 1911 | break; |
| 1902 | } | 1912 | } |
| @@ -1949,6 +1959,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
| 1949 | without a match */ | 1959 | without a match */ |
| 1950 | switch (field) { | 1960 | switch (field) { |
| 1951 | case AUDIT_SUBJ_USER: | 1961 | case AUDIT_SUBJ_USER: |
| 1962 | case AUDIT_OBJ_USER: | ||
| 1952 | switch (op) { | 1963 | switch (op) { |
| 1953 | case AUDIT_EQUAL: | 1964 | case AUDIT_EQUAL: |
| 1954 | match = (ctxt->user == rule->au_ctxt.user); | 1965 | match = (ctxt->user == rule->au_ctxt.user); |
| @@ -1959,6 +1970,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
| 1959 | } | 1970 | } |
| 1960 | break; | 1971 | break; |
| 1961 | case AUDIT_SUBJ_ROLE: | 1972 | case AUDIT_SUBJ_ROLE: |
| 1973 | case AUDIT_OBJ_ROLE: | ||
| 1962 | switch (op) { | 1974 | switch (op) { |
| 1963 | case AUDIT_EQUAL: | 1975 | case AUDIT_EQUAL: |
| 1964 | match = (ctxt->role == rule->au_ctxt.role); | 1976 | match = (ctxt->role == rule->au_ctxt.role); |
| @@ -1969,6 +1981,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
| 1969 | } | 1981 | } |
| 1970 | break; | 1982 | break; |
| 1971 | case AUDIT_SUBJ_TYPE: | 1983 | case AUDIT_SUBJ_TYPE: |
| 1984 | case AUDIT_OBJ_TYPE: | ||
| 1972 | switch (op) { | 1985 | switch (op) { |
| 1973 | case AUDIT_EQUAL: | 1986 | case AUDIT_EQUAL: |
| 1974 | match = (ctxt->type == rule->au_ctxt.type); | 1987 | match = (ctxt->type == rule->au_ctxt.type); |
| @@ -1980,7 +1993,10 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
| 1980 | break; | 1993 | break; |
| 1981 | case AUDIT_SUBJ_SEN: | 1994 | case AUDIT_SUBJ_SEN: |
| 1982 | case AUDIT_SUBJ_CLR: | 1995 | case AUDIT_SUBJ_CLR: |
| 1983 | level = (field == AUDIT_SUBJ_SEN ? | 1996 | case AUDIT_OBJ_LEV_LOW: |
| 1997 | case AUDIT_OBJ_LEV_HIGH: | ||
| 1998 | level = ((field == AUDIT_SUBJ_SEN || | ||
| 1999 | field == AUDIT_OBJ_LEV_LOW) ? | ||
| 1984 | &ctxt->range.level[0] : &ctxt->range.level[1]); | 2000 | &ctxt->range.level[0] : &ctxt->range.level[1]); |
| 1985 | switch (op) { | 2001 | switch (op) { |
| 1986 | case AUDIT_EQUAL: | 2002 | case AUDIT_EQUAL: |