aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--arch/i386/kernel/audit.c12
-rw-r--r--arch/ia64/ia32/audit.c10
-rw-r--r--arch/ia64/kernel/audit.c16
-rw-r--r--arch/powerpc/kernel/audit.c16
-rw-r--r--arch/powerpc/kernel/compat_audit.c10
-rw-r--r--arch/s390/kernel/audit.c16
-rw-r--r--arch/s390/kernel/compat_audit.c10
-rw-r--r--arch/x86_64/ia32/audit.c10
-rw-r--r--arch/x86_64/kernel/audit.c16
-rw-r--r--include/asm-generic/audit_read.h8
-rw-r--r--include/asm-generic/audit_write.h11
-rw-r--r--include/linux/audit.h4
12 files changed, 139 insertions, 0 deletions
diff --git a/arch/i386/kernel/audit.c b/arch/i386/kernel/audit.c
index 5a53c6f371ff..28bbc46f75c2 100644
--- a/arch/i386/kernel/audit.c
+++ b/arch/i386/kernel/audit.c
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
8~0U 8~0U
9}; 9};
10 10
11static unsigned read_class[] = {
12#include <asm-generic/audit_read.h>
13~0U
14};
15
16static unsigned write_class[] = {
17#include <asm-generic/audit_write.h>
18~0U
19};
20
11static unsigned chattr_class[] = { 21static unsigned chattr_class[] = {
12#include <asm-generic/audit_change_attr.h> 22#include <asm-generic/audit_change_attr.h>
13~0U 23~0U
@@ -15,6 +25,8 @@ static unsigned chattr_class[] = {
15 25
16static int __init audit_classes_init(void) 26static int __init audit_classes_init(void)
17{ 27{
28 audit_register_class(AUDIT_CLASS_WRITE, write_class);
29 audit_register_class(AUDIT_CLASS_READ, read_class);
18 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); 30 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
19 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); 31 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
20 return 0; 32 return 0;
diff --git a/arch/ia64/ia32/audit.c b/arch/ia64/ia32/audit.c
index ab94f2e58cdd..798501994bd9 100644
--- a/arch/ia64/ia32/audit.c
+++ b/arch/ia64/ia32/audit.c
@@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = {
9#include <asm-generic/audit_change_attr.h> 9#include <asm-generic/audit_change_attr.h>
10~0U 10~0U
11}; 11};
12
13unsigned ia32_write_class[] = {
14#include <asm-generic/audit_write.h>
15~0U
16};
17
18unsigned ia32_read_class[] = {
19#include <asm-generic/audit_read.h>
20~0U
21};
diff --git a/arch/ia64/kernel/audit.c b/arch/ia64/kernel/audit.c
index f2512931ccaf..99488cdbf5cd 100644
--- a/arch/ia64/kernel/audit.c
+++ b/arch/ia64/kernel/audit.c
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
8~0U 8~0U
9}; 9};
10 10
11static unsigned read_class[] = {
12#include <asm-generic/audit_read.h>
13~0U
14};
15
16static unsigned write_class[] = {
17#include <asm-generic/audit_write.h>
18~0U
19};
20
11static unsigned chattr_class[] = { 21static unsigned chattr_class[] = {
12#include <asm-generic/audit_change_attr.h> 22#include <asm-generic/audit_change_attr.h>
13~0U 23~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
17{ 27{
18#ifdef CONFIG_IA32_SUPPORT 28#ifdef CONFIG_IA32_SUPPORT
19 extern __u32 ia32_dir_class[]; 29 extern __u32 ia32_dir_class[];
30 extern __u32 ia32_write_class[];
31 extern __u32 ia32_read_class[];
20 extern __u32 ia32_chattr_class[]; 32 extern __u32 ia32_chattr_class[];
33 audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class);
34 audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class);
21 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); 35 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class);
22 audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); 36 audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class);
23#endif 37#endif
38 audit_register_class(AUDIT_CLASS_WRITE, write_class);
39 audit_register_class(AUDIT_CLASS_READ, read_class);
24 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); 40 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
25 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); 41 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
26 return 0; 42 return 0;
diff --git a/arch/powerpc/kernel/audit.c b/arch/powerpc/kernel/audit.c
index caf085a19234..24a65e3724e1 100644
--- a/arch/powerpc/kernel/audit.c
+++ b/arch/powerpc/kernel/audit.c
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
8~0U 8~0U
9}; 9};
10 10
11static unsigned read_class[] = {
12#include <asm-generic/audit_read.h>
13~0U
14};
15
16static unsigned write_class[] = {
17#include <asm-generic/audit_write.h>
18~0U
19};
20
11static unsigned chattr_class[] = { 21static unsigned chattr_class[] = {
12#include <asm-generic/audit_change_attr.h> 22#include <asm-generic/audit_change_attr.h>
13~0U 23~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
17{ 27{
18#ifdef CONFIG_PPC64 28#ifdef CONFIG_PPC64
19 extern __u32 ppc32_dir_class[]; 29 extern __u32 ppc32_dir_class[];
30 extern __u32 ppc32_write_class[];
31 extern __u32 ppc32_read_class[];
20 extern __u32 ppc32_chattr_class[]; 32 extern __u32 ppc32_chattr_class[];
33 audit_register_class(AUDIT_CLASS_WRITE_32, ppc32_write_class);
34 audit_register_class(AUDIT_CLASS_READ_32, ppc32_read_class);
21 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class); 35 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class);
22 audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class); 36 audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class);
23#endif 37#endif
38 audit_register_class(AUDIT_CLASS_WRITE, write_class);
39 audit_register_class(AUDIT_CLASS_READ, read_class);
24 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); 40 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
25 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); 41 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
26 return 0; 42 return 0;
diff --git a/arch/powerpc/kernel/compat_audit.c b/arch/powerpc/kernel/compat_audit.c
index dbbb8b81f1d9..ddc0a64896a2 100644
--- a/arch/powerpc/kernel/compat_audit.c
+++ b/arch/powerpc/kernel/compat_audit.c
@@ -10,3 +10,13 @@ unsigned ppc32_chattr_class[] = {
10#include <asm-generic/audit_change_attr.h> 10#include <asm-generic/audit_change_attr.h>
11~0U 11~0U
12}; 12};
13
14unsigned ppc32_write_class[] = {
15#include <asm-generic/audit_write.h>
16~0U
17};
18
19unsigned ppc32_read_class[] = {
20#include <asm-generic/audit_read.h>
21~0U
22};
diff --git a/arch/s390/kernel/audit.c b/arch/s390/kernel/audit.c
index c26cd6cb2319..cde57039334c 100644
--- a/arch/s390/kernel/audit.c
+++ b/arch/s390/kernel/audit.c
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
8~0U 8~0U
9}; 9};
10 10
11static unsigned read_class[] = {
12#include <asm-generic/audit_read.h>
13~0U
14};
15
16static unsigned write_class[] = {
17#include <asm-generic/audit_write.h>
18~0U
19};
20
11static unsigned chattr_class[] = { 21static unsigned chattr_class[] = {
12#include <asm-generic/audit_change_attr.h> 22#include <asm-generic/audit_change_attr.h>
13~0U 23~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
17{ 27{
18#ifdef CONFIG_COMPAT 28#ifdef CONFIG_COMPAT
19 extern __u32 s390_dir_class[]; 29 extern __u32 s390_dir_class[];
30 extern __u32 s390_write_class[];
31 extern __u32 s390_read_class[];
20 extern __u32 s390_chattr_class[]; 32 extern __u32 s390_chattr_class[];
33 audit_register_class(AUDIT_CLASS_WRITE_32, s390_write_class);
34 audit_register_class(AUDIT_CLASS_READ_32, s390_read_class);
21 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class); 35 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class);
22 audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class); 36 audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class);
23#endif 37#endif
38 audit_register_class(AUDIT_CLASS_WRITE, write_class);
39 audit_register_class(AUDIT_CLASS_READ, read_class);
24 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); 40 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
25 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); 41 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
26 return 0; 42 return 0;
diff --git a/arch/s390/kernel/compat_audit.c b/arch/s390/kernel/compat_audit.c
index 1a7d34fecf67..d9e5f3540d48 100644
--- a/arch/s390/kernel/compat_audit.c
+++ b/arch/s390/kernel/compat_audit.c
@@ -10,3 +10,13 @@ unsigned s390_chattr_class[] = {
10#include <asm-generic/audit_change_attr.h> 10#include <asm-generic/audit_change_attr.h>
11~0U 11~0U
12}; 12};
13
14unsigned s390_write_class[] = {
15#include <asm-generic/audit_write.h>
16~0U
17};
18
19unsigned s390_read_class[] = {
20#include <asm-generic/audit_read.h>
21~0U
22};
diff --git a/arch/x86_64/ia32/audit.c b/arch/x86_64/ia32/audit.c
index ab94f2e58cdd..798501994bd9 100644
--- a/arch/x86_64/ia32/audit.c
+++ b/arch/x86_64/ia32/audit.c
@@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = {
9#include <asm-generic/audit_change_attr.h> 9#include <asm-generic/audit_change_attr.h>
10~0U 10~0U
11}; 11};
12
13unsigned ia32_write_class[] = {
14#include <asm-generic/audit_write.h>
15~0U
16};
17
18unsigned ia32_read_class[] = {
19#include <asm-generic/audit_read.h>
20~0U
21};
diff --git a/arch/x86_64/kernel/audit.c b/arch/x86_64/kernel/audit.c
index a067aa468a85..36840acb6513 100644
--- a/arch/x86_64/kernel/audit.c
+++ b/arch/x86_64/kernel/audit.c
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
8~0U 8~0U
9}; 9};
10 10
11static unsigned read_class[] = {
12#include <asm-generic/audit_read.h>
13~0U
14};
15
16static unsigned write_class[] = {
17#include <asm-generic/audit_write.h>
18~0U
19};
20
11static unsigned chattr_class[] = { 21static unsigned chattr_class[] = {
12#include <asm-generic/audit_change_attr.h> 22#include <asm-generic/audit_change_attr.h>
13~0U 23~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
17{ 27{
18#ifdef CONFIG_IA32_EMULATION 28#ifdef CONFIG_IA32_EMULATION
19 extern __u32 ia32_dir_class[]; 29 extern __u32 ia32_dir_class[];
30 extern __u32 ia32_write_class[];
31 extern __u32 ia32_read_class[];
20 extern __u32 ia32_chattr_class[]; 32 extern __u32 ia32_chattr_class[];
33 audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class);
34 audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class);
21 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); 35 audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class);
22 audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); 36 audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class);
23#endif 37#endif
38 audit_register_class(AUDIT_CLASS_WRITE, write_class);
39 audit_register_class(AUDIT_CLASS_READ, read_class);
24 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); 40 audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
25 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); 41 audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
26 return 0; 42 return 0;
diff --git a/include/asm-generic/audit_read.h b/include/asm-generic/audit_read.h
new file mode 100644
index 000000000000..0e87464d9847
--- /dev/null
+++ b/include/asm-generic/audit_read.h
@@ -0,0 +1,8 @@
1__NR_readlink,
2__NR_quotactl,
3__NR_listxattr,
4__NR_llistxattr,
5__NR_flistxattr,
6__NR_getxattr,
7__NR_lgetxattr,
8__NR_fgetxattr,
diff --git a/include/asm-generic/audit_write.h b/include/asm-generic/audit_write.h
new file mode 100644
index 000000000000..f10d367fb2a5
--- /dev/null
+++ b/include/asm-generic/audit_write.h
@@ -0,0 +1,11 @@
1#include <asm-generic/audit_dir_write.h>
2__NR_acct,
3__NR_swapon,
4__NR_quotactl,
5__NR_truncate,
6#ifdef __NR_truncate64
7__NR_truncate64,
8#endif
9#ifdef __NR_bind
10__NR_bind, /* bind can affect fs object only in one way... */
11#endif
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 64f9f9e56ac5..1077362a2efb 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -132,6 +132,10 @@
132#define AUDIT_CLASS_DIR_WRITE_32 1 132#define AUDIT_CLASS_DIR_WRITE_32 1
133#define AUDIT_CLASS_CHATTR 2 133#define AUDIT_CLASS_CHATTR 2
134#define AUDIT_CLASS_CHATTR_32 3 134#define AUDIT_CLASS_CHATTR_32 3
135#define AUDIT_CLASS_READ 4
136#define AUDIT_CLASS_READ_32 5
137#define AUDIT_CLASS_WRITE 6
138#define AUDIT_CLASS_WRITE_32 7
135 139
136/* This bitmask is used to validate user input. It represents all bits that 140/* This bitmask is used to validate user input. It represents all bits that
137 * are currently used in an audit field constant understood by the kernel. 141 * are currently used in an audit field constant understood by the kernel.