diff options
-rw-r--r-- | arch/i386/kernel/audit.c | 12 | ||||
-rw-r--r-- | arch/ia64/ia32/audit.c | 10 | ||||
-rw-r--r-- | arch/ia64/kernel/audit.c | 16 | ||||
-rw-r--r-- | arch/powerpc/kernel/audit.c | 16 | ||||
-rw-r--r-- | arch/powerpc/kernel/compat_audit.c | 10 | ||||
-rw-r--r-- | arch/s390/kernel/audit.c | 16 | ||||
-rw-r--r-- | arch/s390/kernel/compat_audit.c | 10 | ||||
-rw-r--r-- | arch/x86_64/ia32/audit.c | 10 | ||||
-rw-r--r-- | arch/x86_64/kernel/audit.c | 16 | ||||
-rw-r--r-- | include/asm-generic/audit_read.h | 8 | ||||
-rw-r--r-- | include/asm-generic/audit_write.h | 11 | ||||
-rw-r--r-- | include/linux/audit.h | 4 |
12 files changed, 139 insertions, 0 deletions
diff --git a/arch/i386/kernel/audit.c b/arch/i386/kernel/audit.c index 5a53c6f371ff..28bbc46f75c2 100644 --- a/arch/i386/kernel/audit.c +++ b/arch/i386/kernel/audit.c | |||
@@ -8,6 +8,16 @@ static unsigned dir_class[] = { | |||
8 | ~0U | 8 | ~0U |
9 | }; | 9 | }; |
10 | 10 | ||
11 | static unsigned read_class[] = { | ||
12 | #include <asm-generic/audit_read.h> | ||
13 | ~0U | ||
14 | }; | ||
15 | |||
16 | static unsigned write_class[] = { | ||
17 | #include <asm-generic/audit_write.h> | ||
18 | ~0U | ||
19 | }; | ||
20 | |||
11 | static unsigned chattr_class[] = { | 21 | static unsigned chattr_class[] = { |
12 | #include <asm-generic/audit_change_attr.h> | 22 | #include <asm-generic/audit_change_attr.h> |
13 | ~0U | 23 | ~0U |
@@ -15,6 +25,8 @@ static unsigned chattr_class[] = { | |||
15 | 25 | ||
16 | static int __init audit_classes_init(void) | 26 | static int __init audit_classes_init(void) |
17 | { | 27 | { |
28 | audit_register_class(AUDIT_CLASS_WRITE, write_class); | ||
29 | audit_register_class(AUDIT_CLASS_READ, read_class); | ||
18 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); | 30 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); |
19 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); | 31 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); |
20 | return 0; | 32 | return 0; |
diff --git a/arch/ia64/ia32/audit.c b/arch/ia64/ia32/audit.c index ab94f2e58cdd..798501994bd9 100644 --- a/arch/ia64/ia32/audit.c +++ b/arch/ia64/ia32/audit.c | |||
@@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = { | |||
9 | #include <asm-generic/audit_change_attr.h> | 9 | #include <asm-generic/audit_change_attr.h> |
10 | ~0U | 10 | ~0U |
11 | }; | 11 | }; |
12 | |||
13 | unsigned ia32_write_class[] = { | ||
14 | #include <asm-generic/audit_write.h> | ||
15 | ~0U | ||
16 | }; | ||
17 | |||
18 | unsigned ia32_read_class[] = { | ||
19 | #include <asm-generic/audit_read.h> | ||
20 | ~0U | ||
21 | }; | ||
diff --git a/arch/ia64/kernel/audit.c b/arch/ia64/kernel/audit.c index f2512931ccaf..99488cdbf5cd 100644 --- a/arch/ia64/kernel/audit.c +++ b/arch/ia64/kernel/audit.c | |||
@@ -8,6 +8,16 @@ static unsigned dir_class[] = { | |||
8 | ~0U | 8 | ~0U |
9 | }; | 9 | }; |
10 | 10 | ||
11 | static unsigned read_class[] = { | ||
12 | #include <asm-generic/audit_read.h> | ||
13 | ~0U | ||
14 | }; | ||
15 | |||
16 | static unsigned write_class[] = { | ||
17 | #include <asm-generic/audit_write.h> | ||
18 | ~0U | ||
19 | }; | ||
20 | |||
11 | static unsigned chattr_class[] = { | 21 | static unsigned chattr_class[] = { |
12 | #include <asm-generic/audit_change_attr.h> | 22 | #include <asm-generic/audit_change_attr.h> |
13 | ~0U | 23 | ~0U |
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void) | |||
17 | { | 27 | { |
18 | #ifdef CONFIG_IA32_SUPPORT | 28 | #ifdef CONFIG_IA32_SUPPORT |
19 | extern __u32 ia32_dir_class[]; | 29 | extern __u32 ia32_dir_class[]; |
30 | extern __u32 ia32_write_class[]; | ||
31 | extern __u32 ia32_read_class[]; | ||
20 | extern __u32 ia32_chattr_class[]; | 32 | extern __u32 ia32_chattr_class[]; |
33 | audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class); | ||
34 | audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class); | ||
21 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); | 35 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); |
22 | audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); | 36 | audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); |
23 | #endif | 37 | #endif |
38 | audit_register_class(AUDIT_CLASS_WRITE, write_class); | ||
39 | audit_register_class(AUDIT_CLASS_READ, read_class); | ||
24 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); | 40 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); |
25 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); | 41 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); |
26 | return 0; | 42 | return 0; |
diff --git a/arch/powerpc/kernel/audit.c b/arch/powerpc/kernel/audit.c index caf085a19234..24a65e3724e1 100644 --- a/arch/powerpc/kernel/audit.c +++ b/arch/powerpc/kernel/audit.c | |||
@@ -8,6 +8,16 @@ static unsigned dir_class[] = { | |||
8 | ~0U | 8 | ~0U |
9 | }; | 9 | }; |
10 | 10 | ||
11 | static unsigned read_class[] = { | ||
12 | #include <asm-generic/audit_read.h> | ||
13 | ~0U | ||
14 | }; | ||
15 | |||
16 | static unsigned write_class[] = { | ||
17 | #include <asm-generic/audit_write.h> | ||
18 | ~0U | ||
19 | }; | ||
20 | |||
11 | static unsigned chattr_class[] = { | 21 | static unsigned chattr_class[] = { |
12 | #include <asm-generic/audit_change_attr.h> | 22 | #include <asm-generic/audit_change_attr.h> |
13 | ~0U | 23 | ~0U |
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void) | |||
17 | { | 27 | { |
18 | #ifdef CONFIG_PPC64 | 28 | #ifdef CONFIG_PPC64 |
19 | extern __u32 ppc32_dir_class[]; | 29 | extern __u32 ppc32_dir_class[]; |
30 | extern __u32 ppc32_write_class[]; | ||
31 | extern __u32 ppc32_read_class[]; | ||
20 | extern __u32 ppc32_chattr_class[]; | 32 | extern __u32 ppc32_chattr_class[]; |
33 | audit_register_class(AUDIT_CLASS_WRITE_32, ppc32_write_class); | ||
34 | audit_register_class(AUDIT_CLASS_READ_32, ppc32_read_class); | ||
21 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class); | 35 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class); |
22 | audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class); | 36 | audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class); |
23 | #endif | 37 | #endif |
38 | audit_register_class(AUDIT_CLASS_WRITE, write_class); | ||
39 | audit_register_class(AUDIT_CLASS_READ, read_class); | ||
24 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); | 40 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); |
25 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); | 41 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); |
26 | return 0; | 42 | return 0; |
diff --git a/arch/powerpc/kernel/compat_audit.c b/arch/powerpc/kernel/compat_audit.c index dbbb8b81f1d9..ddc0a64896a2 100644 --- a/arch/powerpc/kernel/compat_audit.c +++ b/arch/powerpc/kernel/compat_audit.c | |||
@@ -10,3 +10,13 @@ unsigned ppc32_chattr_class[] = { | |||
10 | #include <asm-generic/audit_change_attr.h> | 10 | #include <asm-generic/audit_change_attr.h> |
11 | ~0U | 11 | ~0U |
12 | }; | 12 | }; |
13 | |||
14 | unsigned ppc32_write_class[] = { | ||
15 | #include <asm-generic/audit_write.h> | ||
16 | ~0U | ||
17 | }; | ||
18 | |||
19 | unsigned ppc32_read_class[] = { | ||
20 | #include <asm-generic/audit_read.h> | ||
21 | ~0U | ||
22 | }; | ||
diff --git a/arch/s390/kernel/audit.c b/arch/s390/kernel/audit.c index c26cd6cb2319..cde57039334c 100644 --- a/arch/s390/kernel/audit.c +++ b/arch/s390/kernel/audit.c | |||
@@ -8,6 +8,16 @@ static unsigned dir_class[] = { | |||
8 | ~0U | 8 | ~0U |
9 | }; | 9 | }; |
10 | 10 | ||
11 | static unsigned read_class[] = { | ||
12 | #include <asm-generic/audit_read.h> | ||
13 | ~0U | ||
14 | }; | ||
15 | |||
16 | static unsigned write_class[] = { | ||
17 | #include <asm-generic/audit_write.h> | ||
18 | ~0U | ||
19 | }; | ||
20 | |||
11 | static unsigned chattr_class[] = { | 21 | static unsigned chattr_class[] = { |
12 | #include <asm-generic/audit_change_attr.h> | 22 | #include <asm-generic/audit_change_attr.h> |
13 | ~0U | 23 | ~0U |
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void) | |||
17 | { | 27 | { |
18 | #ifdef CONFIG_COMPAT | 28 | #ifdef CONFIG_COMPAT |
19 | extern __u32 s390_dir_class[]; | 29 | extern __u32 s390_dir_class[]; |
30 | extern __u32 s390_write_class[]; | ||
31 | extern __u32 s390_read_class[]; | ||
20 | extern __u32 s390_chattr_class[]; | 32 | extern __u32 s390_chattr_class[]; |
33 | audit_register_class(AUDIT_CLASS_WRITE_32, s390_write_class); | ||
34 | audit_register_class(AUDIT_CLASS_READ_32, s390_read_class); | ||
21 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class); | 35 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class); |
22 | audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class); | 36 | audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class); |
23 | #endif | 37 | #endif |
38 | audit_register_class(AUDIT_CLASS_WRITE, write_class); | ||
39 | audit_register_class(AUDIT_CLASS_READ, read_class); | ||
24 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); | 40 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); |
25 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); | 41 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); |
26 | return 0; | 42 | return 0; |
diff --git a/arch/s390/kernel/compat_audit.c b/arch/s390/kernel/compat_audit.c index 1a7d34fecf67..d9e5f3540d48 100644 --- a/arch/s390/kernel/compat_audit.c +++ b/arch/s390/kernel/compat_audit.c | |||
@@ -10,3 +10,13 @@ unsigned s390_chattr_class[] = { | |||
10 | #include <asm-generic/audit_change_attr.h> | 10 | #include <asm-generic/audit_change_attr.h> |
11 | ~0U | 11 | ~0U |
12 | }; | 12 | }; |
13 | |||
14 | unsigned s390_write_class[] = { | ||
15 | #include <asm-generic/audit_write.h> | ||
16 | ~0U | ||
17 | }; | ||
18 | |||
19 | unsigned s390_read_class[] = { | ||
20 | #include <asm-generic/audit_read.h> | ||
21 | ~0U | ||
22 | }; | ||
diff --git a/arch/x86_64/ia32/audit.c b/arch/x86_64/ia32/audit.c index ab94f2e58cdd..798501994bd9 100644 --- a/arch/x86_64/ia32/audit.c +++ b/arch/x86_64/ia32/audit.c | |||
@@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = { | |||
9 | #include <asm-generic/audit_change_attr.h> | 9 | #include <asm-generic/audit_change_attr.h> |
10 | ~0U | 10 | ~0U |
11 | }; | 11 | }; |
12 | |||
13 | unsigned ia32_write_class[] = { | ||
14 | #include <asm-generic/audit_write.h> | ||
15 | ~0U | ||
16 | }; | ||
17 | |||
18 | unsigned ia32_read_class[] = { | ||
19 | #include <asm-generic/audit_read.h> | ||
20 | ~0U | ||
21 | }; | ||
diff --git a/arch/x86_64/kernel/audit.c b/arch/x86_64/kernel/audit.c index a067aa468a85..36840acb6513 100644 --- a/arch/x86_64/kernel/audit.c +++ b/arch/x86_64/kernel/audit.c | |||
@@ -8,6 +8,16 @@ static unsigned dir_class[] = { | |||
8 | ~0U | 8 | ~0U |
9 | }; | 9 | }; |
10 | 10 | ||
11 | static unsigned read_class[] = { | ||
12 | #include <asm-generic/audit_read.h> | ||
13 | ~0U | ||
14 | }; | ||
15 | |||
16 | static unsigned write_class[] = { | ||
17 | #include <asm-generic/audit_write.h> | ||
18 | ~0U | ||
19 | }; | ||
20 | |||
11 | static unsigned chattr_class[] = { | 21 | static unsigned chattr_class[] = { |
12 | #include <asm-generic/audit_change_attr.h> | 22 | #include <asm-generic/audit_change_attr.h> |
13 | ~0U | 23 | ~0U |
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void) | |||
17 | { | 27 | { |
18 | #ifdef CONFIG_IA32_EMULATION | 28 | #ifdef CONFIG_IA32_EMULATION |
19 | extern __u32 ia32_dir_class[]; | 29 | extern __u32 ia32_dir_class[]; |
30 | extern __u32 ia32_write_class[]; | ||
31 | extern __u32 ia32_read_class[]; | ||
20 | extern __u32 ia32_chattr_class[]; | 32 | extern __u32 ia32_chattr_class[]; |
33 | audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class); | ||
34 | audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class); | ||
21 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); | 35 | audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); |
22 | audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); | 36 | audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); |
23 | #endif | 37 | #endif |
38 | audit_register_class(AUDIT_CLASS_WRITE, write_class); | ||
39 | audit_register_class(AUDIT_CLASS_READ, read_class); | ||
24 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); | 40 | audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); |
25 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); | 41 | audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); |
26 | return 0; | 42 | return 0; |
diff --git a/include/asm-generic/audit_read.h b/include/asm-generic/audit_read.h new file mode 100644 index 000000000000..0e87464d9847 --- /dev/null +++ b/include/asm-generic/audit_read.h | |||
@@ -0,0 +1,8 @@ | |||
1 | __NR_readlink, | ||
2 | __NR_quotactl, | ||
3 | __NR_listxattr, | ||
4 | __NR_llistxattr, | ||
5 | __NR_flistxattr, | ||
6 | __NR_getxattr, | ||
7 | __NR_lgetxattr, | ||
8 | __NR_fgetxattr, | ||
diff --git a/include/asm-generic/audit_write.h b/include/asm-generic/audit_write.h new file mode 100644 index 000000000000..f10d367fb2a5 --- /dev/null +++ b/include/asm-generic/audit_write.h | |||
@@ -0,0 +1,11 @@ | |||
1 | #include <asm-generic/audit_dir_write.h> | ||
2 | __NR_acct, | ||
3 | __NR_swapon, | ||
4 | __NR_quotactl, | ||
5 | __NR_truncate, | ||
6 | #ifdef __NR_truncate64 | ||
7 | __NR_truncate64, | ||
8 | #endif | ||
9 | #ifdef __NR_bind | ||
10 | __NR_bind, /* bind can affect fs object only in one way... */ | ||
11 | #endif | ||
diff --git a/include/linux/audit.h b/include/linux/audit.h index 64f9f9e56ac5..1077362a2efb 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -132,6 +132,10 @@ | |||
132 | #define AUDIT_CLASS_DIR_WRITE_32 1 | 132 | #define AUDIT_CLASS_DIR_WRITE_32 1 |
133 | #define AUDIT_CLASS_CHATTR 2 | 133 | #define AUDIT_CLASS_CHATTR 2 |
134 | #define AUDIT_CLASS_CHATTR_32 3 | 134 | #define AUDIT_CLASS_CHATTR_32 3 |
135 | #define AUDIT_CLASS_READ 4 | ||
136 | #define AUDIT_CLASS_READ_32 5 | ||
137 | #define AUDIT_CLASS_WRITE 6 | ||
138 | #define AUDIT_CLASS_WRITE_32 7 | ||
135 | 139 | ||
136 | /* This bitmask is used to validate user input. It represents all bits that | 140 | /* This bitmask is used to validate user input. It represents all bits that |
137 | * are currently used in an audit field constant understood by the kernel. | 141 | * are currently used in an audit field constant understood by the kernel. |