diff options
Diffstat (limited to 'drivers/char/tty_audit.c')
-rw-r--r-- | drivers/char/tty_audit.c | 76 |
1 files changed, 61 insertions, 15 deletions
diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c index 5787249934c8..34ab6d798f81 100644 --- a/drivers/char/tty_audit.c +++ b/drivers/char/tty_audit.c | |||
@@ -67,6 +67,29 @@ static void tty_audit_buf_put(struct tty_audit_buf *buf) | |||
67 | tty_audit_buf_free(buf); | 67 | tty_audit_buf_free(buf); |
68 | } | 68 | } |
69 | 69 | ||
70 | static void tty_audit_log(const char *description, struct task_struct *tsk, | ||
71 | uid_t loginuid, unsigned sessionid, int major, | ||
72 | int minor, unsigned char *data, size_t size) | ||
73 | { | ||
74 | struct audit_buffer *ab; | ||
75 | |||
76 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY); | ||
77 | if (ab) { | ||
78 | char name[sizeof(tsk->comm)]; | ||
79 | uid_t uid = task_uid(tsk); | ||
80 | |||
81 | audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u " | ||
82 | "major=%d minor=%d comm=", description, | ||
83 | tsk->pid, uid, loginuid, sessionid, | ||
84 | major, minor); | ||
85 | get_task_comm(name, tsk); | ||
86 | audit_log_untrustedstring(ab, name); | ||
87 | audit_log_format(ab, " data="); | ||
88 | audit_log_n_hex(ab, data, size); | ||
89 | audit_log_end(ab); | ||
90 | } | ||
91 | } | ||
92 | |||
70 | /** | 93 | /** |
71 | * tty_audit_buf_push - Push buffered data out | 94 | * tty_audit_buf_push - Push buffered data out |
72 | * | 95 | * |
@@ -77,25 +100,12 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid, | |||
77 | unsigned int sessionid, | 100 | unsigned int sessionid, |
78 | struct tty_audit_buf *buf) | 101 | struct tty_audit_buf *buf) |
79 | { | 102 | { |
80 | struct audit_buffer *ab; | ||
81 | |||
82 | if (buf->valid == 0) | 103 | if (buf->valid == 0) |
83 | return; | 104 | return; |
84 | if (audit_enabled == 0) | 105 | if (audit_enabled == 0) |
85 | return; | 106 | return; |
86 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY); | 107 | tty_audit_log("tty", tsk, loginuid, sessionid, buf->major, buf->minor, |
87 | if (ab) { | 108 | buf->data, buf->valid); |
88 | char name[sizeof(tsk->comm)]; | ||
89 | |||
90 | audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u " | ||
91 | "major=%d minor=%d comm=", tsk->pid, tsk->uid, | ||
92 | loginuid, sessionid, buf->major, buf->minor); | ||
93 | get_task_comm(name, tsk); | ||
94 | audit_log_untrustedstring(ab, name); | ||
95 | audit_log_format(ab, " data="); | ||
96 | audit_log_n_hex(ab, buf->data, buf->valid); | ||
97 | audit_log_end(ab); | ||
98 | } | ||
99 | buf->valid = 0; | 109 | buf->valid = 0; |
100 | } | 110 | } |
101 | 111 | ||
@@ -150,6 +160,42 @@ void tty_audit_fork(struct signal_struct *sig) | |||
150 | } | 160 | } |
151 | 161 | ||
152 | /** | 162 | /** |
163 | * tty_audit_tiocsti - Log TIOCSTI | ||
164 | */ | ||
165 | void tty_audit_tiocsti(struct tty_struct *tty, char ch) | ||
166 | { | ||
167 | struct tty_audit_buf *buf; | ||
168 | int major, minor, should_audit; | ||
169 | |||
170 | spin_lock_irq(¤t->sighand->siglock); | ||
171 | should_audit = current->signal->audit_tty; | ||
172 | buf = current->signal->tty_audit_buf; | ||
173 | if (buf) | ||
174 | atomic_inc(&buf->count); | ||
175 | spin_unlock_irq(¤t->sighand->siglock); | ||
176 | |||
177 | major = tty->driver->major; | ||
178 | minor = tty->driver->minor_start + tty->index; | ||
179 | if (buf) { | ||
180 | mutex_lock(&buf->mutex); | ||
181 | if (buf->major == major && buf->minor == minor) | ||
182 | tty_audit_buf_push_current(buf); | ||
183 | mutex_unlock(&buf->mutex); | ||
184 | tty_audit_buf_put(buf); | ||
185 | } | ||
186 | |||
187 | if (should_audit && audit_enabled) { | ||
188 | uid_t auid; | ||
189 | unsigned int sessionid; | ||
190 | |||
191 | auid = audit_get_loginuid(current); | ||
192 | sessionid = audit_get_sessionid(current); | ||
193 | tty_audit_log("ioctl=TIOCSTI", current, auid, sessionid, major, | ||
194 | minor, &ch, 1); | ||
195 | } | ||
196 | } | ||
197 | |||
198 | /** | ||
153 | * tty_audit_push_task - Flush task's pending audit data | 199 | * tty_audit_push_task - Flush task's pending audit data |
154 | */ | 200 | */ |
155 | void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) | 201 | void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) |