aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/char/tty_audit.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/char/tty_audit.c')
-rw-r--r--drivers/char/tty_audit.c76
1 files changed, 61 insertions, 15 deletions
diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c
index 5787249934c8..34ab6d798f81 100644
--- a/drivers/char/tty_audit.c
+++ b/drivers/char/tty_audit.c
@@ -67,6 +67,29 @@ static void tty_audit_buf_put(struct tty_audit_buf *buf)
67 tty_audit_buf_free(buf); 67 tty_audit_buf_free(buf);
68} 68}
69 69
70static void tty_audit_log(const char *description, struct task_struct *tsk,
71 uid_t loginuid, unsigned sessionid, int major,
72 int minor, unsigned char *data, size_t size)
73{
74 struct audit_buffer *ab;
75
76 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY);
77 if (ab) {
78 char name[sizeof(tsk->comm)];
79 uid_t uid = task_uid(tsk);
80
81 audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u "
82 "major=%d minor=%d comm=", description,
83 tsk->pid, uid, loginuid, sessionid,
84 major, minor);
85 get_task_comm(name, tsk);
86 audit_log_untrustedstring(ab, name);
87 audit_log_format(ab, " data=");
88 audit_log_n_hex(ab, data, size);
89 audit_log_end(ab);
90 }
91}
92
70/** 93/**
71 * tty_audit_buf_push - Push buffered data out 94 * tty_audit_buf_push - Push buffered data out
72 * 95 *
@@ -77,25 +100,12 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
77 unsigned int sessionid, 100 unsigned int sessionid,
78 struct tty_audit_buf *buf) 101 struct tty_audit_buf *buf)
79{ 102{
80 struct audit_buffer *ab;
81
82 if (buf->valid == 0) 103 if (buf->valid == 0)
83 return; 104 return;
84 if (audit_enabled == 0) 105 if (audit_enabled == 0)
85 return; 106 return;
86 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY); 107 tty_audit_log("tty", tsk, loginuid, sessionid, buf->major, buf->minor,
87 if (ab) { 108 buf->data, buf->valid);
88 char name[sizeof(tsk->comm)];
89
90 audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u "
91 "major=%d minor=%d comm=", tsk->pid, tsk->uid,
92 loginuid, sessionid, buf->major, buf->minor);
93 get_task_comm(name, tsk);
94 audit_log_untrustedstring(ab, name);
95 audit_log_format(ab, " data=");
96 audit_log_n_hex(ab, buf->data, buf->valid);
97 audit_log_end(ab);
98 }
99 buf->valid = 0; 109 buf->valid = 0;
100} 110}
101 111
@@ -150,6 +160,42 @@ void tty_audit_fork(struct signal_struct *sig)
150} 160}
151 161
152/** 162/**
163 * tty_audit_tiocsti - Log TIOCSTI
164 */
165void tty_audit_tiocsti(struct tty_struct *tty, char ch)
166{
167 struct tty_audit_buf *buf;
168 int major, minor, should_audit;
169
170 spin_lock_irq(&current->sighand->siglock);
171 should_audit = current->signal->audit_tty;
172 buf = current->signal->tty_audit_buf;
173 if (buf)
174 atomic_inc(&buf->count);
175 spin_unlock_irq(&current->sighand->siglock);
176
177 major = tty->driver->major;
178 minor = tty->driver->minor_start + tty->index;
179 if (buf) {
180 mutex_lock(&buf->mutex);
181 if (buf->major == major && buf->minor == minor)
182 tty_audit_buf_push_current(buf);
183 mutex_unlock(&buf->mutex);
184 tty_audit_buf_put(buf);
185 }
186
187 if (should_audit && audit_enabled) {
188 uid_t auid;
189 unsigned int sessionid;
190
191 auid = audit_get_loginuid(current);
192 sessionid = audit_get_sessionid(current);
193 tty_audit_log("ioctl=TIOCSTI", current, auid, sessionid, major,
194 minor, &ch, 1);
195 }
196}
197
198/**
153 * tty_audit_push_task - Flush task's pending audit data 199 * tty_audit_push_task - Flush task's pending audit data
154 */ 200 */
155void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) 201void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)