aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/audit.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/audit.h')
-rw-r--r--include/linux/audit.h32
1 files changed, 30 insertions, 2 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 6272a395d43c..26c4f6f65a46 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -99,6 +99,8 @@
99#define AUDIT_OBJ_PID 1318 /* ptrace target */ 99#define AUDIT_OBJ_PID 1318 /* ptrace target */
100#define AUDIT_TTY 1319 /* Input on an administrative TTY */ 100#define AUDIT_TTY 1319 /* Input on an administrative TTY */
101#define AUDIT_EOE 1320 /* End of multi-record event */ 101#define AUDIT_EOE 1320 /* End of multi-record event */
102#define AUDIT_BPRM_FCAPS 1321 /* Information about fcaps increasing perms */
103#define AUDIT_CAPSET 1322 /* Record showing argument to sys_capset */
102 104
103#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */ 105#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
104#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */ 106#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
@@ -391,6 +393,7 @@ extern int audit_classify_arch(int arch);
391#ifdef CONFIG_AUDITSYSCALL 393#ifdef CONFIG_AUDITSYSCALL
392/* These are defined in auditsc.c */ 394/* These are defined in auditsc.c */
393 /* Public API */ 395 /* Public API */
396extern void audit_finish_fork(struct task_struct *child);
394extern int audit_alloc(struct task_struct *task); 397extern int audit_alloc(struct task_struct *task);
395extern void audit_free(struct task_struct *task); 398extern void audit_free(struct task_struct *task);
396extern void audit_syscall_entry(int arch, 399extern void audit_syscall_entry(int arch,
@@ -434,7 +437,7 @@ static inline void audit_ptrace(struct task_struct *t)
434 437
435 /* Private API (for audit.c only) */ 438 /* Private API (for audit.c only) */
436extern unsigned int audit_serial(void); 439extern unsigned int audit_serial(void);
437extern void auditsc_get_stamp(struct audit_context *ctx, 440extern int auditsc_get_stamp(struct audit_context *ctx,
438 struct timespec *t, unsigned int *serial); 441 struct timespec *t, unsigned int *serial);
439extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); 442extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
440#define audit_get_loginuid(t) ((t)->loginuid) 443#define audit_get_loginuid(t) ((t)->loginuid)
@@ -452,6 +455,10 @@ extern int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_pr
452extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout); 455extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout);
453extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification); 456extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification);
454extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat); 457extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
458extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
459 const struct cred *new,
460 const struct cred *old);
461extern int __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
455 462
456static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp) 463static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp)
457{ 464{
@@ -501,9 +508,28 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
501 return __audit_mq_getsetattr(mqdes, mqstat); 508 return __audit_mq_getsetattr(mqdes, mqstat);
502 return 0; 509 return 0;
503} 510}
511
512static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
513 const struct cred *new,
514 const struct cred *old)
515{
516 if (unlikely(!audit_dummy_context()))
517 return __audit_log_bprm_fcaps(bprm, new, old);
518 return 0;
519}
520
521static inline int audit_log_capset(pid_t pid, const struct cred *new,
522 const struct cred *old)
523{
524 if (unlikely(!audit_dummy_context()))
525 return __audit_log_capset(pid, new, old);
526 return 0;
527}
528
504extern int audit_n_rules; 529extern int audit_n_rules;
505extern int audit_signals; 530extern int audit_signals;
506#else 531#else
532#define audit_finish_fork(t)
507#define audit_alloc(t) ({ 0; }) 533#define audit_alloc(t) ({ 0; })
508#define audit_free(t) do { ; } while (0) 534#define audit_free(t) do { ; } while (0)
509#define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0) 535#define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0)
@@ -516,7 +542,7 @@ extern int audit_signals;
516#define audit_inode(n,d) do { ; } while (0) 542#define audit_inode(n,d) do { ; } while (0)
517#define audit_inode_child(d,i,p) do { ; } while (0) 543#define audit_inode_child(d,i,p) do { ; } while (0)
518#define audit_core_dumps(i) do { ; } while (0) 544#define audit_core_dumps(i) do { ; } while (0)
519#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) 545#define auditsc_get_stamp(c,t,s) (0)
520#define audit_get_loginuid(t) (-1) 546#define audit_get_loginuid(t) (-1)
521#define audit_get_sessionid(t) (-1) 547#define audit_get_sessionid(t) (-1)
522#define audit_log_task_context(b) do { ; } while (0) 548#define audit_log_task_context(b) do { ; } while (0)
@@ -532,6 +558,8 @@ extern int audit_signals;
532#define audit_mq_timedreceive(d,l,p,t) ({ 0; }) 558#define audit_mq_timedreceive(d,l,p,t) ({ 0; })
533#define audit_mq_notify(d,n) ({ 0; }) 559#define audit_mq_notify(d,n) ({ 0; })
534#define audit_mq_getsetattr(d,s) ({ 0; }) 560#define audit_mq_getsetattr(d,s) ({ 0; })
561#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
562#define audit_log_capset(pid, ncr, ocr) ({ 0; })
535#define audit_ptrace(t) ((void)0) 563#define audit_ptrace(t) ((void)0)
536#define audit_n_rules 0 564#define audit_n_rules 0
537#define audit_signals 0 565#define audit_signals 0
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-30 13:01:27 -0500