aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/audit.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/audit.h')
-rw-r--r--include/linux/audit.h69
1 files changed, 50 insertions, 19 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 2c83e5f7edb1..e5884f950b4b 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -452,6 +452,16 @@ struct audit_field {
452extern int __init audit_register_class(int class, unsigned *list); 452extern int __init audit_register_class(int class, unsigned *list);
453extern int audit_classify_syscall(int abi, unsigned syscall); 453extern int audit_classify_syscall(int abi, unsigned syscall);
454extern int audit_classify_arch(int arch); 454extern int audit_classify_arch(int arch);
455
456/* audit_names->type values */
457#define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */
458#define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */
459#define AUDIT_TYPE_PARENT 2 /* a parent audit record */
460#define AUDIT_TYPE_CHILD_DELETE 3 /* a child being deleted */
461#define AUDIT_TYPE_CHILD_CREATE 4 /* a child being created */
462
463struct filename;
464
455#ifdef CONFIG_AUDITSYSCALL 465#ifdef CONFIG_AUDITSYSCALL
456/* These are defined in auditsc.c */ 466/* These are defined in auditsc.c */
457 /* Public API */ 467 /* Public API */
@@ -461,11 +471,14 @@ extern void __audit_syscall_entry(int arch,
461 int major, unsigned long a0, unsigned long a1, 471 int major, unsigned long a0, unsigned long a1,
462 unsigned long a2, unsigned long a3); 472 unsigned long a2, unsigned long a3);
463extern void __audit_syscall_exit(int ret_success, long ret_value); 473extern void __audit_syscall_exit(int ret_success, long ret_value);
464extern void __audit_getname(const char *name); 474extern struct filename *__audit_reusename(const __user char *uptr);
465extern void audit_putname(const char *name); 475extern void __audit_getname(struct filename *name);
466extern void __audit_inode(const char *name, const struct dentry *dentry); 476extern void audit_putname(struct filename *name);
467extern void __audit_inode_child(const struct dentry *dentry, 477extern void __audit_inode(struct filename *name, const struct dentry *dentry,
468 const struct inode *parent); 478 unsigned int parent);
479extern void __audit_inode_child(const struct inode *parent,
480 const struct dentry *dentry,
481 const unsigned char type);
469extern void __audit_seccomp(unsigned long syscall, long signr, int code); 482extern void __audit_seccomp(unsigned long syscall, long signr, int code);
470extern void __audit_ptrace(struct task_struct *t); 483extern void __audit_ptrace(struct task_struct *t);
471 484
@@ -495,19 +508,27 @@ static inline void audit_syscall_exit(void *pt_regs)
495 __audit_syscall_exit(success, return_code); 508 __audit_syscall_exit(success, return_code);
496 } 509 }
497} 510}
498static inline void audit_getname(const char *name) 511static inline struct filename *audit_reusename(const __user char *name)
512{
513 if (unlikely(!audit_dummy_context()))
514 return __audit_reusename(name);
515 return NULL;
516}
517static inline void audit_getname(struct filename *name)
499{ 518{
500 if (unlikely(!audit_dummy_context())) 519 if (unlikely(!audit_dummy_context()))
501 __audit_getname(name); 520 __audit_getname(name);
502} 521}
503static inline void audit_inode(const char *name, const struct dentry *dentry) { 522static inline void audit_inode(struct filename *name, const struct dentry *dentry,
523 unsigned int parent) {
504 if (unlikely(!audit_dummy_context())) 524 if (unlikely(!audit_dummy_context()))
505 __audit_inode(name, dentry); 525 __audit_inode(name, dentry, parent);
506} 526}
507static inline void audit_inode_child(const struct dentry *dentry, 527static inline void audit_inode_child(const struct inode *parent,
508 const struct inode *parent) { 528 const struct dentry *dentry,
529 const unsigned char type) {
509 if (unlikely(!audit_dummy_context())) 530 if (unlikely(!audit_dummy_context()))
510 __audit_inode_child(dentry, parent); 531 __audit_inode_child(parent, dentry, type);
511} 532}
512void audit_core_dumps(long signr); 533void audit_core_dumps(long signr);
513 534
@@ -651,19 +672,29 @@ static inline int audit_dummy_context(void)
651{ 672{
652 return 1; 673 return 1;
653} 674}
654static inline void audit_getname(const char *name) 675static inline struct filename *audit_reusename(const __user char *name)
676{
677 return NULL;
678}
679static inline void audit_getname(struct filename *name)
655{ } 680{ }
656static inline void audit_putname(const char *name) 681static inline void audit_putname(struct filename *name)
657{ } 682{ }
658static inline void __audit_inode(const char *name, const struct dentry *dentry) 683static inline void __audit_inode(struct filename *name,
684 const struct dentry *dentry,
685 unsigned int parent)
659{ } 686{ }
660static inline void __audit_inode_child(const struct dentry *dentry, 687static inline void __audit_inode_child(const struct inode *parent,
661 const struct inode *parent) 688 const struct dentry *dentry,
689 const unsigned char type)
662{ } 690{ }
663static inline void audit_inode(const char *name, const struct dentry *dentry) 691static inline void audit_inode(struct filename *name,
692 const struct dentry *dentry,
693 unsigned int parent)
664{ } 694{ }
665static inline void audit_inode_child(const struct dentry *dentry, 695static inline void audit_inode_child(const struct inode *parent,
666 const struct inode *parent) 696 const struct dentry *dentry,
697 const unsigned char type)
667{ } 698{ }
668static inline void audit_core_dumps(long signr) 699static inline void audit_core_dumps(long signr)
669{ } 700{ }
generated by cgit v1.2.2 (git 2.25.0) at 2025-12-16 16:58:35 -0500