aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/linux/audit.h26
1 files changed, 26 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 6272a395d43c..8cfb9feb2a05 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -99,6 +99,7 @@
99#define AUDIT_OBJ_PID 1318 /* ptrace target */ 99#define AUDIT_OBJ_PID 1318 /* ptrace target */
100#define AUDIT_TTY 1319 /* Input on an administrative TTY */ 100#define AUDIT_TTY 1319 /* Input on an administrative TTY */
101#define AUDIT_EOE 1320 /* End of multi-record event */ 101#define AUDIT_EOE 1320 /* End of multi-record event */
102#define AUDIT_BPRM_FCAPS 1321 /* Information about fcaps increasing perms */
102 103
103#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */ 104#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
104#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */ 105#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
@@ -452,6 +453,7 @@ extern int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_pr
452extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout); 453extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout);
453extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification); 454extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification);
454extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat); 455extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
456extern void __audit_log_bprm_fcaps(struct linux_binprm *bprm, kernel_cap_t *pP, kernel_cap_t *pE);
455 457
456static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp) 458static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp)
457{ 459{
@@ -501,6 +503,29 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
501 return __audit_mq_getsetattr(mqdes, mqstat); 503 return __audit_mq_getsetattr(mqdes, mqstat);
502 return 0; 504 return 0;
503} 505}
506
507/*
508 * ieieeeeee, an audit function without a return code!
509 *
510 * This function might fail! I decided that it didn't matter. We are too late
511 * to fail the syscall and the information isn't REQUIRED for any purpose. It's
512 * just nice to have. We should be able to look at past audit logs to figure
513 * out this process's current cap set along with the fcaps from the PATH record
514 * and use that to come up with the final set. Yeah, its ugly, but all the info
515 * is still in the audit log. So I'm not going to bother mentioning we failed
516 * if we couldn't allocate memory.
517 *
518 * If someone changes their mind they could create the aux record earlier and
519 * then search here and use that earlier allocation. But I don't wanna.
520 *
521 * -Eric
522 */
523static inline void audit_log_bprm_fcaps(struct linux_binprm *bprm, kernel_cap_t *pP, kernel_cap_t *pE)
524{
525 if (unlikely(!audit_dummy_context()))
526 __audit_log_bprm_fcaps(bprm, pP, pE);
527}
528
504extern int audit_n_rules; 529extern int audit_n_rules;
505extern int audit_signals; 530extern int audit_signals;
506#else 531#else
@@ -532,6 +557,7 @@ extern int audit_signals;
532#define audit_mq_timedreceive(d,l,p,t) ({ 0; }) 557#define audit_mq_timedreceive(d,l,p,t) ({ 0; })
533#define audit_mq_notify(d,n) ({ 0; }) 558#define audit_mq_notify(d,n) ({ 0; })
534#define audit_mq_getsetattr(d,s) ({ 0; }) 559#define audit_mq_getsetattr(d,s) ({ 0; })
560#define audit_log_bprm_fcaps(b, p, e) do { ; } while (0)
535#define audit_ptrace(t) ((void)0) 561#define audit_ptrace(t) ((void)0)
536#define audit_n_rules 0 562#define audit_n_rules 0
537#define audit_signals 0 563#define audit_signals 0