Audit: Final renamings and cleanup

Rename the se_str and se_rule audit fields elements to lsm_str and lsm_rule to avoid confusion. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>

Audit: Final renamings and cleanup
Rename the se_str and se_rule audit fields elements to lsm_str and lsm_rule to avoid confusion. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
Ahmed S. Darwish · James Morris
1 parent 9d57a7f9e2
Showing 4 changed files with 93 additions and 28 deletions Side-by-side Diff
include/linux/audit.h
kernel/auditfilter.c
kernel/auditsc.c
security/selinux/include/audit.h
@@ -377,8 +377,8 @@
 	u32				type;
 	u32				val;
 	u32				op;
-	char				*se_str;
-	void				*se_rule;
+	char				*lsm_str;
+	void				*lsm_rule;
 };
  
 #define AUDITSC_INVALID 0
@@ -139,8 +139,8 @@
 	if (e->rule.fields)
 		for (i = 0; i < e->rule.field_count; i++) {
 			struct audit_field *f = &e->rule.fields[i];
-			kfree(f->se_str);
-			security_audit_rule_free(f->se_rule);
+			kfree(f->lsm_str);
+			security_audit_rule_free(f->lsm_rule);
 		}
 	kfree(e->rule.fields);
 	kfree(e->rule.filterkey);
@@ -554,8 +554,8 @@
 		f->op = data->fieldflags[i] & AUDIT_OPERATORS;
 		f->type = data->fields[i];
 		f->val = data->values[i];
-		f->se_str = NULL;
-		f->se_rule = NULL;
+		f->lsm_str = NULL;
+		f->lsm_rule = NULL;
 		switch(f->type) {
 		case AUDIT_PID:
 		case AUDIT_UID:
@@ -598,7 +598,7 @@
 			entry->rule.buflen += f->val;
  
 			err = security_audit_rule_init(f->type, f->op, str,
-						       (void **)&f->se_rule);
+						       (void **)&f->lsm_rule);
 			/* Keep currently invalid fields around in case they
 			 * become valid after a policy reload. */
 			if (err == -EINVAL) {
@@ -610,7 +610,7 @@
 				kfree(str);
 				goto exit_free;
 			} else
-				f->se_str = str;
+				f->lsm_str = str;
 			break;
 		case AUDIT_WATCH:
 			str = audit_unpack_string(&bufp, &remain, f->val);
@@ -754,7 +754,7 @@
 		case AUDIT_OBJ_LEV_LOW:
 		case AUDIT_OBJ_LEV_HIGH:
 			data->buflen += data->values[i] =
-				audit_pack_string(&bufp, f->se_str);
+				audit_pack_string(&bufp, f->lsm_str);
 			break;
 		case AUDIT_WATCH:
 			data->buflen += data->values[i] =
@@ -806,7 +806,7 @@
 		case AUDIT_OBJ_TYPE:
 		case AUDIT_OBJ_LEV_LOW:
 		case AUDIT_OBJ_LEV_HIGH:
-			if (strcmp(a->fields[i].se_str, b->fields[i].se_str))
+			if (strcmp(a->fields[i].lsm_str, b->fields[i].lsm_str))
 				return 1;
 			break;
 		case AUDIT_WATCH:
  
  
  
  
  
@@ -862,28 +862,28 @@
 	return new;
 }
  
-/* Duplicate LSM field information.  The se_rule is opaque, so must be
+/* Duplicate LSM field information.  The lsm_rule is opaque, so must be
  * re-initialized. */
 static inline int audit_dupe_lsm_field(struct audit_field *df,
 					   struct audit_field *sf)
 {
 	int ret = 0;
-	char *se_str;
+	char *lsm_str;
  
-	/* our own copy of se_str */
-	se_str = kstrdup(sf->se_str, GFP_KERNEL);
-	if (unlikely(!se_str))
+	/* our own copy of lsm_str */
+	lsm_str = kstrdup(sf->lsm_str, GFP_KERNEL);
+	if (unlikely(!lsm_str))
 		return -ENOMEM;
-	df->se_str = se_str;
+	df->lsm_str = lsm_str;
  
-	/* our own (refreshed) copy of se_rule */
-	ret = security_audit_rule_init(df->type, df->op, df->se_str,
-				       (void **)&df->se_rule);
+	/* our own (refreshed) copy of lsm_rule */
+	ret = security_audit_rule_init(df->type, df->op, df->lsm_str,
+				       (void **)&df->lsm_rule);
 	/* Keep currently invalid fields around in case they
 	 * become valid after a policy reload. */
 	if (ret == -EINVAL) {
 		printk(KERN_WARNING "audit rule for LSM \'%s\' is "
-		       "invalid\n", df->se_str);
+		       "invalid\n", df->lsm_str);
 		ret = 0;
 	}
  
@@ -930,7 +930,7 @@
 	new->tree = old->tree;
 	memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount);
  
-	/* deep copy this information, updating the se_rule fields, because
+	/* deep copy this information, updating the lsm_rule fields, because
 	 * the originals will all be freed when the old rule is freed. */
 	for (i = 0; i < fcount; i++) {
 		switch (new->fields[i].type) {
@@ -1762,7 +1762,7 @@
 	return result;
 }
  
-/* This function will re-initialize the se_rule field of all applicable rules.
+/* This function will re-initialize the lsm_rule field of all applicable rules.
  * It will traverse the filter lists serarching for rules that contain LSM
  * specific filter fields.  When such a rule is found, it is copied, the
  * LSM field is re-initialized, and the old rule is replaced with the
@@ -527,14 +527,14 @@
 			   match for now to avoid losing information that
 			   may be wanted.   An error message will also be
 			   logged upon error */
-			if (f->se_rule) {
+			if (f->lsm_rule) {
 				if (need_sid) {
 					security_task_getsecid(tsk, &sid);
 					need_sid = 0;
 				}
 				result = security_audit_rule_match(sid, f->type,
 				                                  f->op,
-				                                  f->se_rule,
+				                                  f->lsm_rule,
 				                                  ctx);
 			}
 			break;
  
  
@@ -545,18 +545,18 @@
 		case AUDIT_OBJ_LEV_HIGH:
 			/* The above note for AUDIT_SUBJ_USER...AUDIT_SUBJ_CLR
 			   also applies here */
-			if (f->se_rule) {
+			if (f->lsm_rule) {
 				/* Find files that match */
 				if (name) {
 					result = security_audit_rule_match(
 					           name->osid, f->type, f->op,
-					           f->se_rule, ctx);
+					           f->lsm_rule, ctx);
 				} else if (ctx) {
 					for (j = 0; j < ctx->name_count; j++) {
 						if (security_audit_rule_match(
 						      ctx->names[j].osid,
 						      f->type, f->op,
-						      f->se_rule, ctx)) {
+						      f->lsm_rule, ctx)) {
 							++result;
 							break;
 						}
@@ -569,7 +569,7 @@
 					     aux = aux->next) {
 						if (aux->type == AUDIT_IPC) {
 							struct audit_aux_data_ipcctl *axi = (void *)aux;
-							if (security_audit_rule_match(axi->osid, f->type, f->op, f->se_rule, ctx)) {
+							if (security_audit_rule_match(axi->osid, f->type, f->op, f->lsm_rule, ctx)) {
 								++result;
 								break;
 							}
+/*
+ * SELinux support for the Audit LSM hooks
+ *
+ * Most of below header was moved from include/linux/selinux.h which 
+ * is released under below copyrights:
+ *
+ * Author: James Morris <jmorris@redhat.com>
+ *
+ * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
+ * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * as published by the Free Software Foundation.
+ */
+
+#ifndef _SELINUX_AUDIT_H
+#define _SELINUX_AUDIT_H
+
+/**
+ *	selinux_audit_rule_init - alloc/init an selinux audit rule structure.
+ *	@field: the field this rule refers to
+ *	@op: the operater the rule uses
+ *	@rulestr: the text "target" of the rule
+ *	@rule: pointer to the new rule structure returned via this
+ *
+ *	Returns 0 if successful, -errno if not.  On success, the rule structure
+ *	will be allocated internally.  The caller must free this structure with
+ *	selinux_audit_rule_free() after use.
+ */
+int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
+
+/**
+ *	selinux_audit_rule_free - free an selinux audit rule structure.
+ *	@rule: pointer to the audit rule to be freed
+ *
+ *	This will free all memory associated with the given rule.
+ *	If @rule is NULL, no operation is performed.
+ */
+void selinux_audit_rule_free(void *rule);
+
+/**
+ *	selinux_audit_rule_match - determine if a context ID matches a rule.
+ *	@sid: the context ID to check
+ *	@field: the field this rule refers to
+ *	@op: the operater the rule uses
+ *	@rule: pointer to the audit rule to check against
+ *	@actx: the audit context (can be NULL) associated with the check
+ *
+ *	Returns 1 if the context id matches the rule, 0 if it does not, and
+ *	-errno on failure.
+ */
+int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule,
+                             struct audit_context *actx);
+
+/**
+ *	selinux_audit_rule_known - check to see if rule contains selinux fields.
+ *	@rule: rule to be checked
+ *	Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
+ */
+int selinux_audit_rule_known(struct audit_krule *krule);
+
+#endif /* _SELINUX_AUDIT_H */
...	...	@@ -377,8 +377,8 @@
377	377	u32 type;
378	378	u32 val;
379	379	u32 op;
380		- char *se_str;
381		- void *se_rule;
	380	+ char *lsm_str;
	381	+ void *lsm_rule;
382	382	};
383	383
384	384	#define AUDITSC_INVALID 0
...	...	@@ -139,8 +139,8 @@
139	139	if (e->rule.fields)
140	140	for (i = 0; i < e->rule.field_count; i++) {
141	141	struct audit_field *f = &e->rule.fields[i];
142		- kfree(f->se_str);
143		- security_audit_rule_free(f->se_rule);
	142	+ kfree(f->lsm_str);
	143	+ security_audit_rule_free(f->lsm_rule);
144	144	}
145	145	kfree(e->rule.fields);
146	146	kfree(e->rule.filterkey);
...	...	@@ -554,8 +554,8 @@
554	554	f->op = data->fieldflags[i] & AUDIT_OPERATORS;
555	555	f->type = data->fields[i];
556	556	f->val = data->values[i];
557		- f->se_str = NULL;
558		- f->se_rule = NULL;
	557	+ f->lsm_str = NULL;
	558	+ f->lsm_rule = NULL;
559	559	switch(f->type) {
560	560	case AUDIT_PID:
561	561	case AUDIT_UID:
...	...	@@ -598,7 +598,7 @@
598	598	entry->rule.buflen += f->val;
599	599
600	600	err = security_audit_rule_init(f->type, f->op, str,
601		- (void **)&f->se_rule);
	601	+ (void **)&f->lsm_rule);
602	602	/* Keep currently invalid fields around in case they
603	603	* become valid after a policy reload. */
604	604	if (err == -EINVAL) {
...	...	@@ -610,7 +610,7 @@
610	610	kfree(str);
611	611	goto exit_free;
612	612	} else
613		- f->se_str = str;
	613	+ f->lsm_str = str;
614	614	break;
615	615	case AUDIT_WATCH:
616	616	str = audit_unpack_string(&bufp, &remain, f->val);
...	...	@@ -754,7 +754,7 @@
754	754	case AUDIT_OBJ_LEV_LOW:
755	755	case AUDIT_OBJ_LEV_HIGH:
756	756	data->buflen += data->values[i] =
757		- audit_pack_string(&bufp, f->se_str);
	757	+ audit_pack_string(&bufp, f->lsm_str);
758	758	break;
759	759	case AUDIT_WATCH:
760	760	data->buflen += data->values[i] =
...	...	@@ -806,7 +806,7 @@
806	806	case AUDIT_OBJ_TYPE:
807	807	case AUDIT_OBJ_LEV_LOW:
808	808	case AUDIT_OBJ_LEV_HIGH:
809		- if (strcmp(a->fields[i].se_str, b->fields[i].se_str))
	809	+ if (strcmp(a->fields[i].lsm_str, b->fields[i].lsm_str))
810	810	return 1;
811	811	break;
812	812	case AUDIT_WATCH:
813	813
814	814
815	815
816	816
817	817
...	...	@@ -862,28 +862,28 @@
862	862	return new;
863	863	}
864	864
865		-/* Duplicate LSM field information. The se_rule is opaque, so must be
	865	+/* Duplicate LSM field information. The lsm_rule is opaque, so must be
866	866	* re-initialized. */
867	867	static inline int audit_dupe_lsm_field(struct audit_field *df,
868	868	struct audit_field *sf)
869	869	{
870	870	int ret = 0;
871		- char *se_str;
	871	+ char *lsm_str;
872	872
873		- /* our own copy of se_str */
874		- se_str = kstrdup(sf->se_str, GFP_KERNEL);
875		- if (unlikely(!se_str))
	873	+ /* our own copy of lsm_str */
	874	+ lsm_str = kstrdup(sf->lsm_str, GFP_KERNEL);
	875	+ if (unlikely(!lsm_str))
876	876	return -ENOMEM;
877		- df->se_str = se_str;
	877	+ df->lsm_str = lsm_str;
878	878
879		- /* our own (refreshed) copy of se_rule */
880		- ret = security_audit_rule_init(df->type, df->op, df->se_str,
881		- (void **)&df->se_rule);
	879	+ /* our own (refreshed) copy of lsm_rule */
	880	+ ret = security_audit_rule_init(df->type, df->op, df->lsm_str,
	881	+ (void **)&df->lsm_rule);
882	882	/* Keep currently invalid fields around in case they
883	883	* become valid after a policy reload. */
884	884	if (ret == -EINVAL) {
885	885	printk(KERN_WARNING "audit rule for LSM \'%s\' is "
886		- "invalid\n", df->se_str);
	886	+ "invalid\n", df->lsm_str);
887	887	ret = 0;
888	888	}
889	889
...	...	@@ -930,7 +930,7 @@
930	930	new->tree = old->tree;
931	931	memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount);
932	932
933		- /* deep copy this information, updating the se_rule fields, because
	933	+ /* deep copy this information, updating the lsm_rule fields, because
934	934	* the originals will all be freed when the old rule is freed. */
935	935	for (i = 0; i < fcount; i++) {
936	936	switch (new->fields[i].type) {
...	...	@@ -1762,7 +1762,7 @@
1762	1762	return result;
1763	1763	}
1764	1764
1765		-/* This function will re-initialize the se_rule field of all applicable rules.
	1765	+/* This function will re-initialize the lsm_rule field of all applicable rules.
1766	1766	* It will traverse the filter lists serarching for rules that contain LSM
1767	1767	* specific filter fields. When such a rule is found, it is copied, the
1768	1768	* LSM field is re-initialized, and the old rule is replaced with the
...	...	@@ -527,14 +527,14 @@
527	527	match for now to avoid losing information that
528	528	may be wanted. An error message will also be
529	529	logged upon error */
530		- if (f->se_rule) {
	530	+ if (f->lsm_rule) {
531	531	if (need_sid) {
532	532	security_task_getsecid(tsk, &sid);
533	533	need_sid = 0;
534	534	}
535	535	result = security_audit_rule_match(sid, f->type,
536	536	f->op,
537		- f->se_rule,
	537	+ f->lsm_rule,
538	538	ctx);
539	539	}
540	540	break;
541	541
542	542
...	...	@@ -545,18 +545,18 @@
545	545	case AUDIT_OBJ_LEV_HIGH:
546	546	/* The above note for AUDIT_SUBJ_USER...AUDIT_SUBJ_CLR
547	547	also applies here */
548		- if (f->se_rule) {
	548	+ if (f->lsm_rule) {
549	549	/* Find files that match */
550	550	if (name) {
551	551	result = security_audit_rule_match(
552	552	name->osid, f->type, f->op,
553		- f->se_rule, ctx);
	553	+ f->lsm_rule, ctx);
554	554	} else if (ctx) {
555	555	for (j = 0; j < ctx->name_count; j++) {
556	556	if (security_audit_rule_match(
557	557	ctx->names[j].osid,
558	558	f->type, f->op,
559		- f->se_rule, ctx)) {
	559	+ f->lsm_rule, ctx)) {
560	560	++result;
561	561	break;
562	562	}
...	...	@@ -569,7 +569,7 @@
569	569	aux = aux->next) {
570	570	if (aux->type == AUDIT_IPC) {
571	571	struct audit_aux_data_ipcctl axi = (void )aux;
572		- if (security_audit_rule_match(axi->osid, f->type, f->op, f->se_rule, ctx)) {
	572	+ if (security_audit_rule_match(axi->osid, f->type, f->op, f->lsm_rule, ctx)) {
573	573	++result;
574	574	break;
575	575	}
	1	+/*
	2	+ * SELinux support for the Audit LSM hooks
	3	+ *
	4	+ * Most of below header was moved from include/linux/selinux.h which
	5	+ * is released under below copyrights:
	6	+ *
	7	+ * Author: James Morris <jmorris@redhat.com>
	8	+ *
	9	+ * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
	10	+ * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
	11	+ * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
	12	+ *
	13	+ * This program is free software; you can redistribute it and/or modify
	14	+ * it under the terms of the GNU General Public License version 2,
	15	+ * as published by the Free Software Foundation.
	16	+ */
	17	+
	18	+#ifndef _SELINUX_AUDIT_H
	19	+#define _SELINUX_AUDIT_H
	20	+
	21	+/**
	22	+ * selinux_audit_rule_init - alloc/init an selinux audit rule structure.
	23	+ * @field: the field this rule refers to
	24	+ * @op: the operater the rule uses
	25	+ * @rulestr: the text "target" of the rule
	26	+ * @rule: pointer to the new rule structure returned via this
	27	+ *
	28	+ * Returns 0 if successful, -errno if not. On success, the rule structure
	29	+ * will be allocated internally. The caller must free this structure with
	30	+ * selinux_audit_rule_free() after use.
	31	+ */
	32	+int selinux_audit_rule_init(u32 field, u32 op, char rulestr, void *rule);
	33	+
	34	+/**
	35	+ * selinux_audit_rule_free - free an selinux audit rule structure.
	36	+ * @rule: pointer to the audit rule to be freed
	37	+ *
	38	+ * This will free all memory associated with the given rule.
	39	+ * If @rule is NULL, no operation is performed.
	40	+ */
	41	+void selinux_audit_rule_free(void *rule);
	42	+
	43	+/**
	44	+ * selinux_audit_rule_match - determine if a context ID matches a rule.
	45	+ * @sid: the context ID to check
	46	+ * @field: the field this rule refers to
	47	+ * @op: the operater the rule uses
	48	+ * @rule: pointer to the audit rule to check against
	49	+ * @actx: the audit context (can be NULL) associated with the check
	50	+ *
	51	+ * Returns 1 if the context id matches the rule, 0 if it does not, and
	52	+ * -errno on failure.
	53	+ */
	54	+int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule,
	55	+ struct audit_context *actx);
	56	+
	57	+/**
	58	+ * selinux_audit_rule_known - check to see if rule contains selinux fields.
	59	+ * @rule: rule to be checked
	60	+ * Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
	61	+ */
	62	+int selinux_audit_rule_known(struct audit_krule *krule);
	63	+
	64	+#endif /* _SELINUX_AUDIT_H */