Blame view
include/linux/lsm_audit.h
3.18 KB
6e837fb15 smack: implement ... |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
/* * Common LSM logging functions * Heavily borrowed from selinux/avc.h * * Author : Etienne BASSET <etienne.basset@ensta.org> * * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil> * All BUGS to : Etienne BASSET <etienne.basset@ensta.org> */ #ifndef _LSM_COMMON_LOGGING_ #define _LSM_COMMON_LOGGING_ #include <linux/stddef.h> #include <linux/errno.h> #include <linux/kernel.h> #include <linux/kdev_t.h> #include <linux/spinlock.h> #include <linux/init.h> #include <linux/audit.h> #include <linux/in6.h> #include <linux/path.h> #include <linux/key.h> #include <linux/skbuff.h> #include <asm/system.h> /* Auxiliary data to use in generating the audit record. */ struct common_audit_data { |
dd8dbf2e6 security: report ... |
29 |
char type; |
f48b73998 LSM: split LSM_AU... |
30 |
#define LSM_AUDIT_DATA_PATH 1 |
dd8dbf2e6 security: report ... |
31 32 33 34 35 |
#define LSM_AUDIT_DATA_NET 2 #define LSM_AUDIT_DATA_CAP 3 #define LSM_AUDIT_DATA_IPC 4 #define LSM_AUDIT_DATA_TASK 5 #define LSM_AUDIT_DATA_KEY 6 |
cb84aa9b4 LSM Audit: rename... |
36 |
#define LSM_AUDIT_DATA_NONE 7 |
dd8dbf2e6 security: report ... |
37 |
#define LSM_AUDIT_DATA_KMOD 8 |
f48b73998 LSM: split LSM_AU... |
38 |
#define LSM_AUDIT_DATA_INODE 9 |
a269434d2 LSM: separate LSM... |
39 |
#define LSM_AUDIT_DATA_DENTRY 10 |
6e837fb15 smack: implement ... |
40 41 |
struct task_struct *tsk; union { |
f48b73998 LSM: split LSM_AU... |
42 |
struct path path; |
a269434d2 LSM: separate LSM... |
43 |
struct dentry *dentry; |
f48b73998 LSM: split LSM_AU... |
44 |
struct inode *inode; |
6e837fb15 smack: implement ... |
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
struct { int netif; struct sock *sk; u16 family; __be16 dport; __be16 sport; union { struct { __be32 daddr; __be32 saddr; } v4; struct { struct in6_addr daddr; struct in6_addr saddr; } v6; } fam; } net; int cap; int ipc_id; struct task_struct *tsk; #ifdef CONFIG_KEYS struct { key_serial_t key; char *key_desc; } key_struct; #endif |
dd8dbf2e6 security: report ... |
71 |
char *kmod_name; |
6e837fb15 smack: implement ... |
72 |
} u; |
6e837fb15 smack: implement ... |
73 74 |
/* this union contains LSM specific data */ union { |
65c3f0a2d security: Wrap SM... |
75 |
#ifdef CONFIG_SECURITY_SMACK |
6e837fb15 smack: implement ... |
76 77 |
/* SMACK data */ struct smack_audit_data { |
ed5215a21 Move variable fun... |
78 |
const char *function; |
6e837fb15 smack: implement ... |
79 80 81 82 83 |
char *subject; char *object; char *request; int result; } smack_audit_data; |
65c3f0a2d security: Wrap SM... |
84 85 |
#endif #ifdef CONFIG_SECURITY_SELINUX |
6e837fb15 smack: implement ... |
86 87 88 89 90 91 92 |
/* SELinux data */ struct { u32 ssid; u32 tsid; u16 tclass; u32 requested; u32 audited; |
2bf496903 SELinux: Convert ... |
93 |
u32 denied; |
b782e0a68 SELinux: special ... |
94 95 96 97 98 |
/* * auditdeny is a bit tricky and unintuitive. See the * comments in avc.c for it's meaning and usage. */ u32 auditdeny; |
6e837fb15 smack: implement ... |
99 100 101 |
struct av_decision *avd; int result; } selinux_audit_data; |
65c3f0a2d security: Wrap SM... |
102 |
#endif |
67012e820 AppArmor: basic a... |
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 |
#ifdef CONFIG_SECURITY_APPARMOR struct { int error; int op; int type; void *profile; const char *name; const char *info; union { void *target; struct { long pos; void *target; } iface; struct { int rlim; unsigned long max; } rlim; struct { const char *target; u32 request; u32 denied; uid_t ouid; } fs; }; } apparmor_audit_data; #endif |
d4131ded4 security: Make ls... |
130 |
}; |
6e837fb15 smack: implement ... |
131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 |
/* these callback will be implemented by a specific LSM */ void (*lsm_pre_audit)(struct audit_buffer *, void *); void (*lsm_post_audit)(struct audit_buffer *, void *); }; #define v4info fam.v4 #define v6info fam.v6 int ipv4_skb_to_auditdata(struct sk_buff *skb, struct common_audit_data *ad, u8 *proto); int ipv6_skb_to_auditdata(struct sk_buff *skb, struct common_audit_data *ad, u8 *proto); /* Initialize an LSM audit data structure. */ #define COMMON_AUDIT_DATA_INIT(_d, _t) \ { memset((_d), 0, sizeof(struct common_audit_data)); \ |
ed5215a21 Move variable fun... |
148 |
(_d)->type = LSM_AUDIT_DATA_##_t; } |
6e837fb15 smack: implement ... |
149 150 151 152 |
void common_lsm_audit(struct common_audit_data *a); #endif |