Blame view
include/linux/lsm_audit.h
2.38 KB
6e837fb15
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
/* * Common LSM logging functions * Heavily borrowed from selinux/avc.h * * Author : Etienne BASSET <etienne.basset@ensta.org> * * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil> * All BUGS to : Etienne BASSET <etienne.basset@ensta.org> */ #ifndef _LSM_COMMON_LOGGING_ #define _LSM_COMMON_LOGGING_ #include <linux/stddef.h> #include <linux/errno.h> #include <linux/kernel.h> #include <linux/kdev_t.h> #include <linux/spinlock.h> #include <linux/init.h> #include <linux/audit.h> #include <linux/in6.h> #include <linux/path.h> #include <linux/key.h> #include <linux/skbuff.h> |
6e837fb15
|
24 |
|
48c62af68
|
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
struct lsm_network_audit { int netif; struct sock *sk; u16 family; __be16 dport; __be16 sport; union { struct { __be32 daddr; __be32 saddr; } v4; struct { struct in6_addr daddr; struct in6_addr saddr; } v6; } fam; }; |
6e837fb15
|
42 |
|
671a2781f
|
43 44 45 46 |
struct lsm_ioctlop_audit { struct path path; u16 cmd; }; |
6e837fb15
|
47 48 |
/* Auxiliary data to use in generating the audit record. */ struct common_audit_data { |
dd8dbf2e6
|
49 |
char type; |
f48b73998
|
50 |
#define LSM_AUDIT_DATA_PATH 1 |
dd8dbf2e6
|
51 52 53 54 55 |
#define LSM_AUDIT_DATA_NET 2 #define LSM_AUDIT_DATA_CAP 3 #define LSM_AUDIT_DATA_IPC 4 #define LSM_AUDIT_DATA_TASK 5 #define LSM_AUDIT_DATA_KEY 6 |
cb84aa9b4
|
56 |
#define LSM_AUDIT_DATA_NONE 7 |
dd8dbf2e6
|
57 |
#define LSM_AUDIT_DATA_KMOD 8 |
f48b73998
|
58 |
#define LSM_AUDIT_DATA_INODE 9 |
a269434d2
|
59 |
#define LSM_AUDIT_DATA_DENTRY 10 |
671a2781f
|
60 |
#define LSM_AUDIT_DATA_IOCTL_OP 11 |
43af5de74
|
61 |
#define LSM_AUDIT_DATA_FILE 12 |
6e837fb15
|
62 |
union { |
f48b73998
|
63 |
struct path path; |
a269434d2
|
64 |
struct dentry *dentry; |
f48b73998
|
65 |
struct inode *inode; |
48c62af68
|
66 |
struct lsm_network_audit *net; |
6e837fb15
|
67 68 69 70 71 72 73 74 75 |
int cap; int ipc_id; struct task_struct *tsk; #ifdef CONFIG_KEYS struct { key_serial_t key; char *key_desc; } key_struct; #endif |
dd8dbf2e6
|
76 |
char *kmod_name; |
671a2781f
|
77 |
struct lsm_ioctlop_audit *op; |
43af5de74
|
78 |
struct file *file; |
6e837fb15
|
79 |
} u; |
6e837fb15
|
80 81 |
/* this union contains LSM specific data */ union { |
65c3f0a2d
|
82 |
#ifdef CONFIG_SECURITY_SMACK |
3b3b0e4fc
|
83 |
struct smack_audit_data *smack_audit_data; |
65c3f0a2d
|
84 85 |
#endif #ifdef CONFIG_SECURITY_SELINUX |
3b3b0e4fc
|
86 |
struct selinux_audit_data *selinux_audit_data; |
65c3f0a2d
|
87 |
#endif |
67012e820
|
88 |
#ifdef CONFIG_SECURITY_APPARMOR |
3b3b0e4fc
|
89 |
struct apparmor_audit_data *apparmor_audit_data; |
67012e820
|
90 |
#endif |
3b3b0e4fc
|
91 |
}; /* per LSM data pointer union */ |
6e837fb15
|
92 93 94 95 96 97 98 99 100 101 |
}; #define v4info fam.v4 #define v6info fam.v6 int ipv4_skb_to_auditdata(struct sk_buff *skb, struct common_audit_data *ad, u8 *proto); int ipv6_skb_to_auditdata(struct sk_buff *skb, struct common_audit_data *ad, u8 *proto); |
b61c37f57
|
102 103 104 |
void common_lsm_audit(struct common_audit_data *a, void (*pre_audit)(struct audit_buffer *, void *), void (*post_audit)(struct audit_buffer *, void *)); |
6e837fb15
|
105 106 |
#endif |