tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / include / linux / lsm_audit.h
at 9801b321ecdb6708365b6825bf728c8e433fca00 111 lines 2.5 kB view raw
1/* 2 * Common LSM logging functions 3 * Heavily borrowed from selinux/avc.h 4 * 5 * Author : Etienne BASSET <etienne.basset@ensta.org> 6 * 7 * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil> 8 * All BUGS to : Etienne BASSET <etienne.basset@ensta.org> 9 */ 10#ifndef _LSM_COMMON_LOGGING_ 11#define _LSM_COMMON_LOGGING_ 12 13#include <linux/stddef.h> 14#include <linux/errno.h> 15#include <linux/kernel.h> 16#include <linux/kdev_t.h> 17#include <linux/spinlock.h> 18#include <linux/init.h> 19#include <linux/audit.h> 20#include <linux/in6.h> 21#include <linux/path.h> 22#include <linux/key.h> 23#include <linux/skbuff.h> 24#include <asm/system.h> 25 26 27/* Auxiliary data to use in generating the audit record. */ 28struct common_audit_data { 29 char type; 30#define LSM_AUDIT_DATA_FS 1 31#define LSM_AUDIT_DATA_NET 2 32#define LSM_AUDIT_DATA_CAP 3 33#define LSM_AUDIT_DATA_IPC 4 34#define LSM_AUDIT_DATA_TASK 5 35#define LSM_AUDIT_DATA_KEY 6 36 struct task_struct *tsk; 37 union { 38 struct { 39 struct path path; 40 struct inode *inode; 41 } fs; 42 struct { 43 int netif; 44 struct sock *sk; 45 u16 family; 46 __be16 dport; 47 __be16 sport; 48 union { 49 struct { 50 __be32 daddr; 51 __be32 saddr; 52 } v4; 53 struct { 54 struct in6_addr daddr; 55 struct in6_addr saddr; 56 } v6; 57 } fam; 58 } net; 59 int cap; 60 int ipc_id; 61 struct task_struct *tsk; 62#ifdef CONFIG_KEYS 63 struct { 64 key_serial_t key; 65 char *key_desc; 66 } key_struct; 67#endif 68 } u; 69 const char *function; 70 /* this union contains LSM specific data */ 71 union { 72 /* SMACK data */ 73 struct smack_audit_data { 74 char *subject; 75 char *object; 76 char *request; 77 int result; 78 } smack_audit_data; 79 /* SELinux data */ 80 struct { 81 u32 ssid; 82 u32 tsid; 83 u16 tclass; 84 u32 requested; 85 u32 audited; 86 struct av_decision *avd; 87 int result; 88 } selinux_audit_data; 89 } lsm_priv; 90 /* these callback will be implemented by a specific LSM */ 91 void (*lsm_pre_audit)(struct audit_buffer *, void *); 92 void (*lsm_post_audit)(struct audit_buffer *, void *); 93}; 94 95#define v4info fam.v4 96#define v6info fam.v6 97 98int ipv4_skb_to_auditdata(struct sk_buff *skb, 99 struct common_audit_data *ad, u8 *proto); 100 101int ipv6_skb_to_auditdata(struct sk_buff *skb, 102 struct common_audit_data *ad, u8 *proto); 103 104/* Initialize an LSM audit data structure. */ 105#define COMMON_AUDIT_DATA_INIT(_d, _t) \ 106 { memset((_d), 0, sizeof(struct common_audit_data)); \ 107 (_d)->type = LSM_AUDIT_DATA_##_t; (_d)->function = __func__; } 108 109void common_lsm_audit(struct common_audit_data *a); 110 111#endif