tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1/*
2 * Copyright (C) 2008 IBM Corporation
3 * Author: Mimi Zohar <zohar@us.ibm.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, version 2 of the License.
8 *
9 * File: integrity_audit.c
10 * Audit calls for the integrity subsystem
11 */
12
13#include <linux/fs.h>
14#include <linux/gfp.h>
15#include <linux/audit.h>
16#include "ima.h"
17
18static int ima_audit;
19
20/* ima_audit_setup - enable informational auditing messages */
21static int __init ima_audit_setup(char *str)
22{
23 unsigned long audit;
24
25 if (!strict_strtoul(str, 0, &audit))
26 ima_audit = audit ? 1 : 0;
27 return 1;
28}
29__setup("ima_audit=", ima_audit_setup);
30
31void integrity_audit_msg(int audit_msgno, struct inode *inode,
32 const unsigned char *fname, const char *op,
33 const char *cause, int result, int audit_info)
34{
35 struct audit_buffer *ab;
36
37 if (!ima_audit && audit_info == 1) /* Skip informational messages */
38 return;
39
40 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
41 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
42 current->pid,
43 from_kuid(&init_user_ns, current_cred()->uid),
44 from_kuid(&init_user_ns, audit_get_loginuid(current)),
45 audit_get_sessionid(current));
46 audit_log_task_context(ab);
47 audit_log_format(ab, " op=");
48 audit_log_string(ab, op);
49 audit_log_format(ab, " cause=");
50 audit_log_string(ab, cause);
51 audit_log_format(ab, " comm=");
52 audit_log_untrustedstring(ab, current->comm);
53 if (fname) {
54 audit_log_format(ab, " name=");
55 audit_log_untrustedstring(ab, fname);
56 }
57 if (inode) {
58 audit_log_format(ab, " dev=");
59 audit_log_untrustedstring(ab, inode->i_sb->s_id);
60 audit_log_format(ab, " ino=%lu", inode->i_ino);
61 }
62 audit_log_format(ab, " res=%d", !result);
63 audit_log_end(ab);
64}