Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_htc_msm8960 / a07613a54d700a974f3a4a657da78ef5d097315d / . / include / linux / lsm_audit.h
blob: 88e78dedc2e81394f7cbe2e9094782fc2ce32ba5 [file] [log] [blame]
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]1/*
2 * Common LSM logging functions
3 * Heavily borrowed from selinux/avc.h
4 *
5 * Author : Etienne BASSET <etienne.basset@ensta.org>
6 *
7 * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil>
8 * All BUGS to : Etienne BASSET <etienne.basset@ensta.org>
9 */
10#ifndef _LSM_COMMON_LOGGING_
11#define _LSM_COMMON_LOGGING_
12
13#include <linux/stddef.h>
14#include <linux/errno.h>
15#include <linux/kernel.h>
16#include <linux/kdev_t.h>
17#include <linux/spinlock.h>
18#include <linux/init.h>
19#include <linux/audit.h>
20#include <linux/in6.h>
21#include <linux/path.h>
22#include <linux/key.h>
23#include <linux/skbuff.h>
24#include <asm/system.h>
25
26
27/* Auxiliary data to use in generating the audit record. */
28struct common_audit_data {
Eric Parisdd8dbf22009-11-03 16:35:32 +1100[diff] [blame]29 char type;
Eric Parisf48b7392011-04-25 12:54:27 -0400[diff] [blame]30#define LSM_AUDIT_DATA_PATH 1
Eric Parisdd8dbf22009-11-03 16:35:32 +1100[diff] [blame]31#define LSM_AUDIT_DATA_NET 2
32#define LSM_AUDIT_DATA_CAP 3
33#define LSM_AUDIT_DATA_IPC 4
34#define LSM_AUDIT_DATA_TASK 5
35#define LSM_AUDIT_DATA_KEY 6
Eric Pariscb84aa92010-04-27 17:20:38 -0400[diff] [blame]36#define LSM_AUDIT_DATA_NONE 7
Eric Parisdd8dbf22009-11-03 16:35:32 +1100[diff] [blame]37#define LSM_AUDIT_DATA_KMOD 8
Eric Parisf48b7392011-04-25 12:54:27 -0400[diff] [blame]38#define LSM_AUDIT_DATA_INODE 9
Eric Parisa2694342011-04-25 13:10:27 -0400[diff] [blame]39#define LSM_AUDIT_DATA_DENTRY 10
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]40 struct task_struct *tsk;
41 union {
Eric Parisf48b7392011-04-25 12:54:27 -0400[diff] [blame]42 struct path path;
Eric Parisa2694342011-04-25 13:10:27 -0400[diff] [blame]43 struct dentry *dentry;
Eric Parisf48b7392011-04-25 12:54:27 -0400[diff] [blame]44 struct inode *inode;
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]45 struct {
46 int netif;
47 struct sock *sk;
48 u16 family;
49 __be16 dport;
50 __be16 sport;
51 union {
52 struct {
53 __be32 daddr;
54 __be32 saddr;
55 } v4;
56 struct {
57 struct in6_addr daddr;
58 struct in6_addr saddr;
59 } v6;
60 } fam;
61 } net;
62 int cap;
63 int ipc_id;
64 struct task_struct *tsk;
65#ifdef CONFIG_KEYS
66 struct {
67 key_serial_t key;
68 char *key_desc;
69 } key_struct;
70#endif
Eric Parisdd8dbf22009-11-03 16:35:32 +1100[diff] [blame]71 char *kmod_name;
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]72 } u;
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]73 /* this union contains LSM specific data */
74 union {
Thomas Liu65c3f0a2009-07-09 10:00:31 -0400[diff] [blame]75#ifdef CONFIG_SECURITY_SMACK
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]76 /* SMACK data */
77 struct smack_audit_data {
Thomas Liued5215a2009-07-09 10:00:29 -0400[diff] [blame]78 const char *function;
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]79 char *subject;
80 char *object;
81 char *request;
82 int result;
83 } smack_audit_data;
Thomas Liu65c3f0a2009-07-09 10:00:31 -0400[diff] [blame]84#endif
85#ifdef CONFIG_SECURITY_SELINUX
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]86 /* SELinux data */
87 struct {
88 u32 ssid;
89 u32 tsid;
90 u16 tclass;
91 u32 requested;
92 u32 audited;
Thomas Liu2bf49692009-07-14 12:14:09 -0400[diff] [blame]93 u32 denied;
Eric Parisb782e0a2010-07-23 11:44:03 -0400[diff] [blame]94 /*
95 * auditdeny is a bit tricky and unintuitive. See the
96 * comments in avc.c for it's meaning and usage.
97 */
98 u32 auditdeny;
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]99 struct av_decision *avd;
100 int result;
101 } selinux_audit_data;
Thomas Liu65c3f0a2009-07-09 10:00:31 -0400[diff] [blame]102#endif
John Johansen67012e82010-07-29 14:47:58 -0700[diff] [blame]103#ifdef CONFIG_SECURITY_APPARMOR
104 struct {
105 int error;
106 int op;
107 int type;
108 void *profile;
109 const char *name;
110 const char *info;
111 union {
112 void *target;
113 struct {
114 long pos;
115 void *target;
116 } iface;
117 struct {
118 int rlim;
119 unsigned long max;
120 } rlim;
121 struct {
122 const char *target;
123 u32 request;
124 u32 denied;
125 uid_t ouid;
126 } fs;
127 };
128 } apparmor_audit_data;
129#endif
Thomas Liud4131de2009-07-09 10:00:30 -0400[diff] [blame]130 };
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]131 /* these callback will be implemented by a specific LSM */
132 void (*lsm_pre_audit)(struct audit_buffer *, void *);
133 void (*lsm_post_audit)(struct audit_buffer *, void *);
134};
135
136#define v4info fam.v4
137#define v6info fam.v6
138
139int ipv4_skb_to_auditdata(struct sk_buff *skb,
140 struct common_audit_data *ad, u8 *proto);
141
142int ipv6_skb_to_auditdata(struct sk_buff *skb,
143 struct common_audit_data *ad, u8 *proto);
144
145/* Initialize an LSM audit data structure. */
146#define COMMON_AUDIT_DATA_INIT(_d, _t) \
147 { memset((_d), 0, sizeof(struct common_audit_data)); \
Thomas Liued5215a2009-07-09 10:00:29 -0400[diff] [blame]148 (_d)->type = LSM_AUDIT_DATA_##_t; }
Etienne Basset6e837fb2009-04-08 20:39:40 +0200[diff] [blame]149
150void common_lsm_audit(struct common_audit_data *a);
151
152#endif