mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-10 15:10:38 +00:00
cdfb6b341f
Recognizing that the audit context is an internal audit value, use an access function to retrieve the audit context pointer for the task rather than reaching directly into the task struct to get it. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [PM: merge fuzz in auditsc.c and selinuxfs.c, checkpatch.pl fixes] Signed-off-by: Paul Moore <paul@paul-moore.com>
66 lines
1.9 KiB
C
66 lines
1.9 KiB
C
/*
|
|
* Copyright (C) 2008 IBM Corporation
|
|
* Author: Mimi Zohar <zohar@us.ibm.com>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, version 2 of the License.
|
|
*
|
|
* File: integrity_audit.c
|
|
* Audit calls for the integrity subsystem
|
|
*/
|
|
|
|
#include <linux/fs.h>
|
|
#include <linux/gfp.h>
|
|
#include <linux/audit.h>
|
|
#include "integrity.h"
|
|
|
|
static int integrity_audit_info;
|
|
|
|
/* ima_audit_setup - enable informational auditing messages */
|
|
static int __init integrity_audit_setup(char *str)
|
|
{
|
|
unsigned long audit;
|
|
|
|
if (!kstrtoul(str, 0, &audit))
|
|
integrity_audit_info = audit ? 1 : 0;
|
|
return 1;
|
|
}
|
|
__setup("integrity_audit=", integrity_audit_setup);
|
|
|
|
void integrity_audit_msg(int audit_msgno, struct inode *inode,
|
|
const unsigned char *fname, const char *op,
|
|
const char *cause, int result, int audit_info)
|
|
{
|
|
struct audit_buffer *ab;
|
|
char name[TASK_COMM_LEN];
|
|
|
|
if (!integrity_audit_info && audit_info == 1) /* Skip info messages */
|
|
return;
|
|
|
|
ab = audit_log_start(audit_context(), GFP_KERNEL, audit_msgno);
|
|
audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
|
|
task_pid_nr(current),
|
|
from_kuid(&init_user_ns, current_cred()->uid),
|
|
from_kuid(&init_user_ns, audit_get_loginuid(current)),
|
|
audit_get_sessionid(current));
|
|
audit_log_task_context(ab);
|
|
audit_log_format(ab, " op=");
|
|
audit_log_string(ab, op);
|
|
audit_log_format(ab, " cause=");
|
|
audit_log_string(ab, cause);
|
|
audit_log_format(ab, " comm=");
|
|
audit_log_untrustedstring(ab, get_task_comm(name, current));
|
|
if (fname) {
|
|
audit_log_format(ab, " name=");
|
|
audit_log_untrustedstring(ab, fname);
|
|
}
|
|
if (inode) {
|
|
audit_log_format(ab, " dev=");
|
|
audit_log_untrustedstring(ab, inode->i_sb->s_id);
|
|
audit_log_format(ab, " ino=%lu", inode->i_ino);
|
|
}
|
|
audit_log_format(ab, " res=%d", !result);
|
|
audit_log_end(ab);
|
|
}
|