lsm_audit.h 2.5 KB
Newer Older
E
Etienne Basset 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
/*
 * Common LSM logging functions
 * Heavily borrowed from selinux/avc.h
 *
 * Author : Etienne BASSET  <etienne.basset@ensta.org>
 *
 * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil>
 * All BUGS to : Etienne BASSET  <etienne.basset@ensta.org>
 */
#ifndef _LSM_COMMON_LOGGING_
#define _LSM_COMMON_LOGGING_

#include <linux/stddef.h>
#include <linux/errno.h>
#include <linux/kernel.h>
#include <linux/kdev_t.h>
#include <linux/spinlock.h>
#include <linux/init.h>
#include <linux/audit.h>
#include <linux/in6.h>
#include <linux/path.h>
#include <linux/key.h>
#include <linux/skbuff.h>

25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
struct lsm_network_audit {
	int netif;
	struct sock *sk;
	u16 family;
	__be16 dport;
	__be16 sport;
	union {
		struct {
			__be32 daddr;
			__be32 saddr;
		} v4;
		struct {
			struct in6_addr daddr;
			struct in6_addr saddr;
		} v6;
	} fam;
};
E
Etienne Basset 已提交
42 43 44

/* Auxiliary data to use in generating the audit record. */
struct common_audit_data {
45
	char type;
46
#define LSM_AUDIT_DATA_PATH	1
47 48 49 50 51
#define LSM_AUDIT_DATA_NET	2
#define LSM_AUDIT_DATA_CAP	3
#define LSM_AUDIT_DATA_IPC	4
#define LSM_AUDIT_DATA_TASK	5
#define LSM_AUDIT_DATA_KEY	6
52
#define LSM_AUDIT_DATA_NONE	7
53
#define LSM_AUDIT_DATA_KMOD	8
54
#define LSM_AUDIT_DATA_INODE	9
55
#define LSM_AUDIT_DATA_DENTRY	10
E
Etienne Basset 已提交
56 57
	struct task_struct *tsk;
	union 	{
58
		struct path path;
59
		struct dentry *dentry;
60
		struct inode *inode;
61
		struct lsm_network_audit *net;
E
Etienne Basset 已提交
62 63 64 65 66 67 68 69 70
		int cap;
		int ipc_id;
		struct task_struct *tsk;
#ifdef CONFIG_KEYS
		struct {
			key_serial_t key;
			char *key_desc;
		} key_struct;
#endif
71
		char *kmod_name;
E
Etienne Basset 已提交
72 73 74
	} u;
	/* this union contains LSM specific data */
	union {
75
#ifdef CONFIG_SECURITY_SMACK
76
		struct smack_audit_data *smack_audit_data;
77 78
#endif
#ifdef CONFIG_SECURITY_SELINUX
79
		struct selinux_audit_data *selinux_audit_data;
80 81
#endif
#ifdef CONFIG_SECURITY_APPARMOR
82
		struct apparmor_audit_data *apparmor_audit_data;
83
#endif
84
	}; /* per LSM data pointer union */
E
Etienne Basset 已提交
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
	/* these callback will be implemented by a specific LSM */
	void (*lsm_pre_audit)(struct audit_buffer *, void *);
	void (*lsm_post_audit)(struct audit_buffer *, void *);
};

#define v4info fam.v4
#define v6info fam.v6

int ipv4_skb_to_auditdata(struct sk_buff *skb,
		struct common_audit_data *ad, u8 *proto);

int ipv6_skb_to_auditdata(struct sk_buff *skb,
		struct common_audit_data *ad, u8 *proto);

/* Initialize an LSM audit data structure. */
#define COMMON_AUDIT_DATA_INIT(_d, _t) \
	{ memset((_d), 0, sizeof(struct common_audit_data)); \
102
	 (_d)->type = LSM_AUDIT_DATA_##_t; }
E
Etienne Basset 已提交
103 104 105 106

void common_lsm_audit(struct common_audit_data *a);

#endif