lsm_audit.h 2.6 KB
Newer Older
E
Etienne Basset 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
/*
 * Common LSM logging functions
 * Heavily borrowed from selinux/avc.h
 *
 * Author : Etienne BASSET  <etienne.basset@ensta.org>
 *
 * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil>
 * All BUGS to : Etienne BASSET  <etienne.basset@ensta.org>
 */
#ifndef _LSM_COMMON_LOGGING_
#define _LSM_COMMON_LOGGING_

#include <linux/stddef.h>
#include <linux/errno.h>
#include <linux/kernel.h>
#include <linux/kdev_t.h>
#include <linux/spinlock.h>
#include <linux/init.h>
#include <linux/audit.h>
#include <linux/in6.h>
#include <linux/path.h>
#include <linux/key.h>
#include <linux/skbuff.h>
#include <asm/system.h>


/* Auxiliary data to use in generating the audit record. */
struct common_audit_data {
29 30 31 32 33 34 35
	char type;
#define LSM_AUDIT_DATA_FS	1
#define LSM_AUDIT_DATA_NET	2
#define LSM_AUDIT_DATA_CAP	3
#define LSM_AUDIT_DATA_IPC	4
#define LSM_AUDIT_DATA_TASK	5
#define LSM_AUDIT_DATA_KEY	6
36
#define LSM_AUDIT_DATA_NONE	7
37
#define LSM_AUDIT_DATA_KMOD	8
E
Etienne Basset 已提交
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
	struct task_struct *tsk;
	union 	{
		struct {
			struct path path;
			struct inode *inode;
		} fs;
		struct {
			int netif;
			struct sock *sk;
			u16 family;
			__be16 dport;
			__be16 sport;
			union {
				struct {
					__be32 daddr;
					__be32 saddr;
				} v4;
				struct {
					struct in6_addr daddr;
					struct in6_addr saddr;
				} v6;
			} fam;
		} net;
		int cap;
		int ipc_id;
		struct task_struct *tsk;
#ifdef CONFIG_KEYS
		struct {
			key_serial_t key;
			char *key_desc;
		} key_struct;
#endif
70
		char *kmod_name;
E
Etienne Basset 已提交
71 72 73
	} u;
	/* this union contains LSM specific data */
	union {
74
#ifdef CONFIG_SECURITY_SMACK
E
Etienne Basset 已提交
75 76
		/* SMACK data */
		struct smack_audit_data {
77
			const char *function;
E
Etienne Basset 已提交
78 79 80 81 82
			char *subject;
			char *object;
			char *request;
			int result;
		} smack_audit_data;
83 84
#endif
#ifdef CONFIG_SECURITY_SELINUX
E
Etienne Basset 已提交
85 86 87 88 89 90 91
		/* SELinux data */
		struct {
			u32 ssid;
			u32 tsid;
			u16 tclass;
			u32 requested;
			u32 audited;
92
			u32 denied;
E
Etienne Basset 已提交
93 94 95
			struct av_decision *avd;
			int result;
		} selinux_audit_data;
96
#endif
97
	};
E
Etienne Basset 已提交
98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114
	/* these callback will be implemented by a specific LSM */
	void (*lsm_pre_audit)(struct audit_buffer *, void *);
	void (*lsm_post_audit)(struct audit_buffer *, void *);
};

#define v4info fam.v4
#define v6info fam.v6

int ipv4_skb_to_auditdata(struct sk_buff *skb,
		struct common_audit_data *ad, u8 *proto);

int ipv6_skb_to_auditdata(struct sk_buff *skb,
		struct common_audit_data *ad, u8 *proto);

/* Initialize an LSM audit data structure. */
#define COMMON_AUDIT_DATA_INIT(_d, _t) \
	{ memset((_d), 0, sizeof(struct common_audit_data)); \
115
	 (_d)->type = LSM_AUDIT_DATA_##_t; }
E
Etienne Basset 已提交
116 117 118 119

void common_lsm_audit(struct common_audit_data *a);

#endif