]>
Commit | Line | Data |
---|---|---|
6e837fb1 EB |
1 | /* |
2 | * Common LSM logging functions | |
3 | * Heavily borrowed from selinux/avc.h | |
4 | * | |
5 | * Author : Etienne BASSET <etienne.basset@ensta.org> | |
6 | * | |
7 | * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil> | |
8 | * All BUGS to : Etienne BASSET <etienne.basset@ensta.org> | |
9 | */ | |
10 | #ifndef _LSM_COMMON_LOGGING_ | |
11 | #define _LSM_COMMON_LOGGING_ | |
12 | ||
13 | #include <linux/stddef.h> | |
14 | #include <linux/errno.h> | |
15 | #include <linux/kernel.h> | |
16 | #include <linux/kdev_t.h> | |
17 | #include <linux/spinlock.h> | |
18 | #include <linux/init.h> | |
19 | #include <linux/audit.h> | |
20 | #include <linux/in6.h> | |
21 | #include <linux/path.h> | |
22 | #include <linux/key.h> | |
23 | #include <linux/skbuff.h> | |
6e837fb1 | 24 | |
48c62af6 EP |
25 | struct lsm_network_audit { |
26 | int netif; | |
27 | struct sock *sk; | |
28 | u16 family; | |
29 | __be16 dport; | |
30 | __be16 sport; | |
31 | union { | |
32 | struct { | |
33 | __be32 daddr; | |
34 | __be32 saddr; | |
35 | } v4; | |
36 | struct { | |
37 | struct in6_addr daddr; | |
38 | struct in6_addr saddr; | |
39 | } v6; | |
40 | } fam; | |
41 | }; | |
6e837fb1 | 42 | |
671a2781 JVS |
43 | struct lsm_ioctlop_audit { |
44 | struct path path; | |
45 | u16 cmd; | |
46 | }; | |
47 | ||
6e837fb1 EB |
48 | /* Auxiliary data to use in generating the audit record. */ |
49 | struct common_audit_data { | |
dd8dbf2e | 50 | char type; |
f48b7399 | 51 | #define LSM_AUDIT_DATA_PATH 1 |
dd8dbf2e EP |
52 | #define LSM_AUDIT_DATA_NET 2 |
53 | #define LSM_AUDIT_DATA_CAP 3 | |
54 | #define LSM_AUDIT_DATA_IPC 4 | |
55 | #define LSM_AUDIT_DATA_TASK 5 | |
56 | #define LSM_AUDIT_DATA_KEY 6 | |
cb84aa9b | 57 | #define LSM_AUDIT_DATA_NONE 7 |
dd8dbf2e | 58 | #define LSM_AUDIT_DATA_KMOD 8 |
f48b7399 | 59 | #define LSM_AUDIT_DATA_INODE 9 |
a269434d | 60 | #define LSM_AUDIT_DATA_DENTRY 10 |
671a2781 | 61 | #define LSM_AUDIT_DATA_IOCTL_OP 11 |
43af5de7 | 62 | #define LSM_AUDIT_DATA_FILE 12 |
6e837fb1 | 63 | union { |
f48b7399 | 64 | struct path path; |
a269434d | 65 | struct dentry *dentry; |
f48b7399 | 66 | struct inode *inode; |
48c62af6 | 67 | struct lsm_network_audit *net; |
6e837fb1 EB |
68 | int cap; |
69 | int ipc_id; | |
70 | struct task_struct *tsk; | |
71 | #ifdef CONFIG_KEYS | |
72 | struct { | |
73 | key_serial_t key; | |
74 | char *key_desc; | |
75 | } key_struct; | |
76 | #endif | |
dd8dbf2e | 77 | char *kmod_name; |
671a2781 | 78 | struct lsm_ioctlop_audit *op; |
43af5de7 | 79 | struct file *file; |
6e837fb1 | 80 | } u; |
6e837fb1 EB |
81 | /* this union contains LSM specific data */ |
82 | union { | |
65c3f0a2 | 83 | #ifdef CONFIG_SECURITY_SMACK |
3b3b0e4f | 84 | struct smack_audit_data *smack_audit_data; |
65c3f0a2 TL |
85 | #endif |
86 | #ifdef CONFIG_SECURITY_SELINUX | |
3b3b0e4f | 87 | struct selinux_audit_data *selinux_audit_data; |
67012e82 JJ |
88 | #endif |
89 | #ifdef CONFIG_SECURITY_APPARMOR | |
3b3b0e4f | 90 | struct apparmor_audit_data *apparmor_audit_data; |
65c3f0a2 | 91 | #endif |
3b3b0e4f | 92 | }; /* per LSM data pointer union */ |
6e837fb1 EB |
93 | }; |
94 | ||
95 | #define v4info fam.v4 | |
96 | #define v6info fam.v6 | |
97 | ||
98 | int ipv4_skb_to_auditdata(struct sk_buff *skb, | |
99 | struct common_audit_data *ad, u8 *proto); | |
100 | ||
101 | int ipv6_skb_to_auditdata(struct sk_buff *skb, | |
102 | struct common_audit_data *ad, u8 *proto); | |
103 | ||
b61c37f5 LT |
104 | void common_lsm_audit(struct common_audit_data *a, |
105 | void (*pre_audit)(struct audit_buffer *, void *), | |
106 | void (*post_audit)(struct audit_buffer *, void *)); | |
6e837fb1 EB |
107 | |
108 | #endif |