]>
Commit | Line | Data |
---|---|---|
67012e82 JJ |
1 | /* |
2 | * AppArmor security module | |
3 | * | |
4 | * This file contains AppArmor auditing function definitions. | |
5 | * | |
6 | * Copyright (C) 1998-2008 Novell/SUSE | |
7 | * Copyright 2009-2010 Canonical Ltd. | |
8 | * | |
9 | * This program is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU General Public License as | |
11 | * published by the Free Software Foundation, version 2 of the | |
12 | * License. | |
13 | */ | |
14 | ||
15 | #ifndef __AA_AUDIT_H | |
16 | #define __AA_AUDIT_H | |
17 | ||
18 | #include <linux/audit.h> | |
19 | #include <linux/fs.h> | |
20 | #include <linux/lsm_audit.h> | |
21 | #include <linux/sched.h> | |
22 | #include <linux/slab.h> | |
23 | ||
24 | #include "file.h" | |
25 | ||
26 | struct aa_profile; | |
27 | ||
28 | extern const char *audit_mode_names[]; | |
29 | #define AUDIT_MAX_INDEX 5 | |
30 | ||
31 | #define AUDIT_APPARMOR_AUTO 0 /* auto choose audit message type */ | |
32 | ||
33 | enum audit_mode { | |
34 | AUDIT_NORMAL, /* follow normal auditing of accesses */ | |
35 | AUDIT_QUIET_DENIED, /* quiet all denied access messages */ | |
36 | AUDIT_QUIET, /* quiet all messages */ | |
37 | AUDIT_NOQUIET, /* do not quiet audit messages */ | |
38 | AUDIT_ALL /* audit all accesses */ | |
39 | }; | |
40 | ||
41 | enum audit_type { | |
42 | AUDIT_APPARMOR_AUDIT, | |
43 | AUDIT_APPARMOR_ALLOWED, | |
44 | AUDIT_APPARMOR_DENIED, | |
45 | AUDIT_APPARMOR_HINT, | |
46 | AUDIT_APPARMOR_STATUS, | |
47 | AUDIT_APPARMOR_ERROR, | |
48 | AUDIT_APPARMOR_KILL | |
49 | }; | |
50 | ||
51 | extern const char *op_table[]; | |
52 | enum aa_ops { | |
53 | OP_NULL, | |
54 | ||
55 | OP_SYSCTL, | |
56 | OP_CAPABLE, | |
57 | ||
58 | OP_UNLINK, | |
59 | OP_MKDIR, | |
60 | OP_RMDIR, | |
61 | OP_MKNOD, | |
62 | OP_TRUNC, | |
63 | OP_LINK, | |
64 | OP_SYMLINK, | |
65 | OP_RENAME_SRC, | |
66 | OP_RENAME_DEST, | |
67 | OP_CHMOD, | |
68 | OP_CHOWN, | |
69 | OP_GETATTR, | |
70 | OP_OPEN, | |
71 | ||
72 | OP_FPERM, | |
73 | OP_FLOCK, | |
74 | OP_FMMAP, | |
75 | OP_FMPROT, | |
76 | ||
77 | OP_CREATE, | |
78 | OP_POST_CREATE, | |
79 | OP_BIND, | |
80 | OP_CONNECT, | |
81 | OP_LISTEN, | |
82 | OP_ACCEPT, | |
83 | OP_SENDMSG, | |
84 | OP_RECVMSG, | |
85 | OP_GETSOCKNAME, | |
86 | OP_GETPEERNAME, | |
87 | OP_GETSOCKOPT, | |
88 | OP_SETSOCKOPT, | |
89 | OP_SOCK_SHUTDOWN, | |
90 | ||
91 | OP_PTRACE, | |
92 | ||
93 | OP_EXEC, | |
94 | OP_CHANGE_HAT, | |
95 | OP_CHANGE_PROFILE, | |
96 | OP_CHANGE_ONEXEC, | |
97 | ||
98 | OP_SETPROCATTR, | |
99 | OP_SETRLIMIT, | |
100 | ||
101 | OP_PROF_REPL, | |
102 | OP_PROF_LOAD, | |
103 | OP_PROF_RM, | |
104 | }; | |
105 | ||
106 | ||
107 | /* define a short hand for apparmor_audit_data portion of common_audit_data */ | |
108 | #define aad apparmor_audit_data | |
109 | ||
110 | void aa_audit_msg(int type, struct common_audit_data *sa, | |
111 | void (*cb) (struct audit_buffer *, void *)); | |
112 | int aa_audit(int type, struct aa_profile *profile, gfp_t gfp, | |
113 | struct common_audit_data *sa, | |
114 | void (*cb) (struct audit_buffer *, void *)); | |
115 | ||
116 | static inline int complain_error(int error) | |
117 | { | |
118 | if (error == -EPERM || error == -EACCES) | |
119 | return 0; | |
120 | return error; | |
121 | } | |
122 | ||
123 | #endif /* __AA_AUDIT_H */ |