]>
Commit | Line | Data |
---|---|---|
67012e82 JJ |
1 | /* |
2 | * AppArmor security module | |
3 | * | |
4 | * This file contains AppArmor auditing function definitions. | |
5 | * | |
6 | * Copyright (C) 1998-2008 Novell/SUSE | |
7 | * Copyright 2009-2010 Canonical Ltd. | |
8 | * | |
9 | * This program is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU General Public License as | |
11 | * published by the Free Software Foundation, version 2 of the | |
12 | * License. | |
13 | */ | |
14 | ||
15 | #ifndef __AA_AUDIT_H | |
16 | #define __AA_AUDIT_H | |
17 | ||
18 | #include <linux/audit.h> | |
19 | #include <linux/fs.h> | |
20 | #include <linux/lsm_audit.h> | |
21 | #include <linux/sched.h> | |
22 | #include <linux/slab.h> | |
23 | ||
24 | #include "file.h" | |
25 | ||
26 | struct aa_profile; | |
27 | ||
2d4cee7e | 28 | extern const char *const audit_mode_names[]; |
67012e82 | 29 | #define AUDIT_MAX_INDEX 5 |
67012e82 JJ |
30 | enum audit_mode { |
31 | AUDIT_NORMAL, /* follow normal auditing of accesses */ | |
32 | AUDIT_QUIET_DENIED, /* quiet all denied access messages */ | |
33 | AUDIT_QUIET, /* quiet all messages */ | |
34 | AUDIT_NOQUIET, /* do not quiet audit messages */ | |
35 | AUDIT_ALL /* audit all accesses */ | |
36 | }; | |
37 | ||
38 | enum audit_type { | |
39 | AUDIT_APPARMOR_AUDIT, | |
40 | AUDIT_APPARMOR_ALLOWED, | |
41 | AUDIT_APPARMOR_DENIED, | |
42 | AUDIT_APPARMOR_HINT, | |
43 | AUDIT_APPARMOR_STATUS, | |
44 | AUDIT_APPARMOR_ERROR, | |
ade3ddc0 JJ |
45 | AUDIT_APPARMOR_KILL, |
46 | AUDIT_APPARMOR_AUTO | |
67012e82 JJ |
47 | }; |
48 | ||
2d4cee7e | 49 | extern const char *const op_table[]; |
67012e82 JJ |
50 | enum aa_ops { |
51 | OP_NULL, | |
52 | ||
53 | OP_SYSCTL, | |
54 | OP_CAPABLE, | |
55 | ||
56 | OP_UNLINK, | |
57 | OP_MKDIR, | |
58 | OP_RMDIR, | |
59 | OP_MKNOD, | |
60 | OP_TRUNC, | |
61 | OP_LINK, | |
62 | OP_SYMLINK, | |
63 | OP_RENAME_SRC, | |
64 | OP_RENAME_DEST, | |
65 | OP_CHMOD, | |
66 | OP_CHOWN, | |
67 | OP_GETATTR, | |
68 | OP_OPEN, | |
69 | ||
70 | OP_FPERM, | |
71 | OP_FLOCK, | |
72 | OP_FMMAP, | |
73 | OP_FMPROT, | |
74 | ||
75 | OP_CREATE, | |
76 | OP_POST_CREATE, | |
77 | OP_BIND, | |
78 | OP_CONNECT, | |
79 | OP_LISTEN, | |
80 | OP_ACCEPT, | |
81 | OP_SENDMSG, | |
82 | OP_RECVMSG, | |
83 | OP_GETSOCKNAME, | |
84 | OP_GETPEERNAME, | |
85 | OP_GETSOCKOPT, | |
86 | OP_SETSOCKOPT, | |
87 | OP_SOCK_SHUTDOWN, | |
88 | ||
89 | OP_PTRACE, | |
90 | ||
91 | OP_EXEC, | |
92 | OP_CHANGE_HAT, | |
93 | OP_CHANGE_PROFILE, | |
94 | OP_CHANGE_ONEXEC, | |
95 | ||
96 | OP_SETPROCATTR, | |
97 | OP_SETRLIMIT, | |
98 | ||
99 | OP_PROF_REPL, | |
100 | OP_PROF_LOAD, | |
101 | OP_PROF_RM, | |
102 | }; | |
103 | ||
104 | ||
3b3b0e4f EP |
105 | struct apparmor_audit_data { |
106 | int error; | |
107 | int op; | |
108 | int type; | |
109 | void *profile; | |
110 | const char *name; | |
111 | const char *info; | |
112 | union { | |
113 | void *target; | |
114 | struct { | |
115 | long pos; | |
116 | void *target; | |
117 | } iface; | |
118 | struct { | |
119 | int rlim; | |
120 | unsigned long max; | |
121 | } rlim; | |
122 | struct { | |
123 | const char *target; | |
124 | u32 request; | |
125 | u32 denied; | |
2db81452 | 126 | kuid_t ouid; |
3b3b0e4f EP |
127 | } fs; |
128 | }; | |
129 | }; | |
130 | ||
131 | /* define a short hand for apparmor_audit_data structure */ | |
67012e82 JJ |
132 | #define aad apparmor_audit_data |
133 | ||
134 | void aa_audit_msg(int type, struct common_audit_data *sa, | |
135 | void (*cb) (struct audit_buffer *, void *)); | |
136 | int aa_audit(int type, struct aa_profile *profile, gfp_t gfp, | |
137 | struct common_audit_data *sa, | |
138 | void (*cb) (struct audit_buffer *, void *)); | |
139 | ||
140 | static inline int complain_error(int error) | |
141 | { | |
142 | if (error == -EPERM || error == -EACCES) | |
143 | return 0; | |
144 | return error; | |
145 | } | |
146 | ||
147 | #endif /* __AA_AUDIT_H */ |