From mboxrd@z Thu Jan 1 00:00:00 1970 From: Amy Griffis Subject: [PATCH 1/2] add SIGNAL syscall class Date: Wed, 14 Feb 2007 13:24:31 -0500 Message-ID: <20070214182431.GA17337@fc.hp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Return-path: Received: from mx1.redhat.com (mx1.redhat.com [172.16.48.31]) by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id l1EIYcOR010568 for ; Wed, 14 Feb 2007 13:34:38 -0500 Received: from atlrel8.hp.com (atlrel8.hp.com [156.153.255.206]) by mx1.redhat.com (8.13.1/8.13.1) with ESMTP id l1EIYKcX019244 for ; Wed, 14 Feb 2007 13:34:21 -0500 Received: from smtp1.fc.hp.com (smtp1.fc.hp.com [15.15.136.127]) by atlrel8.hp.com (Postfix) with ESMTP id 99EDB35F61 for ; Wed, 14 Feb 2007 13:34:20 -0500 (EST) Received: from ldl.fc.hp.com (ldl.fc.hp.com [15.11.146.30]) by smtp1.fc.hp.com (Postfix) with ESMTP id 816F4133116 for ; Wed, 14 Feb 2007 18:34:15 +0000 (UTC) Received: from localhost (ldl.lart [127.0.0.1]) by ldl.fc.hp.com (Postfix) with ESMTP id C795339C1BD for ; Wed, 14 Feb 2007 11:34:10 -0700 (MST) Received: from ldl.fc.hp.com ([127.0.0.1]) by localhost (ldl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 32288-08 for ; Wed, 14 Feb 2007 11:33:48 -0700 (MST) Content-Disposition: inline List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: linux-audit@redhat.com List-Id: linux-audit@redhat.com Add a syscall class for sending signals. Signed-off-by: Amy Griffis --- arch/ia64/ia32/audit.c | 5 +++++ arch/ia64/kernel/audit.c | 8 ++++++++ arch/powerpc/kernel/audit.c | 8 ++++++++ arch/s390/kernel/audit.c | 8 ++++++++ arch/sparc64/kernel/audit.c | 8 ++++++++ arch/x86_64/ia32/audit.c | 5 +++++ arch/x86_64/kernel/audit.c | 8 ++++++++ include/asm-generic/audit_signal.h | 3 +++ include/linux/audit.h | 2 ++ lib/audit.c | 6 ++++++ 10 files changed, 61 insertions(+), 0 deletions(-) diff --git a/arch/ia64/ia32/audit.c b/arch/ia64/ia32/audit.c index 92d7d0c..8850fe4 100644 --- a/arch/ia64/ia32/audit.c +++ b/arch/ia64/ia32/audit.c @@ -20,6 +20,11 @@ unsigned ia32_read_class[] = { ~0U }; +unsigned ia32_signal_class[] = { +#include +~0U +}; + int ia32_classify_syscall(unsigned syscall) { switch(syscall) { diff --git a/arch/ia64/kernel/audit.c b/arch/ia64/kernel/audit.c index 0468255..538312a 100644 --- a/arch/ia64/kernel/audit.c +++ b/arch/ia64/kernel/audit.c @@ -23,6 +23,11 @@ static unsigned chattr_class[] = { ~0U }; +static unsigned signal_class[] = { +#include +~0U +}; + int audit_classify_syscall(int abi, unsigned syscall) { #ifdef CONFIG_IA32_SUPPORT @@ -49,15 +54,18 @@ static int __init audit_classes_init(void) extern __u32 ia32_write_class[]; extern __u32 ia32_read_class[]; extern __u32 ia32_chattr_class[]; + extern __u32 ia32_signal_class[]; audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class); audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL_32, ia32_signal_class); #endif audit_register_class(AUDIT_CLASS_WRITE, write_class); audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL, signal_class); return 0; } diff --git a/arch/powerpc/kernel/audit.c b/arch/powerpc/kernel/audit.c index 7fe5e63..66d54ba 100644 --- a/arch/powerpc/kernel/audit.c +++ b/arch/powerpc/kernel/audit.c @@ -23,6 +23,11 @@ static unsigned chattr_class[] = { ~0U }; +static unsigned signal_class[] = { +#include +~0U +}; + int audit_classify_syscall(int abi, unsigned syscall) { #ifdef CONFIG_PPC64 @@ -51,15 +56,18 @@ static int __init audit_classes_init(void) extern __u32 ppc32_write_class[]; extern __u32 ppc32_read_class[]; extern __u32 ppc32_chattr_class[]; + extern __u32 ppc32_signal_class[]; audit_register_class(AUDIT_CLASS_WRITE_32, ppc32_write_class); audit_register_class(AUDIT_CLASS_READ_32, ppc32_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL_32, ppc32_signal_class); #endif audit_register_class(AUDIT_CLASS_WRITE, write_class); audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL, signal_class); return 0; } diff --git a/arch/s390/kernel/audit.c b/arch/s390/kernel/audit.c index 0741d91..7affafe 100644 --- a/arch/s390/kernel/audit.c +++ b/arch/s390/kernel/audit.c @@ -23,6 +23,11 @@ static unsigned chattr_class[] = { ~0U }; +static unsigned signal_class[] = { +#include +~0U +}; + int audit_classify_syscall(int abi, unsigned syscall) { #ifdef CONFIG_COMPAT @@ -51,15 +56,18 @@ static int __init audit_classes_init(void) extern __u32 s390_write_class[]; extern __u32 s390_read_class[]; extern __u32 s390_chattr_class[]; + extern __u32 s390_signal_class[]; audit_register_class(AUDIT_CLASS_WRITE_32, s390_write_class); audit_register_class(AUDIT_CLASS_READ_32, s390_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL_32, s390_signal_class); #endif audit_register_class(AUDIT_CLASS_WRITE, write_class); audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL, signal_class); return 0; } diff --git a/arch/sparc64/kernel/audit.c b/arch/sparc64/kernel/audit.c index aef19cc..d57a9da 100644 --- a/arch/sparc64/kernel/audit.c +++ b/arch/sparc64/kernel/audit.c @@ -23,6 +23,11 @@ static unsigned chattr_class[] = { ~0U }; +static unsigned signal_class[] = { +#include +~0U +}; + int audit_classify_syscall(int abi, unsigned syscall) { #ifdef CONFIG_SPARC32_COMPAT @@ -51,15 +56,18 @@ static int __init audit_classes_init(void) extern __u32 sparc32_write_class[]; extern __u32 sparc32_read_class[]; extern __u32 sparc32_chattr_class[]; + extern __u32 sparc32_signal_class[]; audit_register_class(AUDIT_CLASS_WRITE_32, sparc32_write_class); audit_register_class(AUDIT_CLASS_READ_32, sparc32_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, sparc32_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, sparc32_chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL_32, sparc32_signal_class); #endif audit_register_class(AUDIT_CLASS_WRITE, write_class); audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL, signal_class); return 0; } diff --git a/arch/x86_64/ia32/audit.c b/arch/x86_64/ia32/audit.c index 92d7d0c..8850fe4 100644 --- a/arch/x86_64/ia32/audit.c +++ b/arch/x86_64/ia32/audit.c @@ -20,6 +20,11 @@ unsigned ia32_read_class[] = { ~0U }; +unsigned ia32_signal_class[] = { +#include +~0U +}; + int ia32_classify_syscall(unsigned syscall) { switch(syscall) { diff --git a/arch/x86_64/kernel/audit.c b/arch/x86_64/kernel/audit.c index 21f3338..b970de6 100644 --- a/arch/x86_64/kernel/audit.c +++ b/arch/x86_64/kernel/audit.c @@ -23,6 +23,11 @@ static unsigned chattr_class[] = { ~0U }; +static unsigned signal_class[] = { +#include +~0U +}; + int audit_classify_syscall(int abi, unsigned syscall) { #ifdef CONFIG_IA32_EMULATION @@ -49,15 +54,18 @@ static int __init audit_classes_init(void) extern __u32 ia32_write_class[]; extern __u32 ia32_read_class[]; extern __u32 ia32_chattr_class[]; + extern __u32 ia32_signal_class[]; audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class); audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL_32, ia32_signal_class); #endif audit_register_class(AUDIT_CLASS_WRITE, write_class); audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL, signal_class); return 0; } diff --git a/include/asm-generic/audit_signal.h b/include/asm-generic/audit_signal.h new file mode 100644 index 0000000..6feab7f --- /dev/null +++ b/include/asm-generic/audit_signal.h @@ -0,0 +1,3 @@ +__NR_kill, +__NR_tgkill, +__NR_tkill, diff --git a/include/linux/audit.h b/include/linux/audit.h index aa205cd..0194a9b 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -147,6 +147,8 @@ #define AUDIT_CLASS_READ_32 5 #define AUDIT_CLASS_WRITE 6 #define AUDIT_CLASS_WRITE_32 7 +#define AUDIT_CLASS_SIGNAL 8 +#define AUDIT_CLASS_SIGNAL_32 9 /* This bitmask is used to validate user input. It represents all bits that * are currently used in an audit field constant understood by the kernel. diff --git a/lib/audit.c b/lib/audit.c index 3b1289f..50e9152 100644 --- a/lib/audit.c +++ b/lib/audit.c @@ -23,6 +23,11 @@ static unsigned chattr_class[] = { ~0U }; +static unsigned signal_class[] = { +#include +~0U +}; + int audit_classify_syscall(int abi, unsigned syscall) { switch(syscall) { @@ -49,6 +54,7 @@ static int __init audit_classes_init(void) audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); + audit_register_class(AUDIT_CLASS_SIGNAL, signal_class); return 0; } -- 1.4.4.4