From: Kentaro Takeda <takedakn@nttdata.co.jp>
To: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org
Cc: chrisw@sous-sol.org
Subject: [TOMOYO 06/15](repost) Auditing interface.
Date: Tue, 02 Oct 2007 16:33:31 +0900 [thread overview]
Message-ID: <4701F44B.50105@nttdata.co.jp> (raw)
In-Reply-To: <4701F285.5000206@nttdata.co.jp>
This patch makes access logs sent to auditing subsystem.
TOMOYO Linux uses two channels for auditing.
One is 'AUDIT_TMY_GRANTED', used for auditing accesses which are
granted in the TOMOYO Linux policy.
The other is 'AUDIT_TMY_REJECTED', used for auditing accesses which
are not granted in the TOMOYO Linux policy.
Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
---
include/linux/audit.h | 3 ++
security/tomoyo/audit.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 71 insertions(+)
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ linux-2.6/security/tomoyo/audit.c 2007-10-02 11:26:22.000000000 +0900
@@ -0,0 +1,68 @@
+/*
+ * security/tomoyo/audit.c
+ *
+ * Audit functions for TOMOYO Linux
+ */
+
+#include "tomoyo.h"
+#include <linux/audit.h>
+
+/**
+ * tmy_init_audit_log - allocate and initialize audit buffer.
+ * @len: pointer to length of requested size.
+ *
+ * Returns pointer to audit buffer on success. @len received allocated size.
+ * Returns NULL on failure.
+ *
+ * @len must not be a NULL.
+ */
+char *tmy_init_audit_log(int *len)
+{
+ char *buf;
+ struct task_struct *task = current;
+ const char *domainname = TMY_SECURITY->domain->domainname->name;
+
+ *len += strlen(domainname) + 256;
+ buf = tmy_alloc(*len);
+
+ if (!buf)
+ return NULL;
+
+ snprintf(buf, (*len) - 1,
+ "pid=%d uid=%d gid=%d euid=%d egid=%d "
+ "suid=%d sgid=%d fsuid=%d fsgid=%d : %s : ",
+ task->pid, task->uid, task->gid, task->euid, task->egid,
+ task->suid, task->sgid, task->fsuid, task->fsgid, domainname);
+
+ return buf;
+}
+
+/**
+ * tmy_write_audit_log - write audit log.
+ * @buf: pointer to access log contents.
+ * @is_granted: is the access request granted?
+ * @is_enforce: is the access requested in enforcing mode?
+ *
+ * Returns zero on success.
+ * Returns nonzero on failure.
+ *
+ * Write audit log.
+ * Caller must allocate @buf with tmy_init_audit_log().
+ */
+int tmy_write_audit_log(char *buf, const u8 is_granted, const u8 is_enforce)
+{
+ struct audit_buffer *ab;
+ int type = is_granted ? AUDIT_TMY_GRANTED : AUDIT_TMY_REJECTED;
+
+ ab = audit_log_start(current->audit_context, GFP_KERNEL, type);
+ if (ab) {
+ const char *msg
+ = is_granted ? "granted" : is_enforce ?
+ "error" : "warning";
+ audit_log_format(ab, "TOMOYO %s: %s", msg, buf);
+ audit_log_end(ab);
+ }
+
+ tmy_free(buf);
+ return ab ? 0 : -ENOMEM;
+}
--- linux-2.6.orig/include/linux/audit.h 2007-10-02 11:11:52.000000000 +0900
+++ linux-2.6/include/linux/audit.h 2007-10-02 11:26:22.000000000 +0900
@@ -120,6 +120,9 @@
#define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */
+#define AUDIT_TMY_GRANTED 2001 /* TOMOYO Linux audit granted */
+#define AUDIT_TMY_REJECTED 2002 /* TOMOYO Linux audit rejected */
+
/* Rule flags */
#define AUDIT_FILTER_USER 0x00 /* Apply rule to user-generated messages */
#define AUDIT_FILTER_TASK 0x01 /* Apply rule at task creation (not syscall) */
next prev parent reply other threads:[~2007-10-02 7:33 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-02 7:25 [TOMOYO 00/15](repost) TOMOYO Linux - MAC based on process invocation history Kentaro Takeda
2007-10-02 7:28 ` [TOMOYO 01/15](repost) Allow use of namespace_sem from LSM module Kentaro Takeda
2007-10-02 7:29 ` [TOMOYO 02/15](repost) Data structures and prototypes definition Kentaro Takeda
2007-10-02 7:30 ` [TOMOYO 03/15](repost) Memory and pathname management functions Kentaro Takeda
2007-10-03 7:39 ` James Morris
2007-10-03 11:12 ` Tetsuo Handa
2007-10-02 7:31 ` [TOMOYO 04/15](repost) Utility functions and securityfs interface for policy manipulation Kentaro Takeda
2007-10-02 8:05 ` Paul Mundt
2007-10-02 14:15 ` Greg KH
2007-10-02 7:32 ` [TOMOYO 05/15](repost) Domain transition handler functions Kentaro Takeda
2007-10-02 11:15 ` James Morris
2007-10-02 12:44 ` Tetsuo Handa
2007-10-02 13:00 ` YOSHIFUJI Hideaki / 吉藤英明
2007-10-02 13:07 ` James Morris
2007-10-02 14:50 ` Andi Kleen
2007-10-03 11:24 ` Tetsuo Handa
2007-10-03 11:43 ` YOSHIFUJI Hideaki / 吉藤英明
2007-10-03 12:37 ` James Morris
2007-10-03 13:04 ` Tetsuo Handa
2007-10-03 13:11 ` YOSHIFUJI Hideaki / 吉藤英明
2007-10-03 13:14 ` KaiGai Kohei
2007-10-03 13:59 ` Tetsuo Handa
2007-10-03 14:07 ` Peter Zijlstra
2007-10-03 14:26 ` Tetsuo Handa
2007-10-03 14:26 ` Peter Zijlstra
2007-10-03 14:32 ` YOSHIFUJI Hideaki / 吉藤英明
2007-10-03 14:39 ` James Morris
2007-10-03 14:56 ` Tetsuo Handa
2007-10-04 12:57 ` Tetsuo Handa
2007-10-03 14:37 ` Jiri Kosina
2007-10-07 10:38 ` Sleeping in RCU list traversal Tetsuo Handa
2007-10-03 13:24 ` [TOMOYO 05/15](repost) Domain transition handler functions Peter Zijlstra
2007-10-03 14:19 ` Tetsuo Handa
2007-10-03 14:28 ` Peter Zijlstra
2007-10-15 11:46 ` Tetsuo Handa
2007-10-03 14:35 ` David P. Quigley
2007-10-15 12:09 ` Tetsuo Handa
2007-10-02 7:33 ` Kentaro Takeda [this message]
2007-10-02 7:34 ` [TOMOYO 07/15](repost) File access control functions Kentaro Takeda
2007-10-02 7:35 ` [TOMOYO 08/15](repost) Argv[0] " Kentaro Takeda
2007-10-02 7:36 ` [TOMOYO 09/15](repost) Networking " Kentaro Takeda
2007-10-02 7:37 ` [TOMOYO 10/15](repost) Namespace manipulation " Kentaro Takeda
2007-10-02 7:37 ` [TOMOYO 11/15](repost) Signal transmission " Kentaro Takeda
2007-10-02 7:38 ` [TOMOYO 12/15](repost) LSM adapter for TOMOYO Kentaro Takeda
2007-10-02 7:39 ` [TOMOYO 13/15](repost) Conditional permission support Kentaro Takeda
2007-10-02 7:39 ` [TOMOYO 14/15](repost) LSM expansion for TOMOYO Linux Kentaro Takeda
2007-10-02 12:48 ` James Morris
2007-10-02 13:33 ` Tetsuo Handa
2007-10-02 14:36 ` James Morris
2007-10-02 21:49 ` Tetsuo Handa
2007-10-02 7:40 ` [TOMOYO 15/15](repost) Kconfig and Makefile " Kentaro Takeda
2007-10-02 7:42 ` [TOMOYO 00/15](repost) TOMOYO Linux - MAC based on process invocation history Kentaro Takeda
2007-10-02 10:37 ` James Morris
2007-10-02 10:58 ` Kentaro Takeda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4701F44B.50105@nttdata.co.jp \
--to=takedakn@nttdata.co.jp \
--cc=chrisw@sous-sol.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox