linux/include/linux/lsm_audit.h
<<
>>
Prefs
   1/*
   2 * Common LSM logging functions
   3 * Heavily borrowed from selinux/avc.h
   4 *
   5 * Author : Etienne BASSET  <etienne.basset@ensta.org>
   6 *
   7 * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil>
   8 * All BUGS to : Etienne BASSET  <etienne.basset@ensta.org>
   9 */
  10#ifndef _LSM_COMMON_LOGGING_
  11#define _LSM_COMMON_LOGGING_
  12
  13#include <linux/stddef.h>
  14#include <linux/errno.h>
  15#include <linux/kernel.h>
  16#include <linux/kdev_t.h>
  17#include <linux/spinlock.h>
  18#include <linux/init.h>
  19#include <linux/audit.h>
  20#include <linux/in6.h>
  21#include <linux/path.h>
  22#include <linux/key.h>
  23#include <linux/skbuff.h>
  24
  25struct lsm_network_audit {
  26        int netif;
  27        struct sock *sk;
  28        u16 family;
  29        __be16 dport;
  30        __be16 sport;
  31        union {
  32                struct {
  33                        __be32 daddr;
  34                        __be32 saddr;
  35                } v4;
  36                struct {
  37                        struct in6_addr daddr;
  38                        struct in6_addr saddr;
  39                } v6;
  40        } fam;
  41};
  42
  43/* Auxiliary data to use in generating the audit record. */
  44struct common_audit_data {
  45        char type;
  46#define LSM_AUDIT_DATA_PATH     1
  47#define LSM_AUDIT_DATA_NET      2
  48#define LSM_AUDIT_DATA_CAP      3
  49#define LSM_AUDIT_DATA_IPC      4
  50#define LSM_AUDIT_DATA_TASK     5
  51#define LSM_AUDIT_DATA_KEY      6
  52#define LSM_AUDIT_DATA_NONE     7
  53#define LSM_AUDIT_DATA_KMOD     8
  54#define LSM_AUDIT_DATA_INODE    9
  55#define LSM_AUDIT_DATA_DENTRY   10
  56        union   {
  57                struct path path;
  58                struct dentry *dentry;
  59                struct inode *inode;
  60                struct lsm_network_audit *net;
  61                int cap;
  62                int ipc_id;
  63                struct task_struct *tsk;
  64#ifdef CONFIG_KEYS
  65                struct {
  66                        key_serial_t key;
  67                        char *key_desc;
  68                } key_struct;
  69#endif
  70                char *kmod_name;
  71        } u;
  72        /* this union contains LSM specific data */
  73        union {
  74#ifdef CONFIG_SECURITY_SMACK
  75                struct smack_audit_data *smack_audit_data;
  76#endif
  77#ifdef CONFIG_SECURITY_SELINUX
  78                struct selinux_audit_data *selinux_audit_data;
  79#endif
  80#ifdef CONFIG_SECURITY_APPARMOR
  81                struct apparmor_audit_data *apparmor_audit_data;
  82#endif
  83        }; /* per LSM data pointer union */
  84};
  85
  86#define v4info fam.v4
  87#define v6info fam.v6
  88
  89int ipv4_skb_to_auditdata(struct sk_buff *skb,
  90                struct common_audit_data *ad, u8 *proto);
  91
  92int ipv6_skb_to_auditdata(struct sk_buff *skb,
  93                struct common_audit_data *ad, u8 *proto);
  94
  95void common_lsm_audit(struct common_audit_data *a,
  96        void (*pre_audit)(struct audit_buffer *, void *),
  97        void (*post_audit)(struct audit_buffer *, void *));
  98
  99#endif
 100
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.