summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2008-02-02 08:37:03 +1100
committerLinus Torvalds <torvalds@linux-foundation.org>2008-02-02 08:37:03 +1100
commitdd5f5fed6c9458a7aa81eeef3732cc3a9891cfdf (patch)
tree06b81942dc218763889efe65faf08aeb23e71f03 /include
parent3e01dfce1387f8bec41018f0d7b42fd88ad4163f (diff)
parent7759db82774802885f96c250b36c3dfe317e62ff (diff)
downloadblackbird-op-linux-dd5f5fed6c9458a7aa81eeef3732cc3a9891cfdf.tar.gz
blackbird-op-linux-dd5f5fed6c9458a7aa81eeef3732cc3a9891cfdf.zip
Merge branch 'audit.b46' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b46' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [AUDIT] Add uid, gid fields to ANOM_PROMISCUOUS message [AUDIT] ratelimit printk messages audit [patch 2/2] audit: complement va_copy with va_end() [patch 1/2] kernel/audit.c: warning fix [AUDIT] create context if auditing was ever enabled [AUDIT] clean up audit_receive_msg() [AUDIT] make audit=0 really stop audit messages [AUDIT] break large execve argument logging into smaller messages [AUDIT] include audit type in audit message when using printk [AUDIT] do not panic on exclude messages in audit_log_pid_context() [AUDIT] Add End of Event record [AUDIT] add session id to audit messages [AUDIT] collect uid, loginuid, and comm in OBJ_PID records [AUDIT] return EINTR not ERESTART* [PATCH] get rid of loginuid races [PATCH] switch audit_get_loginuid() to task_struct *
Diffstat (limited to 'include')
-rw-r--r--include/linux/audit.h13
-rw-r--r--include/linux/init_task.h8
-rw-r--r--include/linux/sched.h4
3 files changed, 21 insertions, 4 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index bdd6f5de5fc4..97153027207a 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -98,6 +98,7 @@
#define AUDIT_FD_PAIR 1317 /* audit record for pipe/socketpair */
#define AUDIT_OBJ_PID 1318 /* ptrace target */
#define AUDIT_TTY 1319 /* Input on an administrative TTY */
+#define AUDIT_EOE 1320 /* End of multi-record event */
#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
@@ -409,7 +410,8 @@ extern unsigned int audit_serial(void);
extern void auditsc_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial);
extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
-extern uid_t audit_get_loginuid(struct audit_context *ctx);
+#define audit_get_loginuid(t) ((t)->loginuid)
+#define audit_get_sessionid(t) ((t)->sessionid)
extern void audit_log_task_context(struct audit_buffer *ab);
extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);
extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
@@ -488,7 +490,8 @@ extern int audit_signals;
#define audit_inode_child(d,i,p) do { ; } while (0)
#define audit_core_dumps(i) do { ; } while (0)
#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
-#define audit_get_loginuid(c) ({ -1; })
+#define audit_get_loginuid(t) (-1)
+#define audit_get_sessionid(t) (-1)
#define audit_log_task_context(b) do { ; } while (0)
#define audit_ipc_obj(i) ({ 0; })
#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
@@ -522,9 +525,11 @@ extern void audit_log_end(struct audit_buffer *ab);
extern void audit_log_hex(struct audit_buffer *ab,
const unsigned char *buf,
size_t len);
-extern const char * audit_log_untrustedstring(struct audit_buffer *ab,
+extern int audit_string_contains_control(const char *string,
+ size_t len);
+extern void audit_log_untrustedstring(struct audit_buffer *ab,
const char *string);
-extern const char * audit_log_n_untrustedstring(struct audit_buffer *ab,
+extern void audit_log_n_untrustedstring(struct audit_buffer *ab,
size_t n,
const char *string);
extern void audit_log_d_path(struct audit_buffer *ab,
diff --git a/include/linux/init_task.h b/include/linux/init_task.h
index e6b3f7080679..f42663eaf655 100644
--- a/include/linux/init_task.h
+++ b/include/linux/init_task.h
@@ -114,6 +114,13 @@ extern struct group_info init_groups;
.pid = &init_struct_pid, \
}
+#ifdef CONFIG_AUDITSYSCALL
+#define INIT_IDS \
+ .loginuid = -1, \
+ .sessionid = -1,
+#else
+#define INIT_IDS
+#endif
/*
* INIT_TASK is used to set up the first task table, touch at
* your own risk!. Base=0, limit=0x1fffff (=2MB)
@@ -173,6 +180,7 @@ extern struct group_info init_groups;
[PIDTYPE_SID] = INIT_PID_LINK(PIDTYPE_SID), \
}, \
.dirties = INIT_PROP_LOCAL_SINGLE(dirties), \
+ INIT_IDS \
INIT_TRACE_IRQFLAGS \
INIT_LOCKDEP \
}
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 6c333579d9da..af6947e69b40 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1139,6 +1139,10 @@ struct task_struct {
void *security;
#endif
struct audit_context *audit_context;
+#ifdef CONFIG_AUDITSYSCALL
+ uid_t loginuid;
+ unsigned int sessionid;
+#endif
seccomp_t seccomp;
/* Thread group tracking */
OpenPOWER on IntegriCloud