lsm_audit.h source code [linux/include/linux/lsm_audit.h]

Warning: This file is not a C or C++ file. It does not have highlighting.

1	/* SPDX-License-Identifier: GPL-2.0 */
2	/*
3	* Common LSM logging functions
4	* Heavily borrowed from selinux/avc.h
5	*
6	* Author : Etienne BASSET <etienne.basset@ensta.org>
7	*
8	* All credits to : Stephen Smalley, <sds@tycho.nsa.gov>
9	* All BUGS to : Etienne BASSET <etienne.basset@ensta.org>
10	*/
11	#ifndef _LSM_COMMON_LOGGING_
12	#define _LSM_COMMON_LOGGING_
13
14	#include <linux/stddef.h>
15	#include <linux/errno.h>
16	#include <linux/kernel.h>
17	#include <linux/kdev_t.h>
18	#include <linux/spinlock.h>
19	#include <linux/init.h>
20	#include <linux/audit.h>
21	#include <linux/in6.h>
22	#include <linux/path.h>
23	#include <linux/key.h>
24	#include <linux/skbuff.h>
25	#include <rdma/ib_verbs.h>
26
27	struct lsm_network_audit {
28	int netif;
29	const struct sock *sk;
30	u16 family;
31	__be16 dport;
32	__be16 sport;
33	union {
34	struct {
35	__be32 daddr;
36	__be32 saddr;
37	} v4;
38	struct {
39	struct in6_addr daddr;
40	struct in6_addr saddr;
41	} v6;
42	} fam;
43	};
44
45	struct lsm_ioctlop_audit {
46	struct path path;
47	u16 cmd;
48	};
49
50	struct lsm_ibpkey_audit {
51	u64 subnet_prefix;
52	u16 pkey;
53	};
54
55	struct lsm_ibendport_audit {
56	const char *dev_name;
57	u8 port;
58	};
59
60	/* Auxiliary data to use in generating the audit record. */
61	struct common_audit_data {
62	char type;
63	#define LSM_AUDIT_DATA_PATH 1
64	#define LSM_AUDIT_DATA_NET 2
65	#define LSM_AUDIT_DATA_CAP 3
66	#define LSM_AUDIT_DATA_IPC 4
67	#define LSM_AUDIT_DATA_TASK 5
68	#define LSM_AUDIT_DATA_KEY 6
69	#define LSM_AUDIT_DATA_NONE 7
70	#define LSM_AUDIT_DATA_KMOD 8
71	#define LSM_AUDIT_DATA_INODE 9
72	#define LSM_AUDIT_DATA_DENTRY 10
73	#define LSM_AUDIT_DATA_IOCTL_OP 11
74	#define LSM_AUDIT_DATA_FILE 12
75	#define LSM_AUDIT_DATA_IBPKEY 13
76	#define LSM_AUDIT_DATA_IBENDPORT 14
77	#define LSM_AUDIT_DATA_LOCKDOWN 15
78	#define LSM_AUDIT_DATA_NOTIFICATION 16
79	#define LSM_AUDIT_DATA_ANONINODE 17
80	union {
81	struct path path;
82	struct dentry *dentry;
83	struct inode *inode;
84	struct lsm_network_audit *net;
85	int cap;
86	int ipc_id;
87	struct task_struct *tsk;
88	#ifdef CONFIG_KEYS
89	struct {
90	key_serial_t key;
91	char *key_desc;
92	} key_struct;
93	#endif
94	char *kmod_name;
95	struct lsm_ioctlop_audit *op;
96	struct file *file;
97	struct lsm_ibpkey_audit *ibpkey;
98	struct lsm_ibendport_audit *ibendport;
99	int reason;
100	const char *anonclass;
101	} u;
102	/* this union contains LSM specific data */
103	union {
104	#ifdef CONFIG_SECURITY_SMACK
105	struct smack_audit_data *smack_audit_data;
106	#endif
107	#ifdef CONFIG_SECURITY_SELINUX
108	struct selinux_audit_data *selinux_audit_data;
109	#endif
110	#ifdef CONFIG_SECURITY_APPARMOR
111	struct apparmor_audit_data *apparmor_audit_data;
112	#endif
113	}; /* per LSM data pointer union */
114	};
115
116	#define v4info fam.v4
117	#define v6info fam.v6
118
119	int ipv4_skb_to_auditdata(struct sk_buff *skb,
120	struct common_audit_data ad, u8 proto);
121
122	int ipv6_skb_to_auditdata(struct sk_buff *skb,
123	struct common_audit_data ad, u8 proto);
124
125	void common_lsm_audit(struct common_audit_data *a,
126	void (pre_audit)(struct audit_buffer , void *),
127	void (post_audit)(struct audit_buffer , void *));
128
129	#endif
130

Warning: This file is not a C or C++ file. It does not have highlighting.

source code of linux/include/linux/lsm_audit.h