Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 671a2781 authored by Jeff Vander Stoep's avatar Jeff Vander Stoep Committed by Paul Moore
Browse files

security: add ioctl specific auditing to lsm_audit 



Add information about ioctl calls to the LSM audit data. Log the
file path and command number.

Signed-off-by: default avatarJeff Vander Stoep <jeffv@google.com>
Acked-by: default avatarNick Kralevich <nnk@google.com>
[PM: subject line tweak]
Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
parent 892e8cac

include/linux/lsm_audit.h

+7 −0
Original line number Diff line number Diff line
@@ -40,6 +40,11 @@ struct lsm_network_audit { 
	} fam;

};



struct lsm_ioctlop_audit {

	struct path path;

	u16 cmd;

};



/* Auxiliary data to use in generating the audit record. */

struct common_audit_data {

	char type;
@@ -53,6 +58,7 @@ struct common_audit_data { 
#define LSM_AUDIT_DATA_KMOD	8

#define LSM_AUDIT_DATA_INODE	9

#define LSM_AUDIT_DATA_DENTRY	10

#define LSM_AUDIT_DATA_IOCTL_OP	11

	union 	{

		struct path path;

		struct dentry *dentry;
@@ -68,6 +74,7 @@ struct common_audit_data { 
		} key_struct;

#endif

		char *kmod_name;

		struct lsm_ioctlop_audit *op;

	} u;

	/* this union contains LSM specific data */

	union {

security/lsm_audit.c

+15 −0
Original line number Diff line number Diff line
@@ -245,6 +245,21 @@ static void dump_common_audit_data(struct audit_buffer *ab, 
		}

		break;

	}

	case LSM_AUDIT_DATA_IOCTL_OP: {

		struct inode *inode;



		audit_log_d_path(ab, " path=", &a->u.op->path);



		inode = a->u.op->path.dentry->d_inode;

		if (inode) {

			audit_log_format(ab, " dev=");

			audit_log_untrustedstring(ab, inode->i_sb->s_id);

			audit_log_format(ab, " ino=%lu", inode->i_ino);

		}



		audit_log_format(ab, " ioctlcmd=%hx", a->u.op->cmd);

		break;

	}

	case LSM_AUDIT_DATA_DENTRY: {

		struct inode *inode;