Merge branch 'audit.b59' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current

#include <asm-generic/audit_dir_write.h>

#include <asm-generic/audit_dir_write.h>

__NR_acct,

__NR_acct,

#ifdef __NR_swapon

__NR_swapon,

__NR_swapon,

#endif

__NR_quotactl,

__NR_quotactl,

__NR_truncate,

__NR_truncate,

#ifdef __NR_truncate64

#ifdef __NR_truncate64

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDITSYSCALL

/* These are defined in auditsc.c */

/* These are defined in auditsc.c */

				/* Public API */

				/* Public API */

extern void audit_finish_fork(struct task_struct *child);

extern int  audit_alloc(struct task_struct *task);

extern int  audit_alloc(struct task_struct *task);

extern void audit_free(struct task_struct *task);

extern void audit_free(struct task_struct *task);

extern void audit_syscall_entry(int arch,

extern void audit_syscall_entry(int arch,

				/* Private API (for audit.c only) */

				/* Private API (for audit.c only) */

extern unsigned int audit_serial(void);

extern unsigned int audit_serial(void);

extern void auditsc_get_stamp(struct audit_context *ctx,

extern int auditsc_get_stamp(struct audit_context *ctx,

			      struct timespec *t, unsigned int *serial);

			      struct timespec *t, unsigned int *serial);

extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);

extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);

#define audit_get_loginuid(t) ((t)->loginuid)

#define audit_get_loginuid(t) ((t)->loginuid)

extern int audit_n_rules;

extern int audit_n_rules;

extern int audit_signals;

extern int audit_signals;

#else

#else

#define audit_finish_fork(t)

#define audit_alloc(t) ({ 0; })

#define audit_alloc(t) ({ 0; })

#define audit_free(t) do { ; } while (0)

#define audit_free(t) do { ; } while (0)

#define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0)

#define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0)

#define audit_inode(n,d) do { ; } while (0)

#define audit_inode(n,d) do { ; } while (0)

#define audit_inode_child(d,i,p) do { ; } while (0)

#define audit_inode_child(d,i,p) do { ; } while (0)

#define audit_core_dumps(i) do { ; } while (0)

#define audit_core_dumps(i) do { ; } while (0)

#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)

#define auditsc_get_stamp(c,t,s) (0)

#define audit_get_loginuid(t) (-1)

#define audit_get_loginuid(t) (-1)

#define audit_get_sessionid(t) (-1)

#define audit_get_sessionid(t) (-1)

#define audit_log_task_context(b) do { ; } while (0)

#define audit_log_task_context(b) do { ; } while (0)

#include "audit.h"

#include "audit.h"

/* No auditing will take place until audit_initialized != 0.

/* No auditing will take place until audit_initialized == AUDIT_INITIALIZED.

 * (Initialization happens after skb_init is called.) */

 * (Initialization happens after skb_init is called.) */

#define AUDIT_DISABLED		-1

#define AUDIT_UNINITIALIZED	0

#define AUDIT_INITIALIZED	1

static int	audit_initialized;

static int	audit_initialized;

#define AUDIT_OFF	0

#define AUDIT_OFF	0

{

{

	int i;

	int i;

	if (audit_initialized == AUDIT_DISABLED)

		return 0;

	printk(KERN_INFO "audit: initializing netlink socket (%s)\n",

	printk(KERN_INFO "audit: initializing netlink socket (%s)\n",

	       audit_default ? "enabled" : "disabled");

	       audit_default ? "enabled" : "disabled");

	audit_sock = netlink_kernel_create(&init_net, NETLINK_AUDIT, 0,

	audit_sock = netlink_kernel_create(&init_net, NETLINK_AUDIT, 0,

	skb_queue_head_init(&audit_skb_queue);

	skb_queue_head_init(&audit_skb_queue);

	skb_queue_head_init(&audit_skb_hold_queue);

	skb_queue_head_init(&audit_skb_hold_queue);

	audit_initialized = 1;

	audit_initialized = AUDIT_INITIALIZED;

	audit_enabled = audit_default;

	audit_enabled = audit_default;

	audit_ever_enabled |= !!audit_default;

	audit_ever_enabled |= !!audit_default;

static int __init audit_enable(char *str)

static int __init audit_enable(char *str)

{

{

	audit_default = !!simple_strtol(str, NULL, 0);

	audit_default = !!simple_strtol(str, NULL, 0);

	printk(KERN_INFO "audit: %s%s\n",

	if (!audit_default)

	       audit_default ? "enabled" : "disabled",

		audit_initialized = AUDIT_DISABLED;

	       audit_initialized ? "" : " (after initialization)");

	if (audit_initialized) {

	printk(KERN_INFO "audit: %s", audit_default ? "enabled" : "disabled");

	if (audit_initialized == AUDIT_INITIALIZED) {

		audit_enabled = audit_default;

		audit_enabled = audit_default;

		audit_ever_enabled |= !!audit_default;

		audit_ever_enabled |= !!audit_default;

	} else if (audit_initialized == AUDIT_UNINITIALIZED) {

		printk(" (after initialization)");

	} else {

		printk(" (until reboot)");

	}

	}

	printk("\n");

	return 1;

	return 1;

}

}

static inline void audit_get_stamp(struct audit_context *ctx,

static inline void audit_get_stamp(struct audit_context *ctx,

				   struct timespec *t, unsigned int *serial)

				   struct timespec *t, unsigned int *serial)

{

{

	if (ctx)

	if (!ctx || !auditsc_get_stamp(ctx, t, serial)) {

		auditsc_get_stamp(ctx, t, serial);

	else {

		*t = CURRENT_TIME;

		*t = CURRENT_TIME;

		*serial = audit_serial();

		*serial = audit_serial();

	}

	}

	int reserve;

	int reserve;

	unsigned long timeout_start = jiffies;

	unsigned long timeout_start = jiffies;

	if (!audit_initialized)

	if (audit_initialized != AUDIT_INITIALIZED)

		return NULL;

		return NULL;

	if (unlikely(audit_filter_type(type)))

	if (unlikely(audit_filter_type(type)))

/**

/**

 * audit_syscall_entry - fill in an audit record at syscall entry

 * audit_syscall_entry - fill in an audit record at syscall entry

 * @tsk: task being audited

 * @arch: architecture type

 * @arch: architecture type

 * @major: major syscall type (function)

 * @major: major syscall type (function)

 * @a1: additional syscall register 1

 * @a1: additional syscall register 1

	context->ppid       = 0;

	context->ppid       = 0;

}

}

void audit_finish_fork(struct task_struct *child)

{

	struct audit_context *ctx = current->audit_context;

	struct audit_context *p = child->audit_context;

	if (!p || !ctx || !ctx->auditable)

		return;

	p->arch = ctx->arch;

	p->major = ctx->major;

	memcpy(p->argv, ctx->argv, sizeof(ctx->argv));

	p->ctime = ctx->ctime;

	p->dummy = ctx->dummy;

	p->auditable = ctx->auditable;

	p->in_syscall = ctx->in_syscall;

	p->filterkey = kstrdup(ctx->filterkey, GFP_KERNEL);

	p->ppid = current->pid;

}

/**

/**

 * audit_syscall_exit - deallocate audit context after a system call

 * audit_syscall_exit - deallocate audit context after a system call

 * @tsk: task being audited

 * @valid: success/failure flag

 * @valid: success/failure flag

 * @return_code: syscall return value

 * @return_code: syscall return value

 *

 *

 *

 *

 * Also sets the context as auditable.

 * Also sets the context as auditable.

 */

 */

void auditsc_get_stamp(struct audit_context *ctx,

int auditsc_get_stamp(struct audit_context *ctx,

		       struct timespec *t, unsigned int *serial)

		       struct timespec *t, unsigned int *serial)

{

{

	if (!ctx->in_syscall)

		return 0;

	if (!ctx->serial)

	if (!ctx->serial)

		ctx->serial = audit_serial();

		ctx->serial = audit_serial();

	t->tv_sec  = ctx->ctime.tv_sec;

	t->tv_sec  = ctx->ctime.tv_sec;

	t->tv_nsec = ctx->ctime.tv_nsec;

	t->tv_nsec = ctx->ctime.tv_nsec;

	*serial    = ctx->serial;

	*serial    = ctx->serial;

	ctx->auditable = 1;

	ctx->auditable = 1;

	return 1;

}

}

/* global counter which is incremented every time something logs in */

/* global counter which is incremented every time something logs in */

			init_completion(&vfork);

			init_completion(&vfork);

		}

		}

		audit_finish_fork(p);

		tracehook_report_clone(trace, regs, clone_flags, nr, p);

		tracehook_report_clone(trace, regs, clone_flags, nr, p);

		/*

		/*