Loading MAINTAINERS +4 −1 Original line number Diff line number Diff line Loading @@ -370,7 +370,10 @@ W: http://atmelwlandriver.sourceforge.net/ S: Maintained AUDIT SUBSYSTEM L: linux-audit@redhat.com (subscribers-only) P: David Woodhouse M: dwmw2@infradead.org L: linux-audit@redhat.com W: http://people.redhat.com/sgrubb/audit/ S: Maintained AX.25 NETWORK LAYER Loading arch/ppc64/kernel/asm-offsets.c +1 −0 Original line number Diff line number Diff line Loading @@ -68,6 +68,7 @@ int main(void) DEFINE(THREAD_USED_VR, offsetof(struct thread_struct, used_vr)); #endif /* CONFIG_ALTIVEC */ DEFINE(MM, offsetof(struct task_struct, mm)); DEFINE(AUDITCONTEXT, offsetof(struct task_struct, audit_context)); DEFINE(DCACHEL1LINESIZE, offsetof(struct ppc64_caches, dline_size)); DEFINE(DCACHEL1LOGLINESIZE, offsetof(struct ppc64_caches, log_dline_size)); Loading arch/ppc64/kernel/entry.S +14 −4 Original line number Diff line number Diff line Loading @@ -276,12 +276,22 @@ _GLOBAL(ppc64_rt_sigsuspend) _GLOBAL(ppc32_rt_sigsuspend) bl .save_nvgprs bl .sys32_rt_sigsuspend /* If sigsuspend() returns zero, we are going into a signal handler */ 70: cmpdi 0,r3,0 beq .ret_from_except /* If it returned -EINTR, we need to return via syscall_exit to set /* If it returned an error, we need to return via syscall_exit to set the SO bit in cr0 and potentially stop for ptrace. */ b syscall_exit bne syscall_exit /* If sigsuspend() returns zero, we are going into a signal handler. We may need to call audit_syscall_exit() to mark the exit from sigsuspend() */ #ifdef CONFIG_AUDIT ld r3,PACACURRENT(r13) ld r4,AUDITCONTEXT(r3) cmpdi 0,r4,0 beq .ret_from_except /* No audit_context: Leave immediately. */ li r4, 2 /* AUDITSC_FAILURE */ li r5,-4 /* It's always -EINTR */ bl .audit_syscall_exit #endif b .ret_from_except _GLOBAL(ppc_fork) bl .save_nvgprs Loading fs/namei.c +1 −1 Original line number Diff line number Diff line Loading @@ -1048,7 +1048,7 @@ int fastcall path_lookup(const char *name, unsigned int flags, struct nameidata out: if (unlikely(current->audit_context && nd && nd->dentry && nd->dentry->d_inode)) audit_inode(name, nd->dentry->d_inode); audit_inode(name, nd->dentry->d_inode, flags); return retval; } Loading include/linux/audit.h +23 −13 Original line number Diff line number Diff line Loading @@ -51,7 +51,8 @@ #define AUDIT_WATCH_LIST 1009 /* List all file/dir watches */ #define AUDIT_SIGNAL_INFO 1010 /* Get info about sender of signal to auditd */ #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages uninteresting to kernel */ #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages mostly uninteresting to kernel */ #define AUDIT_USER_AVC 1107 /* We filter this differently */ #define AUDIT_LAST_USER_MSG 1199 #define AUDIT_DAEMON_START 1200 /* Daemon startup record */ Loading @@ -75,10 +76,15 @@ #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ /* Rule flags */ #define AUDIT_PER_TASK 0x01 /* Apply rule at task creation (not syscall) */ #define AUDIT_AT_ENTRY 0x02 /* Apply rule at syscall entry */ #define AUDIT_AT_EXIT 0x04 /* Apply rule at syscall exit */ #define AUDIT_PREPEND 0x10 /* Prepend to front of list */ #define AUDIT_FILTER_USER 0x00 /* Apply rule to user-generated messages */ #define AUDIT_FILTER_TASK 0x01 /* Apply rule at task creation (not syscall) */ #define AUDIT_FILTER_ENTRY 0x02 /* Apply rule at syscall entry */ #define AUDIT_FILTER_WATCH 0x03 /* Apply rule to file system watches */ #define AUDIT_FILTER_EXIT 0x04 /* Apply rule at syscall exit */ #define AUDIT_NR_FILTERS 5 #define AUDIT_FILTER_PREPEND 0x10 /* Prepend to front of list */ /* Rule actions */ #define AUDIT_NEVER 0 /* Do not build context if rule matches */ Loading Loading @@ -199,6 +205,7 @@ struct audit_sig_info { struct audit_buffer; struct audit_context; struct inode; struct netlink_skb_parms; #define AUDITSC_INVALID 0 #define AUDITSC_SUCCESS 1 Loading @@ -215,7 +222,7 @@ extern void audit_syscall_entry(struct task_struct *task, int arch, extern void audit_syscall_exit(struct task_struct *task, int failed, long return_code); extern void audit_getname(const char *name); extern void audit_putname(const char *name); extern void audit_inode(const char *name, const struct inode *inode); extern void audit_inode(const char *name, const struct inode *inode, unsigned flags); /* Private API (for audit.c only) */ extern int audit_receive_filter(int type, int pid, int uid, int seq, Loading @@ -230,6 +237,7 @@ extern int audit_socketcall(int nargs, unsigned long *args); extern int audit_sockaddr(int len, void *addr); extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); extern void audit_signal_info(int sig, struct task_struct *t); extern int audit_filter_user(struct netlink_skb_parms *cb, int type); #else #define audit_alloc(t) ({ 0; }) #define audit_free(t) do { ; } while (0) Loading @@ -237,7 +245,7 @@ extern void audit_signal_info(int sig, struct task_struct *t); #define audit_syscall_exit(t,f,r) do { ; } while (0) #define audit_getname(n) do { ; } while (0) #define audit_putname(n) do { ; } while (0) #define audit_inode(n,i) do { ; } while (0) #define audit_inode(n,i,f) do { ; } while (0) #define audit_receive_filter(t,p,u,s,d,l) ({ -EOPNOTSUPP; }) #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) #define audit_get_loginuid(c) ({ -1; }) Loading @@ -246,16 +254,17 @@ extern void audit_signal_info(int sig, struct task_struct *t); #define audit_sockaddr(len, addr) ({ 0; }) #define audit_avc_path(dentry, mnt) ({ 0; }) #define audit_signal_info(s,t) do { ; } while (0) #define audit_filter_user(cb,t) ({ 1; }) #endif #ifdef CONFIG_AUDIT /* These are defined in audit.c */ /* Public API */ extern void audit_log(struct audit_context *ctx, int type, const char *fmt, ...) __attribute__((format(printf,3,4))); extern void audit_log(struct audit_context *ctx, int gfp_mask, int type, const char *fmt, ...) __attribute__((format(printf,4,5))); extern struct audit_buffer *audit_log_start(struct audit_context *ctx,int type); extern struct audit_buffer *audit_log_start(struct audit_context *ctx, int gfp_mask, int type); extern void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) __attribute__((format(printf,2,3))); Loading @@ -274,9 +283,10 @@ extern void audit_send_reply(int pid, int seq, int type, int done, int multi, void *payload, int size); extern void audit_log_lost(const char *message); extern struct semaphore audit_netlink_sem; #else #define audit_log(c,t,f,...) do { ; } while (0) #define audit_log_start(c,t) ({ NULL; }) #define audit_log(c,g,t,f,...) do { ; } while (0) #define audit_log_start(c,g,t) ({ NULL; }) #define audit_log_vformat(b,f,a) do { ; } while (0) #define audit_log_format(b,f,...) do { ; } while (0) #define audit_log_end(b) do { ; } while (0) Loading Loading
MAINTAINERS +4 −1 Original line number Diff line number Diff line Loading @@ -370,7 +370,10 @@ W: http://atmelwlandriver.sourceforge.net/ S: Maintained AUDIT SUBSYSTEM L: linux-audit@redhat.com (subscribers-only) P: David Woodhouse M: dwmw2@infradead.org L: linux-audit@redhat.com W: http://people.redhat.com/sgrubb/audit/ S: Maintained AX.25 NETWORK LAYER Loading
arch/ppc64/kernel/asm-offsets.c +1 −0 Original line number Diff line number Diff line Loading @@ -68,6 +68,7 @@ int main(void) DEFINE(THREAD_USED_VR, offsetof(struct thread_struct, used_vr)); #endif /* CONFIG_ALTIVEC */ DEFINE(MM, offsetof(struct task_struct, mm)); DEFINE(AUDITCONTEXT, offsetof(struct task_struct, audit_context)); DEFINE(DCACHEL1LINESIZE, offsetof(struct ppc64_caches, dline_size)); DEFINE(DCACHEL1LOGLINESIZE, offsetof(struct ppc64_caches, log_dline_size)); Loading
arch/ppc64/kernel/entry.S +14 −4 Original line number Diff line number Diff line Loading @@ -276,12 +276,22 @@ _GLOBAL(ppc64_rt_sigsuspend) _GLOBAL(ppc32_rt_sigsuspend) bl .save_nvgprs bl .sys32_rt_sigsuspend /* If sigsuspend() returns zero, we are going into a signal handler */ 70: cmpdi 0,r3,0 beq .ret_from_except /* If it returned -EINTR, we need to return via syscall_exit to set /* If it returned an error, we need to return via syscall_exit to set the SO bit in cr0 and potentially stop for ptrace. */ b syscall_exit bne syscall_exit /* If sigsuspend() returns zero, we are going into a signal handler. We may need to call audit_syscall_exit() to mark the exit from sigsuspend() */ #ifdef CONFIG_AUDIT ld r3,PACACURRENT(r13) ld r4,AUDITCONTEXT(r3) cmpdi 0,r4,0 beq .ret_from_except /* No audit_context: Leave immediately. */ li r4, 2 /* AUDITSC_FAILURE */ li r5,-4 /* It's always -EINTR */ bl .audit_syscall_exit #endif b .ret_from_except _GLOBAL(ppc_fork) bl .save_nvgprs Loading
fs/namei.c +1 −1 Original line number Diff line number Diff line Loading @@ -1048,7 +1048,7 @@ int fastcall path_lookup(const char *name, unsigned int flags, struct nameidata out: if (unlikely(current->audit_context && nd && nd->dentry && nd->dentry->d_inode)) audit_inode(name, nd->dentry->d_inode); audit_inode(name, nd->dentry->d_inode, flags); return retval; } Loading
include/linux/audit.h +23 −13 Original line number Diff line number Diff line Loading @@ -51,7 +51,8 @@ #define AUDIT_WATCH_LIST 1009 /* List all file/dir watches */ #define AUDIT_SIGNAL_INFO 1010 /* Get info about sender of signal to auditd */ #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages uninteresting to kernel */ #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages mostly uninteresting to kernel */ #define AUDIT_USER_AVC 1107 /* We filter this differently */ #define AUDIT_LAST_USER_MSG 1199 #define AUDIT_DAEMON_START 1200 /* Daemon startup record */ Loading @@ -75,10 +76,15 @@ #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ /* Rule flags */ #define AUDIT_PER_TASK 0x01 /* Apply rule at task creation (not syscall) */ #define AUDIT_AT_ENTRY 0x02 /* Apply rule at syscall entry */ #define AUDIT_AT_EXIT 0x04 /* Apply rule at syscall exit */ #define AUDIT_PREPEND 0x10 /* Prepend to front of list */ #define AUDIT_FILTER_USER 0x00 /* Apply rule to user-generated messages */ #define AUDIT_FILTER_TASK 0x01 /* Apply rule at task creation (not syscall) */ #define AUDIT_FILTER_ENTRY 0x02 /* Apply rule at syscall entry */ #define AUDIT_FILTER_WATCH 0x03 /* Apply rule to file system watches */ #define AUDIT_FILTER_EXIT 0x04 /* Apply rule at syscall exit */ #define AUDIT_NR_FILTERS 5 #define AUDIT_FILTER_PREPEND 0x10 /* Prepend to front of list */ /* Rule actions */ #define AUDIT_NEVER 0 /* Do not build context if rule matches */ Loading Loading @@ -199,6 +205,7 @@ struct audit_sig_info { struct audit_buffer; struct audit_context; struct inode; struct netlink_skb_parms; #define AUDITSC_INVALID 0 #define AUDITSC_SUCCESS 1 Loading @@ -215,7 +222,7 @@ extern void audit_syscall_entry(struct task_struct *task, int arch, extern void audit_syscall_exit(struct task_struct *task, int failed, long return_code); extern void audit_getname(const char *name); extern void audit_putname(const char *name); extern void audit_inode(const char *name, const struct inode *inode); extern void audit_inode(const char *name, const struct inode *inode, unsigned flags); /* Private API (for audit.c only) */ extern int audit_receive_filter(int type, int pid, int uid, int seq, Loading @@ -230,6 +237,7 @@ extern int audit_socketcall(int nargs, unsigned long *args); extern int audit_sockaddr(int len, void *addr); extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); extern void audit_signal_info(int sig, struct task_struct *t); extern int audit_filter_user(struct netlink_skb_parms *cb, int type); #else #define audit_alloc(t) ({ 0; }) #define audit_free(t) do { ; } while (0) Loading @@ -237,7 +245,7 @@ extern void audit_signal_info(int sig, struct task_struct *t); #define audit_syscall_exit(t,f,r) do { ; } while (0) #define audit_getname(n) do { ; } while (0) #define audit_putname(n) do { ; } while (0) #define audit_inode(n,i) do { ; } while (0) #define audit_inode(n,i,f) do { ; } while (0) #define audit_receive_filter(t,p,u,s,d,l) ({ -EOPNOTSUPP; }) #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) #define audit_get_loginuid(c) ({ -1; }) Loading @@ -246,16 +254,17 @@ extern void audit_signal_info(int sig, struct task_struct *t); #define audit_sockaddr(len, addr) ({ 0; }) #define audit_avc_path(dentry, mnt) ({ 0; }) #define audit_signal_info(s,t) do { ; } while (0) #define audit_filter_user(cb,t) ({ 1; }) #endif #ifdef CONFIG_AUDIT /* These are defined in audit.c */ /* Public API */ extern void audit_log(struct audit_context *ctx, int type, const char *fmt, ...) __attribute__((format(printf,3,4))); extern void audit_log(struct audit_context *ctx, int gfp_mask, int type, const char *fmt, ...) __attribute__((format(printf,4,5))); extern struct audit_buffer *audit_log_start(struct audit_context *ctx,int type); extern struct audit_buffer *audit_log_start(struct audit_context *ctx, int gfp_mask, int type); extern void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) __attribute__((format(printf,2,3))); Loading @@ -274,9 +283,10 @@ extern void audit_send_reply(int pid, int seq, int type, int done, int multi, void *payload, int size); extern void audit_log_lost(const char *message); extern struct semaphore audit_netlink_sem; #else #define audit_log(c,t,f,...) do { ; } while (0) #define audit_log_start(c,t) ({ NULL; }) #define audit_log(c,g,t,f,...) do { ; } while (0) #define audit_log_start(c,g,t) ({ NULL; }) #define audit_log_vformat(b,f,a) do { ; } while (0) #define audit_log_format(b,f,...) do { ; } while (0) #define audit_log_end(b) do { ; } while (0) Loading
