Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ima_audit.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2008 IBM Corporation
3  * Author: Mimi Zohar <[email protected]>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation, version 2 of the License.
8  *
9  * File: integrity_audit.c
10  * Audit calls for the integrity subsystem
11  */
12 
13 #include <linux/fs.h>
14 #include <linux/gfp.h>
15 #include <linux/audit.h>
16 #include "ima.h"
17 
18 static int ima_audit;
19 
20 /* ima_audit_setup - enable informational auditing messages */
21 static int __init ima_audit_setup(char *str)
22 {
23  unsigned long audit;
24 
25  if (!strict_strtoul(str, 0, &audit))
26  ima_audit = audit ? 1 : 0;
27  return 1;
28 }
29 __setup("ima_audit=", ima_audit_setup);
30 
31 void integrity_audit_msg(int audit_msgno, struct inode *inode,
32  const unsigned char *fname, const char *op,
33  const char *cause, int result, int audit_info)
34 {
35  struct audit_buffer *ab;
36 
37  if (!ima_audit && audit_info == 1) /* Skip informational messages */
38  return;
39 
40  ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
41  audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
42  current->pid,
44  from_kuid(&init_user_ns, audit_get_loginuid(current)),
45  audit_get_sessionid(current));
47  audit_log_format(ab, " op=");
48  audit_log_string(ab, op);
49  audit_log_format(ab, " cause=");
50  audit_log_string(ab, cause);
51  audit_log_format(ab, " comm=");
53  if (fname) {
54  audit_log_format(ab, " name=");
55  audit_log_untrustedstring(ab, fname);
56  }
57  if (inode) {
58  audit_log_format(ab, " dev=");
59  audit_log_untrustedstring(ab, inode->i_sb->s_id);
60  audit_log_format(ab, " ino=%lu", inode->i_ino);
61  }
62  audit_log_format(ab, " res=%d", !result);
63  audit_log_end(ab);
64 }