Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
audit.h
Go to the documentation of this file.
1 /*
2  * AppArmor security module
3  *
4  * This file contains AppArmor auditing function definitions.
5  *
6  * Copyright (C) 1998-2008 Novell/SUSE
7  * Copyright 2009-2010 Canonical Ltd.
8  *
9  * This program is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU General Public License as
11  * published by the Free Software Foundation, version 2 of the
12  * License.
13  */
14 
15 #ifndef __AA_AUDIT_H
16 #define __AA_AUDIT_H
17 
18 #include <linux/audit.h>
19 #include <linux/fs.h>
20 #include <linux/lsm_audit.h>
21 #include <linux/sched.h>
22 #include <linux/slab.h>
23 
24 #include "file.h"
25 
26 struct aa_profile;
27 
28 extern const char *const audit_mode_names[];
29 #define AUDIT_MAX_INDEX 5
30 
31 enum audit_mode {
32  AUDIT_NORMAL, /* follow normal auditing of accesses */
33  AUDIT_QUIET_DENIED, /* quiet all denied access messages */
34  AUDIT_QUIET, /* quiet all messages */
35  AUDIT_NOQUIET, /* do not quiet audit messages */
36  AUDIT_ALL /* audit all accesses */
37 };
38 
39 enum audit_type {
40  AUDIT_APPARMOR_AUDIT,
41  AUDIT_APPARMOR_ALLOWED,
42  AUDIT_APPARMOR_DENIED,
43  AUDIT_APPARMOR_HINT,
44  AUDIT_APPARMOR_STATUS,
45  AUDIT_APPARMOR_ERROR,
46  AUDIT_APPARMOR_KILL,
47  AUDIT_APPARMOR_AUTO
48 };
49 
50 extern const char *const op_table[];
51 enum aa_ops {
52  OP_NULL,
53 
54  OP_SYSCTL,
55  OP_CAPABLE,
56 
57  OP_UNLINK,
58  OP_MKDIR,
59  OP_RMDIR,
60  OP_MKNOD,
61  OP_TRUNC,
62  OP_LINK,
63  OP_SYMLINK,
64  OP_RENAME_SRC,
65  OP_RENAME_DEST,
66  OP_CHMOD,
67  OP_CHOWN,
68  OP_GETATTR,
69  OP_OPEN,
70 
71  OP_FPERM,
72  OP_FLOCK,
73  OP_FMMAP,
74  OP_FMPROT,
75 
76  OP_CREATE,
77  OP_POST_CREATE,
78  OP_BIND,
79  OP_CONNECT,
80  OP_LISTEN,
81  OP_ACCEPT,
82  OP_SENDMSG,
83  OP_RECVMSG,
84  OP_GETSOCKNAME,
85  OP_GETPEERNAME,
86  OP_GETSOCKOPT,
87  OP_SETSOCKOPT,
88  OP_SOCK_SHUTDOWN,
89 
90  OP_PTRACE,
91 
92  OP_EXEC,
93  OP_CHANGE_HAT,
94  OP_CHANGE_PROFILE,
95  OP_CHANGE_ONEXEC,
96 
97  OP_SETPROCATTR,
98  OP_SETRLIMIT,
99 
100  OP_PROF_REPL,
101  OP_PROF_LOAD,
102  OP_PROF_RM,
103 };
104 
105 
106 struct apparmor_audit_data {
107  int error;
108  int op;
109  int type;
110  void *profile;
111  const char *name;
112  const char *info;
113  struct task_struct *tsk;
114  union {
115  void *target;
116  struct {
117  long pos;
118  void *target;
119  } iface;
120  struct {
121  int rlim;
122  unsigned long max;
123  } rlim;
124  struct {
125  const char *target;
126  u32 request;
127  u32 denied;
128  kuid_t ouid;
129  } fs;
130  };
131 };
132 
133 /* define a short hand for apparmor_audit_data structure */
134 #define aad apparmor_audit_data
135 
136 void aa_audit_msg(int type, struct common_audit_data *sa,
137  void (*cb) (struct audit_buffer *, void *));
138 int aa_audit(int type, struct aa_profile *profile, gfp_t gfp,
139  struct common_audit_data *sa,
140  void (*cb) (struct audit_buffer *, void *));
141 
142 static inline int complain_error(int error)
143 {
144  if (error == -EPERM || error == -EACCES)
145  return 0;
146  return error;
147 }
148 
149 #endif /* __AA_AUDIT_H */
Generated on Thu Jan 10 2013 13:16:43 for Linux Kernel by   doxygen 1.8.2