1 /*
2  * Common LSM logging functions
3  * Heavily borrowed from selinux/avc.h
4  *
5  * Author : Etienne BASSET  <etienne.basset@ensta.org>
6  *
7  * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil>
8  * All BUGS to : Etienne BASSET  <etienne.basset@ensta.org>
9  */
10 #ifndef _LSM_COMMON_LOGGING_
11 #define _LSM_COMMON_LOGGING_
12 
13 #include <linux/stddef.h>
14 #include <linux/errno.h>
15 #include <linux/kernel.h>
16 #include <linux/kdev_t.h>
17 #include <linux/spinlock.h>
18 #include <linux/init.h>
19 #include <linux/audit.h>
20 #include <linux/in6.h>
21 #include <linux/path.h>
22 #include <linux/key.h>
23 #include <linux/skbuff.h>
24 #include <asm/system.h>
25 
26 
27 /* Auxiliary data to use in generating the audit record. */
28 struct common_audit_data {
29 	char type;
30 #define LSM_AUDIT_DATA_PATH	1
31 #define LSM_AUDIT_DATA_NET	2
32 #define LSM_AUDIT_DATA_CAP	3
33 #define LSM_AUDIT_DATA_IPC	4
34 #define LSM_AUDIT_DATA_TASK	5
35 #define LSM_AUDIT_DATA_KEY	6
36 #define LSM_AUDIT_DATA_NONE	7
37 #define LSM_AUDIT_DATA_KMOD	8
38 #define LSM_AUDIT_DATA_INODE	9
39 #define LSM_AUDIT_DATA_DENTRY	10
40 	struct task_struct *tsk;
41 	union 	{
42 		struct path path;
43 		struct dentry *dentry;
44 		struct inode *inode;
45 		struct {
46 			int netif;
47 			struct sock *sk;
48 			u16 family;
49 			__be16 dport;
50 			__be16 sport;
51 			union {
52 				struct {
53 					__be32 daddr;
54 					__be32 saddr;
55 				} v4;
56 				struct {
57 					struct in6_addr daddr;
58 					struct in6_addr saddr;
59 				} v6;
60 			} fam;
61 		} net;
62 		int cap;
63 		int ipc_id;
64 		struct task_struct *tsk;
65 #ifdef CONFIG_KEYS
66 		struct {
67 			key_serial_t key;
68 			char *key_desc;
69 		} key_struct;
70 #endif
71 		char *kmod_name;
72 	} u;
73 	/* this union contains LSM specific data */
74 	union {
75 #ifdef CONFIG_SECURITY_SMACK
76 		/* SMACK data */
77 		struct smack_audit_data {
78 			const char *function;
79 			char *subject;
80 			char *object;
81 			char *request;
82 			int result;
83 		} smack_audit_data;
84 #endif
85 #ifdef CONFIG_SECURITY_SELINUX
86 		/* SELinux data */
87 		struct {
88 			u32 ssid;
89 			u32 tsid;
90 			u16 tclass;
91 			u32 requested;
92 			u32 audited;
93 			u32 denied;
94 			/*
95 			 * auditdeny is a bit tricky and unintuitive.  See the
96 			 * comments in avc.c for it's meaning and usage.
97 			 */
98 			u32 auditdeny;
99 			struct av_decision *avd;
100 			int result;
101 		} selinux_audit_data;
102 #endif
103 #ifdef CONFIG_SECURITY_APPARMOR
104 		struct {
105 			int error;
106 			int op;
107 			int type;
108 			void *profile;
109 			const char *name;
110 			const char *info;
111 			union {
112 				void *target;
113 				struct {
114 					long pos;
115 					void *target;
116 				} iface;
117 				struct {
118 					int rlim;
119 					unsigned long max;
120 				} rlim;
121 				struct {
122 					const char *target;
123 					u32 request;
124 					u32 denied;
125 					uid_t ouid;
126 				} fs;
127 			};
128 		} apparmor_audit_data;
129 #endif
130 	};
131 	/* these callback will be implemented by a specific LSM */
132 	void (*lsm_pre_audit)(struct audit_buffer *, void *);
133 	void (*lsm_post_audit)(struct audit_buffer *, void *);
134 };
135 
136 #define v4info fam.v4
137 #define v6info fam.v6
138 
139 int ipv4_skb_to_auditdata(struct sk_buff *skb,
140 		struct common_audit_data *ad, u8 *proto);
141 
142 int ipv6_skb_to_auditdata(struct sk_buff *skb,
143 		struct common_audit_data *ad, u8 *proto);
144 
145 /* Initialize an LSM audit data structure. */
146 #define COMMON_AUDIT_DATA_INIT(_d, _t) \
147 	{ memset((_d), 0, sizeof(struct common_audit_data)); \
148 	 (_d)->type = LSM_AUDIT_DATA_##_t; }
149 
150 void common_lsm_audit(struct common_audit_data *a);
151 
152 #endif
153