1 /*
2  * Common LSM logging functions
3  * Heavily borrowed from selinux/avc.h
4  *
5  * Author : Etienne BASSET  <etienne.basset@ensta.org>
6  *
7  * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil>
8  * All BUGS to : Etienne BASSET  <etienne.basset@ensta.org>
9  */
10 #ifndef _LSM_COMMON_LOGGING_
11 #define _LSM_COMMON_LOGGING_
12 
13 #include <linux/stddef.h>
14 #include <linux/errno.h>
15 #include <linux/kernel.h>
16 #include <linux/kdev_t.h>
17 #include <linux/spinlock.h>
18 #include <linux/init.h>
19 #include <linux/audit.h>
20 #include <linux/in6.h>
21 #include <linux/path.h>
22 #include <linux/key.h>
23 #include <linux/skbuff.h>
24 #include <asm/system.h>
25 
26 
27 /* Auxiliary data to use in generating the audit record. */
28 struct common_audit_data {
29 	char type;
30 #define LSM_AUDIT_DATA_FS	1
31 #define LSM_AUDIT_DATA_NET	2
32 #define LSM_AUDIT_DATA_CAP	3
33 #define LSM_AUDIT_DATA_IPC	4
34 #define LSM_AUDIT_DATA_TASK	5
35 #define LSM_AUDIT_DATA_KEY	6
36 #define LSM_AUDIT_DATA_NONE	7
37 #define LSM_AUDIT_DATA_KMOD	8
38 	struct task_struct *tsk;
39 	union 	{
40 		struct {
41 			struct path path;
42 			struct inode *inode;
43 		} fs;
44 		struct {
45 			int netif;
46 			struct sock *sk;
47 			u16 family;
48 			__be16 dport;
49 			__be16 sport;
50 			union {
51 				struct {
52 					__be32 daddr;
53 					__be32 saddr;
54 				} v4;
55 				struct {
56 					struct in6_addr daddr;
57 					struct in6_addr saddr;
58 				} v6;
59 			} fam;
60 		} net;
61 		int cap;
62 		int ipc_id;
63 		struct task_struct *tsk;
64 #ifdef CONFIG_KEYS
65 		struct {
66 			key_serial_t key;
67 			char *key_desc;
68 		} key_struct;
69 #endif
70 		char *kmod_name;
71 	} u;
72 	/* this union contains LSM specific data */
73 	union {
74 #ifdef CONFIG_SECURITY_SMACK
75 		/* SMACK data */
76 		struct smack_audit_data {
77 			const char *function;
78 			char *subject;
79 			char *object;
80 			char *request;
81 			int result;
82 		} smack_audit_data;
83 #endif
84 #ifdef CONFIG_SECURITY_SELINUX
85 		/* SELinux data */
86 		struct {
87 			u32 ssid;
88 			u32 tsid;
89 			u16 tclass;
90 			u32 requested;
91 			u32 audited;
92 			u32 denied;
93 			/*
94 			 * auditdeny is a bit tricky and unintuitive.  See the
95 			 * comments in avc.c for it's meaning and usage.
96 			 */
97 			u32 auditdeny;
98 			struct av_decision *avd;
99 			int result;
100 		} selinux_audit_data;
101 #endif
102 #ifdef CONFIG_SECURITY_APPARMOR
103 		struct {
104 			int error;
105 			int op;
106 			int type;
107 			void *profile;
108 			const char *name;
109 			const char *info;
110 			union {
111 				void *target;
112 				struct {
113 					long pos;
114 					void *target;
115 				} iface;
116 				struct {
117 					int rlim;
118 					unsigned long max;
119 				} rlim;
120 				struct {
121 					const char *target;
122 					u32 request;
123 					u32 denied;
124 					uid_t ouid;
125 				} fs;
126 			};
127 		} apparmor_audit_data;
128 #endif
129 	};
130 	/* these callback will be implemented by a specific LSM */
131 	void (*lsm_pre_audit)(struct audit_buffer *, void *);
132 	void (*lsm_post_audit)(struct audit_buffer *, void *);
133 };
134 
135 #define v4info fam.v4
136 #define v6info fam.v6
137 
138 int ipv4_skb_to_auditdata(struct sk_buff *skb,
139 		struct common_audit_data *ad, u8 *proto);
140 
141 int ipv6_skb_to_auditdata(struct sk_buff *skb,
142 		struct common_audit_data *ad, u8 *proto);
143 
144 /* Initialize an LSM audit data structure. */
145 #define COMMON_AUDIT_DATA_INIT(_d, _t) \
146 	{ memset((_d), 0, sizeof(struct common_audit_data)); \
147 	 (_d)->type = LSM_AUDIT_DATA_##_t; }
148 
149 void common_lsm_audit(struct common_audit_data *a);
150 
151 #endif
152