LXR linux/security/apparmor/include/audit.h

   1/*
   2 * AppArmor security module
   3 *
   4 * This file contains AppArmor auditing function definitions.
   5 *
   6 * Copyright (C) 1998-2008 Novell/SUSE
   7 * Copyright 2009-2010 Canonical Ltd.
   8 *
   9 * This program is free software; you can redistribute it and/or
  10 * modify it under the terms of the GNU General Public License as
  11 * published by the Free Software Foundation, version 2 of the
  12 * License.
  13 */
  14
  15#ifndef __AA_AUDIT_H
  16#define __AA_AUDIT_H
  17
  18#include <linux/audit.h>
  19#include <linux/fs.h>
  20#include <linux/lsm_audit.h>
  21#include <linux/sched.h>
  22#include <linux/slab.h>
  23
  24#include "file.h"
  25
  26struct aa_profile;
  27
  28extern const char *audit_mode_names[];
  29#define AUDIT_MAX_INDEX 5
  30
  31#define AUDIT_APPARMOR_AUTO 0   /* auto choose audit message type */
  32
  33enum audit_mode {
  34        AUDIT_NORMAL,           /* follow normal auditing of accesses */
  35        AUDIT_QUIET_DENIED,     /* quiet all denied access messages */
  36        AUDIT_QUIET,            /* quiet all messages */
  37        AUDIT_NOQUIET,          /* do not quiet audit messages */
  38        AUDIT_ALL               /* audit all accesses */
  39};
  40
  41enum audit_type {
  42        AUDIT_APPARMOR_AUDIT,
  43        AUDIT_APPARMOR_ALLOWED,
  44        AUDIT_APPARMOR_DENIED,
  45        AUDIT_APPARMOR_HINT,
  46        AUDIT_APPARMOR_STATUS,
  47        AUDIT_APPARMOR_ERROR,
  48        AUDIT_APPARMOR_KILL
  49};
  50
  51extern const char *op_table[];
  52enum aa_ops {
  53        OP_NULL,
  54
  55        OP_SYSCTL,
  56        OP_CAPABLE,
  57
  58        OP_UNLINK,
  59        OP_MKDIR,
  60        OP_RMDIR,
  61        OP_MKNOD,
  62        OP_TRUNC,
  63        OP_LINK,
  64        OP_SYMLINK,
  65        OP_RENAME_SRC,
  66        OP_RENAME_DEST,
  67        OP_CHMOD,
  68        OP_CHOWN,
  69        OP_GETATTR,
  70        OP_OPEN,
  71
  72        OP_FPERM,
  73        OP_FLOCK,
  74        OP_FMMAP,
  75        OP_FMPROT,
  76
  77        OP_CREATE,
  78        OP_POST_CREATE,
  79        OP_BIND,
  80        OP_CONNECT,
  81        OP_LISTEN,
  82        OP_ACCEPT,
  83        OP_SENDMSG,
  84        OP_RECVMSG,
  85        OP_GETSOCKNAME,
  86        OP_GETPEERNAME,
  87        OP_GETSOCKOPT,
  88        OP_SETSOCKOPT,
  89        OP_SOCK_SHUTDOWN,
  90
  91        OP_PTRACE,
  92
  93        OP_EXEC,
  94        OP_CHANGE_HAT,
  95        OP_CHANGE_PROFILE,
  96        OP_CHANGE_ONEXEC,
  97
  98        OP_SETPROCATTR,
  99        OP_SETRLIMIT,
 100
 101        OP_PROF_REPL,
 102        OP_PROF_LOAD,
 103        OP_PROF_RM,
 104};
 105
 106
 107/* define a short hand for apparmor_audit_data portion of common_audit_data */
 108#define aad apparmor_audit_data
 109
 110void aa_audit_msg(int type, struct common_audit_data *sa,
 111                  void (*cb) (struct audit_buffer *, void *));
 112int aa_audit(int type, struct aa_profile *profile, gfp_t gfp,
 113             struct common_audit_data *sa,
 114             void (*cb) (struct audit_buffer *, void *));
 115
 116static inline int complain_error(int error)
 117{
 118        if (error == -EPERM || error == -EACCES)
 119                return 0;
 120        return error;
 121}
 122
 123#endif /* __AA_AUDIT_H */
 124