1
2
3
4
5
6
7
8
9
10#include <linux/fs.h>
11#include <linux/gfp.h>
12#include <linux/audit.h>
13#include "integrity.h"
14
15static int integrity_audit_info;
16
17
18static int __init integrity_audit_setup(char *str)
19{
20 unsigned long audit;
21
22 if (!kstrtoul(str, 0, &audit))
23 integrity_audit_info = audit ? 1 : 0;
24 return 1;
25}
26__setup("integrity_audit=", integrity_audit_setup);
27
28void integrity_audit_msg(int audit_msgno, struct inode *inode,
29 const unsigned char *fname, const char *op,
30 const char *cause, int result, int audit_info)
31{
32 integrity_audit_message(audit_msgno, inode, fname, op, cause,
33 result, audit_info, 0);
34}
35
36void integrity_audit_message(int audit_msgno, struct inode *inode,
37 const unsigned char *fname, const char *op,
38 const char *cause, int result, int audit_info,
39 int errno)
40{
41 struct audit_buffer *ab;
42 char name[TASK_COMM_LEN];
43
44 if (!integrity_audit_info && audit_info == 1)
45 return;
46
47 ab = audit_log_start(audit_context(), GFP_KERNEL, audit_msgno);
48 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
49 task_pid_nr(current),
50 from_kuid(&init_user_ns, current_uid()),
51 from_kuid(&init_user_ns, audit_get_loginuid(current)),
52 audit_get_sessionid(current));
53 audit_log_task_context(ab);
54 audit_log_format(ab, " op=%s cause=%s comm=", op, cause);
55 audit_log_untrustedstring(ab, get_task_comm(name, current));
56 if (fname) {
57 audit_log_format(ab, " name=");
58 audit_log_untrustedstring(ab, fname);
59 }
60 if (inode) {
61 audit_log_format(ab, " dev=");
62 audit_log_untrustedstring(ab, inode->i_sb->s_id);
63 audit_log_format(ab, " ino=%lu", inode->i_ino);
64 }
65 audit_log_format(ab, " res=%d errno=%d", !result, errno);
66 audit_log_end(ab);
67}
68