LSM/Audit: Introduce generic Audit LSM hooks
Introduce a generic Audit interface for security modules by adding the following new LSM hooks: audit_rule_init(field, op, rulestr, lsmrule) audit_rule_known(krule) audit_rule_match(secid, field, op, rule, actx) audit_rule_free(rule) Those hooks are only available if CONFIG_AUDIT is enabled. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
This commit is contained in:
		
							parent
							
								
									6b89a74be0
								
							
						
					
					
						commit
						03d37d25e0
					
				| @ -37,6 +37,7 @@ | ||||
| extern unsigned securebits; | ||||
| 
 | ||||
| struct ctl_table; | ||||
| struct audit_krule; | ||||
| 
 | ||||
| /*
 | ||||
|  * These functions are in security/capability.c and are used | ||||
| @ -1235,6 +1236,37 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | ||||
|  *	@secdata contains the security context. | ||||
|  *	@seclen contains the length of the security context. | ||||
|  * | ||||
|  * Security hooks for Audit | ||||
|  * | ||||
|  * @audit_rule_init: | ||||
|  *	Allocate and initialize an LSM audit rule structure. | ||||
|  *	@field contains the required Audit action. Fields flags are defined in include/linux/audit.h | ||||
|  *	@op contains the operator the rule uses. | ||||
|  *	@rulestr contains the context where the rule will be applied to. | ||||
|  *	@lsmrule contains a pointer to receive the result. | ||||
|  *	Return 0 if @lsmrule has been successfully set, | ||||
|  *	-EINVAL in case of an invalid rule. | ||||
|  * | ||||
|  * @audit_rule_known: | ||||
|  *	Specifies whether given @rule contains any fields related to current LSM. | ||||
|  *	@rule contains the audit rule of interest. | ||||
|  *	Return 1 in case of relation found, 0 otherwise. | ||||
|  * | ||||
|  * @audit_rule_match: | ||||
|  *	Determine if given @secid matches a rule previously approved | ||||
|  *	by @audit_rule_known. | ||||
|  *	@secid contains the security id in question. | ||||
|  *	@field contains the field which relates to current LSM. | ||||
|  *	@op contains the operator that will be used for matching. | ||||
|  *	@rule points to the audit rule that will be checked against. | ||||
|  *	@actx points to the audit context associated with the check. | ||||
|  *	Return 1 if secid matches the rule, 0 if it does not, -ERRNO on failure. | ||||
|  * | ||||
|  * @audit_rule_free: | ||||
|  *	Deallocate the LSM audit rule structure previously allocated by | ||||
|  *	audit_rule_init. | ||||
|  *	@rule contains the allocated rule | ||||
|  * | ||||
|  * This is the main security structure. | ||||
|  */ | ||||
| struct security_operations { | ||||
| @ -1494,6 +1526,13 @@ struct security_operations { | ||||
| 
 | ||||
| #endif	/* CONFIG_KEYS */ | ||||
| 
 | ||||
| #ifdef CONFIG_AUDIT | ||||
| 	int (*audit_rule_init)(u32 field, u32 op, char *rulestr, void **lsmrule); | ||||
| 	int (*audit_rule_known)(struct audit_krule *krule); | ||||
| 	int (*audit_rule_match)(u32 secid, u32 field, u32 op, void *lsmrule, | ||||
| 				struct audit_context *actx); | ||||
| 	void (*audit_rule_free)(void *lsmrule); | ||||
| #endif /* CONFIG_AUDIT */ | ||||
| }; | ||||
| 
 | ||||
| /* prototypes */ | ||||
| @ -2700,5 +2739,38 @@ static inline int security_key_permission(key_ref_t key_ref, | ||||
| #endif | ||||
| #endif /* CONFIG_KEYS */ | ||||
| 
 | ||||
| #ifdef CONFIG_AUDIT | ||||
| #ifdef CONFIG_SECURITY | ||||
| int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule); | ||||
| int security_audit_rule_known(struct audit_krule *krule); | ||||
| int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule, | ||||
| 			      struct audit_context *actx); | ||||
| void security_audit_rule_free(void *lsmrule); | ||||
| 
 | ||||
| #else | ||||
| 
 | ||||
| static inline int security_audit_rule_init(u32 field, u32 op, char *rulestr, | ||||
| 					   void **lsmrule) | ||||
| { | ||||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| static inline int security_audit_rule_known(struct audit_krule *krule) | ||||
| { | ||||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, | ||||
| 				   void *lsmrule, struct audit_context *actx) | ||||
| { | ||||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| static inline void security_audit_rule_free(void *lsmrule) | ||||
| { } | ||||
| 
 | ||||
| #endif /* CONFIG_SECURITY */ | ||||
| #endif /* CONFIG_AUDIT */ | ||||
| 
 | ||||
| #endif /* ! __LINUX_SECURITY_H */ | ||||
| 
 | ||||
|  | ||||
| @ -993,6 +993,30 @@ static inline int dummy_key_permission(key_ref_t key_ref, | ||||
| } | ||||
| #endif /* CONFIG_KEYS */ | ||||
| 
 | ||||
| #ifdef CONFIG_AUDIT | ||||
| static inline int dummy_audit_rule_init(u32 field, u32 op, char *rulestr, | ||||
| 					void **lsmrule) | ||||
| { | ||||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| static inline int dummy_audit_rule_known(struct audit_krule *krule) | ||||
| { | ||||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| static inline int dummy_audit_rule_match(u32 secid, u32 field, u32 op, | ||||
| 					 void *lsmrule, | ||||
| 					 struct audit_context *actx) | ||||
| { | ||||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| static inline void dummy_audit_rule_free(void *lsmrule) | ||||
| { } | ||||
| 
 | ||||
| #endif /* CONFIG_AUDIT */ | ||||
| 
 | ||||
| struct security_operations dummy_security_ops; | ||||
| 
 | ||||
| #define set_to_dummy_if_null(ops, function)				\ | ||||
| @ -1182,6 +1206,11 @@ void security_fixup_ops (struct security_operations *ops) | ||||
| 	set_to_dummy_if_null(ops, key_free); | ||||
| 	set_to_dummy_if_null(ops, key_permission); | ||||
| #endif	/* CONFIG_KEYS */ | ||||
| 
 | ||||
| #ifdef CONFIG_AUDIT | ||||
| 	set_to_dummy_if_null(ops, audit_rule_init); | ||||
| 	set_to_dummy_if_null(ops, audit_rule_known); | ||||
| 	set_to_dummy_if_null(ops, audit_rule_match); | ||||
| 	set_to_dummy_if_null(ops, audit_rule_free); | ||||
| #endif | ||||
| } | ||||
| 
 | ||||
|  | ||||
| @ -1120,3 +1120,28 @@ int security_key_permission(key_ref_t key_ref, | ||||
| } | ||||
| 
 | ||||
| #endif	/* CONFIG_KEYS */ | ||||
| 
 | ||||
| #ifdef CONFIG_AUDIT | ||||
| 
 | ||||
| int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule) | ||||
| { | ||||
| 	return security_ops->audit_rule_init(field, op, rulestr, lsmrule); | ||||
| } | ||||
| 
 | ||||
| int security_audit_rule_known(struct audit_krule *krule) | ||||
| { | ||||
| 	return security_ops->audit_rule_known(krule); | ||||
| } | ||||
| 
 | ||||
| void security_audit_rule_free(void *lsmrule) | ||||
| { | ||||
| 	security_ops->audit_rule_free(lsmrule); | ||||
| } | ||||
| 
 | ||||
| int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule, | ||||
| 			      struct audit_context *actx) | ||||
| { | ||||
| 	return security_ops->audit_rule_match(secid, field, op, lsmrule, actx); | ||||
| } | ||||
| 
 | ||||
| #endif /* CONFIG_AUDIT */ | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user