This patch makes access logs sent to auditing subsystem. TOMOYO Linux uses two channels for auditing. One is 'AUDIT_TMY_GRANTED', used for auditing accesses which are granted in the TOMOYO Linux policy. The other is 'AUDIT_TMY_REJECTED', used for auditing accesses which are not granted in the TOMOYO Linux policy.
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]> Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]> --- include/linux/audit.h | 3 ++ security/tomoyo/audit.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 71 insertions(+) --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ linux-2.6/security/tomoyo/audit.c 2007-08-24 15:51:36.000000000 +0900 @@ -0,0 +1,68 @@ +/* + * security/tomoyo/audit.c + * + * Audit functions for TOMOYO Linux + */ + +#include "tomoyo.h" +#include <linux/audit.h> + +/** + * tmy_init_audit_log - allocate and initialize audit buffer. + * @len: pointer to length of requested size. + * + * Returns pointer to audit buffer on success. @len received allocated size. + * Returns NULL on failure. + * + * @len must not be a NULL. + */ +char *tmy_init_audit_log(int *len) +{ + char *buf; + struct task_struct *task = current; + const char *domainname = TMY_SECURITY->domain->domainname->name; + + *len += strlen(domainname) + 256; + buf = tmy_alloc(*len); + + if (!buf) + return NULL; + + snprintf(buf, (*len) - 1, + "pid=%d uid=%d gid=%d euid=%d egid=%d " + "suid=%d sgid=%d fsuid=%d fsgid=%d : %s : ", + task->pid, task->uid, task->gid, task->euid, task->egid, + task->suid, task->sgid, task->fsuid, task->fsgid, domainname); + + return buf; +} + +/** + * tmy_write_audit_log - write audit log. + * @buf: pointer to access log contents. + * @is_granted: is the access request granted? + * @is_enforce: is the access requested in enforcing mode? + * + * Returns zero on success. + * Returns nonzero on failure. + * + * Write audit log. + * Caller must allocate @buf with tmy_init_audit_log(). + */ +int tmy_write_audit_log(char *buf, const int is_granted, const int is_enforce) +{ + struct audit_buffer *ab; + int type = is_granted ? AUDIT_TMY_GRANTED : AUDIT_TMY_REJECTED; + + ab = audit_log_start(current->audit_context, GFP_KERNEL, type); + if (ab) { + const char *msg + = is_granted ? "granted" : is_enforce ? + "error" : "warning"; + audit_log_format(ab, "TOMOYO %s: %s", msg, buf); + audit_log_end(ab); + } + + tmy_free(buf); + return ab ? 0 : -ENOMEM; +} --- linux-2.6.orig/include/linux/audit.h 2007-08-23 21:25:55.000000000 +0900 +++ linux-2.6/include/linux/audit.h 2007-08-24 15:51:36.000000000 +0900 @@ -120,6 +120,9 @@ #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ +#define AUDIT_TMY_GRANTED 2001 /* TOMOYO Linux audit granted */ +#define AUDIT_TMY_REJECTED 2002 /* TOMOYO Linux audit rejected */ + /* Rule flags */ #define AUDIT_FILTER_USER 0x00 /* Apply rule to user-generated messages */ #define AUDIT_FILTER_TASK 0x01 /* Apply rule at task creation (not syscall) */ - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html