131 static int audit_match_perm(struct audit_context *ctx, int mask)  in audit_match_perm()  argument
134 	if (unlikely(!ctx))  in audit_match_perm()
136 	n = ctx->major;  in audit_match_perm()
138 	switch (audit_classify_syscall(ctx->arch, n)) {  in audit_match_perm()
162 		return mask & ACC_MODE(ctx->argv[1]);  in audit_match_perm()
164 		return mask & ACC_MODE(ctx->argv[2]);  in audit_match_perm()
166 		return ((mask & AUDIT_PERM_WRITE) && ctx->argv[0] == SYS_BIND);  in audit_match_perm()
174 static int audit_match_filetype(struct audit_context *ctx, int val)  in audit_match_filetype()  argument
179 	if (unlikely(!ctx))  in audit_match_filetype()
182 	list_for_each_entry(n, &ctx->names_list, list) {  in audit_match_filetype()
202 static void audit_set_auditable(struct audit_context *ctx)  in audit_set_auditable()  argument
204 	if (!ctx->prio) {  in audit_set_auditable()
205 		ctx->prio = 1;  in audit_set_auditable()
206 		ctx->current_state = AUDIT_RECORD_CONTEXT;  in audit_set_auditable()
210 static int put_tree_ref(struct audit_context *ctx, struct audit_chunk *chunk)  in put_tree_ref()  argument
212 	struct audit_tree_refs *p = ctx->trees;  in put_tree_ref()
213 	int left = ctx->tree_count;  in put_tree_ref()
216 		ctx->tree_count = left;  in put_tree_ref()
224 		ctx->trees = p;  in put_tree_ref()
225 		ctx->tree_count = 30;  in put_tree_ref()
231 static int grow_tree_refs(struct audit_context *ctx)  in grow_tree_refs()  argument
233 	struct audit_tree_refs *p = ctx->trees;  in grow_tree_refs()
234 	ctx->trees = kzalloc(sizeof(struct audit_tree_refs), GFP_KERNEL);  in grow_tree_refs()
235 	if (!ctx->trees) {  in grow_tree_refs()
236 		ctx->trees = p;  in grow_tree_refs()
240 		p->next = ctx->trees;  in grow_tree_refs()
242 		ctx->first_trees = ctx->trees;  in grow_tree_refs()
243 	ctx->tree_count = 31;  in grow_tree_refs()
248 static void unroll_tree_refs(struct audit_context *ctx,  in unroll_tree_refs()  argument
256 		p = ctx->first_trees;  in unroll_tree_refs()
263 	for (q = p; q != ctx->trees; q = q->next, n = 31) {  in unroll_tree_refs()
269 	while (n-- > ctx->tree_count) {  in unroll_tree_refs()
273 	ctx->trees = p;  in unroll_tree_refs()
274 	ctx->tree_count = count;  in unroll_tree_refs()
278 static void free_tree_refs(struct audit_context *ctx)  in free_tree_refs()  argument
281 	for (p = ctx->first_trees; p; p = q) {  in free_tree_refs()
287 static int match_tree_refs(struct audit_context *ctx, struct audit_tree *tree)  in match_tree_refs()  argument
295 	for (p = ctx->first_trees; p != ctx->trees; p = p->next) {  in match_tree_refs()
302 		for (n = ctx->tree_count; n < 31; n++)  in match_tree_refs()
313 			     struct audit_context *ctx)  in audit_compare_uid()  argument
324 	if (ctx) {  in audit_compare_uid()
325 		list_for_each_entry(n, &ctx->names_list, list) {  in audit_compare_uid()
337 			     struct audit_context *ctx)  in audit_compare_gid()  argument
348 	if (ctx) {  in audit_compare_gid()
349 		list_for_each_entry(n, &ctx->names_list, list) {  in audit_compare_gid()
361 			       struct audit_context *ctx,  in audit_field_compare()  argument
367 		return audit_compare_uid(cred->uid, name, f, ctx);  in audit_field_compare()
369 		return audit_compare_gid(cred->gid, name, f, ctx);  in audit_field_compare()
371 		return audit_compare_uid(cred->euid, name, f, ctx);  in audit_field_compare()
373 		return audit_compare_gid(cred->egid, name, f, ctx);  in audit_field_compare()
375 		return audit_compare_uid(tsk->loginuid, name, f, ctx);  in audit_field_compare()
377 		return audit_compare_uid(cred->suid, name, f, ctx);  in audit_field_compare()
379 		return audit_compare_gid(cred->sgid, name, f, ctx);  in audit_field_compare()
381 		return audit_compare_uid(cred->fsuid, name, f, ctx);  in audit_field_compare()
383 		return audit_compare_gid(cred->fsgid, name, f, ctx);  in audit_field_compare()
440 			      struct audit_context *ctx,  in audit_filter_rules()  argument
463 			if (ctx) {  in audit_filter_rules()
464 				if (!ctx->ppid)  in audit_filter_rules()
465 					ctx->ppid = task_ppid_nr(tsk);  in audit_filter_rules()
466 				result = audit_comparator(ctx->ppid, f->op, f->val);  in audit_filter_rules()
511 			if (ctx)  in audit_filter_rules()
512 				result = audit_comparator(ctx->arch, f->op, f->val);  in audit_filter_rules()
516 			if (ctx && ctx->return_valid)  in audit_filter_rules()
517 				result = audit_comparator(ctx->return_code, f->op, f->val);  in audit_filter_rules()
520 			if (ctx && ctx->return_valid) {  in audit_filter_rules()
522 					result = audit_comparator(ctx->return_valid, f->op, AUDITSC_SUCCESS);  in audit_filter_rules()
524 					result = audit_comparator(ctx->return_valid, f->op, AUDITSC_FAILURE);  in audit_filter_rules()
532 			} else if (ctx) {  in audit_filter_rules()
533 				list_for_each_entry(n, &ctx->names_list, list) {  in audit_filter_rules()
547 			} else if (ctx) {  in audit_filter_rules()
548 				list_for_each_entry(n, &ctx->names_list, list) {  in audit_filter_rules()
560 			else if (ctx) {  in audit_filter_rules()
561 				list_for_each_entry(n, &ctx->names_list, list) {  in audit_filter_rules()
572 			} else if (ctx) {  in audit_filter_rules()
573 				list_for_each_entry(n, &ctx->names_list, list) {  in audit_filter_rules()
584 			} else if (ctx) {  in audit_filter_rules()
585 				list_for_each_entry(n, &ctx->names_list, list) {  in audit_filter_rules()
598 			if (ctx)  in audit_filter_rules()
599 				result = match_tree_refs(ctx, rule->tree);  in audit_filter_rules()
603 			if (ctx)  in audit_filter_rules()
627 				                                  ctx);  in audit_filter_rules()
642 					           f->lsm_rule, ctx);  in audit_filter_rules()
643 				} else if (ctx) {  in audit_filter_rules()
644 					list_for_each_entry(n, &ctx->names_list, list) {  in audit_filter_rules()
647 									      ctx)) {  in audit_filter_rules()
654 				if (!ctx || ctx->type != AUDIT_IPC)  in audit_filter_rules()
656 				if (security_audit_rule_match(ctx->ipc.osid,  in audit_filter_rules()
658 							      f->lsm_rule, ctx))  in audit_filter_rules()
666 			if (ctx)  in audit_filter_rules()
667 				result = audit_comparator(ctx->argv[f->type-AUDIT_ARG0], f->op, f->val);  in audit_filter_rules()
674 			result = audit_match_perm(ctx, f->val);  in audit_filter_rules()
677 			result = audit_match_filetype(ctx, f->val);  in audit_filter_rules()
680 			result = audit_field_compare(tsk, cred, f, ctx, name);  in audit_filter_rules()
687 	if (ctx) {  in audit_filter_rules()
688 		if (rule->prio <= ctx->prio)  in audit_filter_rules()
691 			kfree(ctx->filterkey);  in audit_filter_rules()
692 			ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC);  in audit_filter_rules()
694 		ctx->prio = rule->prio;  in audit_filter_rules()
748 					     struct audit_context *ctx,  in audit_filter_syscall()  argument
760 			if (audit_in_mask(&e->rule, ctx->major) &&  in audit_filter_syscall()
761 			    audit_filter_rules(tsk, &e->rule, ctx, NULL,  in audit_filter_syscall()
764 				ctx->current_state = state;  in audit_filter_syscall()
779 				   struct audit_context *ctx) {  in audit_filter_inode_name()  argument
789 		if (audit_in_mask(&e->rule, ctx->major) &&  in audit_filter_inode_name()
790 		    audit_filter_rules(tsk, &e->rule, ctx, n, &state, false)) {  in audit_filter_inode_name()
791 			ctx->current_state = state;  in audit_filter_inode_name()
804 void audit_filter_inodes(struct task_struct *tsk, struct audit_context *ctx)  in audit_filter_inodes()  argument
813 	list_for_each_entry(n, &ctx->names_list, list) {  in audit_filter_inodes()
814 		if (audit_filter_inode_name(tsk, n, ctx))  in audit_filter_inodes()
963 	char *ctx = NULL;  in audit_log_pid_context()  local
975 		if (security_secid_to_secctx(sid, &ctx, &len)) {  in audit_log_pid_context()
979 			audit_log_format(ab, " obj=%s", ctx);  in audit_log_pid_context()
980 			security_release_secctx(ctx, len);  in audit_log_pid_context()
1196 			char *ctx = NULL;  in show_special()  local
1198 			if (security_secid_to_secctx(osid, &ctx, &len)) {  in show_special()
1202 				audit_log_format(ab, " obj=%s", ctx);  in show_special()
1203 				security_release_secctx(ctx, len);  in show_special()
1940 int auditsc_get_stamp(struct audit_context *ctx,  in auditsc_get_stamp()  argument
1943 	if (!ctx->in_syscall)  in auditsc_get_stamp()
1945 	if (!ctx->serial)  in auditsc_get_stamp()
1946 		ctx->serial = audit_serial();  in auditsc_get_stamp()
1947 	t->tv_sec  = ctx->ctime.tv_sec;  in auditsc_get_stamp()
1948 	t->tv_nsec = ctx->ctime.tv_nsec;  in auditsc_get_stamp()
1949 	*serial    = ctx->serial;  in auditsc_get_stamp()
1950 	if (!ctx->prio) {  in auditsc_get_stamp()
1951 		ctx->prio = 1;  in auditsc_get_stamp()
1952 		ctx->current_state = AUDIT_RECORD_CONTEXT;  in auditsc_get_stamp()
2239 	struct audit_context *ctx = tsk->audit_context;  in __audit_signal_info()  local
2257 	if (!ctx->target_pid) {  in __audit_signal_info()
2258 		ctx->target_pid = task_tgid_nr(t);  in __audit_signal_info()
2259 		ctx->target_auid = audit_get_loginuid(t);  in __audit_signal_info()
2260 		ctx->target_uid = t_uid;  in __audit_signal_info()
2261 		ctx->target_sessionid = audit_get_sessionid(t);  in __audit_signal_info()
2262 		security_task_getsecid(t, &ctx->target_sid);  in __audit_signal_info()
2263 		memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);  in __audit_signal_info()
2267 	axp = (void *)ctx->aux_pids;  in __audit_signal_info()
2274 		axp->d.next = ctx->aux_pids;  in __audit_signal_info()
2275 		ctx->aux_pids = (void *)axp;  in __audit_signal_info()
2422 	struct audit_context *ctx = current->audit_context;  in audit_killed_trees()  local
2423 	if (likely(!ctx || !ctx->in_syscall))  in audit_killed_trees()
2425 	return &ctx->killed_trees;  in audit_killed_trees()