1/* 2 * Copyright (C) 2008 IBM Corporation 3 * Author: Mimi Zohar <zohar@us.ibm.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation, version 2 of the License. 8 * 9 * File: integrity_audit.c 10 * Audit calls for the integrity subsystem 11 */ 12 13#include <linux/fs.h> 14#include <linux/gfp.h> 15#include <linux/audit.h> 16#include "integrity.h" 17 18static int integrity_audit_info; 19 20/* ima_audit_setup - enable informational auditing messages */ 21static int __init integrity_audit_setup(char *str) 22{ 23 unsigned long audit; 24 25 if (!kstrtoul(str, 0, &audit)) 26 integrity_audit_info = audit ? 1 : 0; 27 return 1; 28} 29__setup("integrity_audit=", integrity_audit_setup); 30 31void integrity_audit_msg(int audit_msgno, struct inode *inode, 32 const unsigned char *fname, const char *op, 33 const char *cause, int result, int audit_info) 34{ 35 struct audit_buffer *ab; 36 char name[TASK_COMM_LEN]; 37 38 if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ 39 return; 40 41 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); 42 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u", 43 task_pid_nr(current), 44 from_kuid(&init_user_ns, current_cred()->uid), 45 from_kuid(&init_user_ns, audit_get_loginuid(current)), 46 audit_get_sessionid(current)); 47 audit_log_task_context(ab); 48 audit_log_format(ab, " op="); 49 audit_log_string(ab, op); 50 audit_log_format(ab, " cause="); 51 audit_log_string(ab, cause); 52 audit_log_format(ab, " comm="); 53 audit_log_untrustedstring(ab, get_task_comm(name, current)); 54 if (fname) { 55 audit_log_format(ab, " name="); 56 audit_log_untrustedstring(ab, fname); 57 } 58 if (inode) { 59 audit_log_format(ab, " dev="); 60 audit_log_untrustedstring(ab, inode->i_sb->s_id); 61 audit_log_format(ab, " ino=%lu", inode->i_ino); 62 } 63 audit_log_format(ab, " res=%d", !result); 64 audit_log_end(ab); 65} 66