xref: /linux-6.15/include/linux/lsm_audit.h (revision 06236f4e) 
1 /*
2  * Common LSM logging functions
3  * Heavily borrowed from selinux/avc.h
4  *
5  * Author : Etienne BASSET  <[email protected]>
6  *
7  * All credits to : Stephen Smalley, <[email protected]>
8  * All BUGS to : Etienne BASSET  <[email protected]>
9  */
10 #ifndef _LSM_COMMON_LOGGING_
11 #define _LSM_COMMON_LOGGING_
12 
13 #include <linux/stddef.h>
14 #include <linux/errno.h>
15 #include <linux/kernel.h>
16 #include <linux/kdev_t.h>
17 #include <linux/spinlock.h>
18 #include <linux/init.h>
19 #include <linux/audit.h>
20 #include <linux/in6.h>
21 #include <linux/path.h>
22 #include <linux/key.h>
23 #include <linux/skbuff.h>
24 
25 struct lsm_network_audit {
26 	int netif;
27 	struct sock *sk;
28 	u16 family;
29 	__be16 dport;
30 	__be16 sport;
31 	union {
32 		struct {
33 			__be32 daddr;
34 			__be32 saddr;
35 		} v4;
36 		struct {
37 			struct in6_addr daddr;
38 			struct in6_addr saddr;
39 		} v6;
40 	} fam;
41 };
42 
43 struct lsm_ioctlop_audit {
44 	struct path path;
45 	u16 cmd;
46 };
47 
48 /* Auxiliary data to use in generating the audit record. */
49 struct common_audit_data {
50 	char type;
51 #define LSM_AUDIT_DATA_PATH	1
52 #define LSM_AUDIT_DATA_NET	2
53 #define LSM_AUDIT_DATA_CAP	3
54 #define LSM_AUDIT_DATA_IPC	4
55 #define LSM_AUDIT_DATA_TASK	5
56 #define LSM_AUDIT_DATA_KEY	6
57 #define LSM_AUDIT_DATA_NONE	7
58 #define LSM_AUDIT_DATA_KMOD	8
59 #define LSM_AUDIT_DATA_INODE	9
60 #define LSM_AUDIT_DATA_DENTRY	10
61 #define LSM_AUDIT_DATA_IOCTL_OP	11
62 #define LSM_AUDIT_DATA_FILE	12
63 	union 	{
64 		struct path path;
65 		struct dentry *dentry;
66 		struct inode *inode;
67 		struct lsm_network_audit *net;
68 		int cap;
69 		int ipc_id;
70 		struct task_struct *tsk;
71 #ifdef CONFIG_KEYS
72 		struct {
73 			key_serial_t key;
74 			char *key_desc;
75 		} key_struct;
76 #endif
77 		char *kmod_name;
78 		struct lsm_ioctlop_audit *op;
79 		struct file *file;
80 	} u;
81 	/* this union contains LSM specific data */
82 	union {
83 #ifdef CONFIG_SECURITY_SMACK
84 		struct smack_audit_data *smack_audit_data;
85 #endif
86 #ifdef CONFIG_SECURITY_SELINUX
87 		struct selinux_audit_data *selinux_audit_data;
88 #endif
89 #ifdef CONFIG_SECURITY_APPARMOR
90 		struct apparmor_audit_data *apparmor_audit_data;
91 #endif
92 	}; /* per LSM data pointer union */
93 };
94 
95 #define v4info fam.v4
96 #define v6info fam.v6
97 
98 int ipv4_skb_to_auditdata(struct sk_buff *skb,
99 		struct common_audit_data *ad, u8 *proto);
100 
101 int ipv6_skb_to_auditdata(struct sk_buff *skb,
102 		struct common_audit_data *ad, u8 *proto);
103 
104 void common_lsm_audit(struct common_audit_data *a,
105 	void (*pre_audit)(struct audit_buffer *, void *),
106 	void (*post_audit)(struct audit_buffer *, void *));
107 
108 #endif
109