xref: /linux-6.15/include/linux/lsm_audit.h (revision bb7e5ce7) 
1 /*
2  * Common LSM logging functions
3  * Heavily borrowed from selinux/avc.h
4  *
5  * Author : Etienne BASSET  <[email protected]>
6  *
7  * All credits to : Stephen Smalley, <[email protected]>
8  * All BUGS to : Etienne BASSET  <[email protected]>
9  */
10 #ifndef _LSM_COMMON_LOGGING_
11 #define _LSM_COMMON_LOGGING_
12 
13 #include <linux/stddef.h>
14 #include <linux/errno.h>
15 #include <linux/kernel.h>
16 #include <linux/kdev_t.h>
17 #include <linux/spinlock.h>
18 #include <linux/init.h>
19 #include <linux/audit.h>
20 #include <linux/in6.h>
21 #include <linux/path.h>
22 #include <linux/key.h>
23 #include <linux/skbuff.h>
24 #include <rdma/ib_verbs.h>
25 
26 struct lsm_network_audit {
27 	int netif;
28 	struct sock *sk;
29 	u16 family;
30 	__be16 dport;
31 	__be16 sport;
32 	union {
33 		struct {
34 			__be32 daddr;
35 			__be32 saddr;
36 		} v4;
37 		struct {
38 			struct in6_addr daddr;
39 			struct in6_addr saddr;
40 		} v6;
41 	} fam;
42 };
43 
44 struct lsm_ioctlop_audit {
45 	struct path path;
46 	u16 cmd;
47 };
48 
49 struct lsm_ibpkey_audit {
50 	u64	subnet_prefix;
51 	u16	pkey;
52 };
53 
54 struct lsm_ibendport_audit {
55 	char	dev_name[IB_DEVICE_NAME_MAX];
56 	u8	port;
57 };
58 
59 /* Auxiliary data to use in generating the audit record. */
60 struct common_audit_data {
61 	char type;
62 #define LSM_AUDIT_DATA_PATH	1
63 #define LSM_AUDIT_DATA_NET	2
64 #define LSM_AUDIT_DATA_CAP	3
65 #define LSM_AUDIT_DATA_IPC	4
66 #define LSM_AUDIT_DATA_TASK	5
67 #define LSM_AUDIT_DATA_KEY	6
68 #define LSM_AUDIT_DATA_NONE	7
69 #define LSM_AUDIT_DATA_KMOD	8
70 #define LSM_AUDIT_DATA_INODE	9
71 #define LSM_AUDIT_DATA_DENTRY	10
72 #define LSM_AUDIT_DATA_IOCTL_OP	11
73 #define LSM_AUDIT_DATA_FILE	12
74 #define LSM_AUDIT_DATA_IBPKEY	13
75 #define LSM_AUDIT_DATA_IBENDPORT 14
76 	union 	{
77 		struct path path;
78 		struct dentry *dentry;
79 		struct inode *inode;
80 		struct lsm_network_audit *net;
81 		int cap;
82 		int ipc_id;
83 		struct task_struct *tsk;
84 #ifdef CONFIG_KEYS
85 		struct {
86 			key_serial_t key;
87 			char *key_desc;
88 		} key_struct;
89 #endif
90 		char *kmod_name;
91 		struct lsm_ioctlop_audit *op;
92 		struct file *file;
93 		struct lsm_ibpkey_audit *ibpkey;
94 		struct lsm_ibendport_audit *ibendport;
95 	} u;
96 	/* this union contains LSM specific data */
97 	union {
98 #ifdef CONFIG_SECURITY_SMACK
99 		struct smack_audit_data *smack_audit_data;
100 #endif
101 #ifdef CONFIG_SECURITY_SELINUX
102 		struct selinux_audit_data *selinux_audit_data;
103 #endif
104 #ifdef CONFIG_SECURITY_APPARMOR
105 		struct apparmor_audit_data *apparmor_audit_data;
106 #endif
107 	}; /* per LSM data pointer union */
108 };
109 
110 #define v4info fam.v4
111 #define v6info fam.v6
112 
113 int ipv4_skb_to_auditdata(struct sk_buff *skb,
114 		struct common_audit_data *ad, u8 *proto);
115 
116 int ipv6_skb_to_auditdata(struct sk_buff *skb,
117 		struct common_audit_data *ad, u8 *proto);
118 
119 void common_lsm_audit(struct common_audit_data *a,
120 	void (*pre_audit)(struct audit_buffer *, void *),
121 	void (*post_audit)(struct audit_buffer *, void *));
122 
123 #endif
124