|
66 | 66 | * (Initialization happens after skb_init is called.) */ |
67 | 67 | static int audit_initialized; |
68 | 68 |
|
69 | | -/* 0 - no auditing |
70 | | - * 1 - auditing enabled |
71 | | - * 2 - auditing enabled and configuration is locked/unchangeable. */ |
| 69 | +#define AUDIT_OFF 0 |
| 70 | +#define AUDIT_ON 1 |
| 71 | +#define AUDIT_LOCKED 2 |
72 | 72 | int audit_enabled; |
73 | 73 |
|
74 | 74 | /* Default state when kernel boots without any parameters. */ |
@@ -240,152 +240,90 @@ void audit_log_lost(const char *message) |
240 | 240 | } |
241 | 241 | } |
242 | 242 |
|
243 | | -static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sid) |
| 243 | +static int audit_log_config_change(char *function_name, int new, int old, |
| 244 | + uid_t loginuid, u32 sid, int allow_changes) |
244 | 245 | { |
245 | | - int res, rc = 0, old = audit_rate_limit; |
246 | | - |
247 | | - /* check if we are locked */ |
248 | | - if (audit_enabled == 2) |
249 | | - res = 0; |
250 | | - else |
251 | | - res = 1; |
| 246 | + struct audit_buffer *ab; |
| 247 | + int rc = 0; |
252 | 248 |
|
| 249 | + ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); |
| 250 | + audit_log_format(ab, "%s=%d old=%d by auid=%u", function_name, new, |
| 251 | + old, loginuid); |
253 | 252 | if (sid) { |
254 | 253 | char *ctx = NULL; |
255 | 254 | u32 len; |
256 | | - if ((rc = selinux_sid_to_string(sid, &ctx, &len)) == 0) { |
257 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
258 | | - "audit_rate_limit=%d old=%d by auid=%u" |
259 | | - " subj=%s res=%d", |
260 | | - limit, old, loginuid, ctx, res); |
| 255 | + |
| 256 | + rc = selinux_sid_to_string(sid, &ctx, &len); |
| 257 | + if (rc) { |
| 258 | + audit_log_format(ab, " sid=%u", sid); |
| 259 | + allow_changes = 0; /* Something weird, deny request */ |
| 260 | + } else { |
| 261 | + audit_log_format(ab, " subj=%s", ctx); |
261 | 262 | kfree(ctx); |
262 | | - } else |
263 | | - res = 0; /* Something weird, deny request */ |
| 263 | + } |
264 | 264 | } |
265 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
266 | | - "audit_rate_limit=%d old=%d by auid=%u res=%d", |
267 | | - limit, old, loginuid, res); |
268 | | - |
269 | | - /* If we are allowed, make the change */ |
270 | | - if (res == 1) |
271 | | - audit_rate_limit = limit; |
272 | | - /* Not allowed, update reason */ |
273 | | - else if (rc == 0) |
274 | | - rc = -EPERM; |
| 265 | + audit_log_format(ab, " res=%d", allow_changes); |
| 266 | + audit_log_end(ab); |
275 | 267 | return rc; |
276 | 268 | } |
277 | 269 |
|
278 | | -static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid) |
| 270 | +static int audit_do_config_change(char *function_name, int *to_change, |
| 271 | + int new, uid_t loginuid, u32 sid) |
279 | 272 | { |
280 | | - int res, rc = 0, old = audit_backlog_limit; |
| 273 | + int allow_changes, rc = 0, old = *to_change; |
281 | 274 |
|
282 | 275 | /* check if we are locked */ |
283 | | - if (audit_enabled == 2) |
284 | | - res = 0; |
| 276 | + if (audit_enabled == AUDIT_LOCKED) |
| 277 | + allow_changes = 0; |
285 | 278 | else |
286 | | - res = 1; |
| 279 | + allow_changes = 1; |
287 | 280 |
|
288 | | - if (sid) { |
289 | | - char *ctx = NULL; |
290 | | - u32 len; |
291 | | - if ((rc = selinux_sid_to_string(sid, &ctx, &len)) == 0) { |
292 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
293 | | - "audit_backlog_limit=%d old=%d by auid=%u" |
294 | | - " subj=%s res=%d", |
295 | | - limit, old, loginuid, ctx, res); |
296 | | - kfree(ctx); |
297 | | - } else |
298 | | - res = 0; /* Something weird, deny request */ |
| 281 | + if (audit_enabled != AUDIT_OFF) { |
| 282 | + rc = audit_log_config_change(function_name, new, old, |
| 283 | + loginuid, sid, allow_changes); |
| 284 | + if (rc) |
| 285 | + allow_changes = 0; |
299 | 286 | } |
300 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
301 | | - "audit_backlog_limit=%d old=%d by auid=%u res=%d", |
302 | | - limit, old, loginuid, res); |
303 | 287 |
|
304 | 288 | /* If we are allowed, make the change */ |
305 | | - if (res == 1) |
306 | | - audit_backlog_limit = limit; |
| 289 | + if (allow_changes == 1) |
| 290 | + *to_change = new; |
307 | 291 | /* Not allowed, update reason */ |
308 | 292 | else if (rc == 0) |
309 | 293 | rc = -EPERM; |
310 | 294 | return rc; |
311 | 295 | } |
312 | 296 |
|
313 | | -static int audit_set_enabled(int state, uid_t loginuid, u32 sid) |
| 297 | +static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sid) |
314 | 298 | { |
315 | | - int res, rc = 0, old = audit_enabled; |
316 | | - |
317 | | - if (state < 0 || state > 2) |
318 | | - return -EINVAL; |
| 299 | + return audit_do_config_change("audit_rate_limit", &audit_rate_limit, |
| 300 | + limit, loginuid, sid); |
| 301 | +} |
319 | 302 |
|
320 | | - /* check if we are locked */ |
321 | | - if (audit_enabled == 2) |
322 | | - res = 0; |
323 | | - else |
324 | | - res = 1; |
| 303 | +static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid) |
| 304 | +{ |
| 305 | + return audit_do_config_change("audit_backlog_limit", &audit_backlog_limit, |
| 306 | + limit, loginuid, sid); |
| 307 | +} |
325 | 308 |
|
326 | | - if (sid) { |
327 | | - char *ctx = NULL; |
328 | | - u32 len; |
329 | | - if ((rc = selinux_sid_to_string(sid, &ctx, &len)) == 0) { |
330 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
331 | | - "audit_enabled=%d old=%d by auid=%u" |
332 | | - " subj=%s res=%d", |
333 | | - state, old, loginuid, ctx, res); |
334 | | - kfree(ctx); |
335 | | - } else |
336 | | - res = 0; /* Something weird, deny request */ |
337 | | - } |
338 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
339 | | - "audit_enabled=%d old=%d by auid=%u res=%d", |
340 | | - state, old, loginuid, res); |
| 309 | +static int audit_set_enabled(int state, uid_t loginuid, u32 sid) |
| 310 | +{ |
| 311 | + if (state < AUDIT_OFF || state > AUDIT_LOCKED) |
| 312 | + return -EINVAL; |
341 | 313 |
|
342 | | - /* If we are allowed, make the change */ |
343 | | - if (res == 1) |
344 | | - audit_enabled = state; |
345 | | - /* Not allowed, update reason */ |
346 | | - else if (rc == 0) |
347 | | - rc = -EPERM; |
348 | | - return rc; |
| 314 | + return audit_do_config_change("audit_enabled", &audit_enabled, state, |
| 315 | + loginuid, sid); |
349 | 316 | } |
350 | 317 |
|
351 | 318 | static int audit_set_failure(int state, uid_t loginuid, u32 sid) |
352 | 319 | { |
353 | | - int res, rc = 0, old = audit_failure; |
354 | | - |
355 | 320 | if (state != AUDIT_FAIL_SILENT |
356 | 321 | && state != AUDIT_FAIL_PRINTK |
357 | 322 | && state != AUDIT_FAIL_PANIC) |
358 | 323 | return -EINVAL; |
359 | 324 |
|
360 | | - /* check if we are locked */ |
361 | | - if (audit_enabled == 2) |
362 | | - res = 0; |
363 | | - else |
364 | | - res = 1; |
365 | | - |
366 | | - if (sid) { |
367 | | - char *ctx = NULL; |
368 | | - u32 len; |
369 | | - if ((rc = selinux_sid_to_string(sid, &ctx, &len)) == 0) { |
370 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
371 | | - "audit_failure=%d old=%d by auid=%u" |
372 | | - " subj=%s res=%d", |
373 | | - state, old, loginuid, ctx, res); |
374 | | - kfree(ctx); |
375 | | - } else |
376 | | - res = 0; /* Something weird, deny request */ |
377 | | - } |
378 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
379 | | - "audit_failure=%d old=%d by auid=%u res=%d", |
380 | | - state, old, loginuid, res); |
381 | | - |
382 | | - /* If we are allowed, make the change */ |
383 | | - if (res == 1) |
384 | | - audit_failure = state; |
385 | | - /* Not allowed, update reason */ |
386 | | - else if (rc == 0) |
387 | | - rc = -EPERM; |
388 | | - return rc; |
| 325 | + return audit_do_config_change("audit_failure", &audit_failure, state, |
| 326 | + loginuid, sid); |
389 | 327 | } |
390 | 328 |
|
391 | 329 | static int kauditd_thread(void *dummy) |
@@ -634,23 +572,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) |
634 | 572 | if (err < 0) return err; |
635 | 573 | } |
636 | 574 | if (status_get->mask & AUDIT_STATUS_PID) { |
637 | | - int old = audit_pid; |
638 | | - if (sid) { |
639 | | - if ((err = selinux_sid_to_string( |
640 | | - sid, &ctx, &len))) |
641 | | - return err; |
642 | | - else |
643 | | - audit_log(NULL, GFP_KERNEL, |
644 | | - AUDIT_CONFIG_CHANGE, |
645 | | - "audit_pid=%d old=%d by auid=%u subj=%s", |
646 | | - status_get->pid, old, |
647 | | - loginuid, ctx); |
648 | | - kfree(ctx); |
649 | | - } else |
650 | | - audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, |
651 | | - "audit_pid=%d old=%d by auid=%u", |
652 | | - status_get->pid, old, loginuid); |
653 | | - audit_pid = status_get->pid; |
| 575 | + int new_pid = status_get->pid; |
| 576 | + |
| 577 | + if (audit_enabled != AUDIT_OFF) |
| 578 | + audit_log_config_change("audit_pid", new_pid, |
| 579 | + audit_pid, loginuid, |
| 580 | + sid, 1); |
| 581 | + |
| 582 | + audit_pid = new_pid; |
654 | 583 | } |
655 | 584 | if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) |
656 | 585 | err = audit_set_rate_limit(status_get->rate_limit, |
@@ -709,7 +638,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) |
709 | 638 | case AUDIT_DEL: |
710 | 639 | if (nlmsg_len(nlh) < sizeof(struct audit_rule)) |
711 | 640 | return -EINVAL; |
712 | | - if (audit_enabled == 2) { |
| 641 | + if (audit_enabled == AUDIT_LOCKED) { |
713 | 642 | ab = audit_log_start(NULL, GFP_KERNEL, |
714 | 643 | AUDIT_CONFIG_CHANGE); |
715 | 644 | if (ab) { |
@@ -743,7 +672,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) |
743 | 672 | case AUDIT_DEL_RULE: |
744 | 673 | if (nlmsg_len(nlh) < sizeof(struct audit_rule_data)) |
745 | 674 | return -EINVAL; |
746 | | - if (audit_enabled == 2) { |
| 675 | + if (audit_enabled == AUDIT_LOCKED) { |
747 | 676 | ab = audit_log_start(NULL, GFP_KERNEL, |
748 | 677 | AUDIT_CONFIG_CHANGE); |
749 | 678 | if (ab) { |
|
0 commit comments