18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-only 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * Copyright (C) 2008 IBM Corporation 48c2ecf20Sopenharmony_ci * Author: Mimi Zohar <zohar@us.ibm.com> 58c2ecf20Sopenharmony_ci * 68c2ecf20Sopenharmony_ci * File: integrity_audit.c 78c2ecf20Sopenharmony_ci * Audit calls for the integrity subsystem 88c2ecf20Sopenharmony_ci */ 98c2ecf20Sopenharmony_ci 108c2ecf20Sopenharmony_ci#include <linux/fs.h> 118c2ecf20Sopenharmony_ci#include <linux/gfp.h> 128c2ecf20Sopenharmony_ci#include <linux/audit.h> 138c2ecf20Sopenharmony_ci#include "integrity.h" 148c2ecf20Sopenharmony_ci 158c2ecf20Sopenharmony_cistatic int integrity_audit_info; 168c2ecf20Sopenharmony_ci 178c2ecf20Sopenharmony_ci/* ima_audit_setup - enable informational auditing messages */ 188c2ecf20Sopenharmony_cistatic int __init integrity_audit_setup(char *str) 198c2ecf20Sopenharmony_ci{ 208c2ecf20Sopenharmony_ci unsigned long audit; 218c2ecf20Sopenharmony_ci 228c2ecf20Sopenharmony_ci if (!kstrtoul(str, 0, &audit)) 238c2ecf20Sopenharmony_ci integrity_audit_info = audit ? 1 : 0; 248c2ecf20Sopenharmony_ci return 1; 258c2ecf20Sopenharmony_ci} 268c2ecf20Sopenharmony_ci__setup("integrity_audit=", integrity_audit_setup); 278c2ecf20Sopenharmony_ci 288c2ecf20Sopenharmony_civoid integrity_audit_msg(int audit_msgno, struct inode *inode, 298c2ecf20Sopenharmony_ci const unsigned char *fname, const char *op, 308c2ecf20Sopenharmony_ci const char *cause, int result, int audit_info) 318c2ecf20Sopenharmony_ci{ 328c2ecf20Sopenharmony_ci integrity_audit_message(audit_msgno, inode, fname, op, cause, 338c2ecf20Sopenharmony_ci result, audit_info, 0); 348c2ecf20Sopenharmony_ci} 358c2ecf20Sopenharmony_ci 368c2ecf20Sopenharmony_civoid integrity_audit_message(int audit_msgno, struct inode *inode, 378c2ecf20Sopenharmony_ci const unsigned char *fname, const char *op, 388c2ecf20Sopenharmony_ci const char *cause, int result, int audit_info, 398c2ecf20Sopenharmony_ci int errno) 408c2ecf20Sopenharmony_ci{ 418c2ecf20Sopenharmony_ci struct audit_buffer *ab; 428c2ecf20Sopenharmony_ci char name[TASK_COMM_LEN]; 438c2ecf20Sopenharmony_ci 448c2ecf20Sopenharmony_ci if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ 458c2ecf20Sopenharmony_ci return; 468c2ecf20Sopenharmony_ci 478c2ecf20Sopenharmony_ci ab = audit_log_start(audit_context(), GFP_KERNEL, audit_msgno); 488c2ecf20Sopenharmony_ci if (!ab) 498c2ecf20Sopenharmony_ci return; 508c2ecf20Sopenharmony_ci audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u", 518c2ecf20Sopenharmony_ci task_pid_nr(current), 528c2ecf20Sopenharmony_ci from_kuid(&init_user_ns, current_uid()), 538c2ecf20Sopenharmony_ci from_kuid(&init_user_ns, audit_get_loginuid(current)), 548c2ecf20Sopenharmony_ci audit_get_sessionid(current)); 558c2ecf20Sopenharmony_ci audit_log_task_context(ab); 568c2ecf20Sopenharmony_ci audit_log_format(ab, " op=%s cause=%s comm=", op, cause); 578c2ecf20Sopenharmony_ci audit_log_untrustedstring(ab, get_task_comm(name, current)); 588c2ecf20Sopenharmony_ci if (fname) { 598c2ecf20Sopenharmony_ci audit_log_format(ab, " name="); 608c2ecf20Sopenharmony_ci audit_log_untrustedstring(ab, fname); 618c2ecf20Sopenharmony_ci } 628c2ecf20Sopenharmony_ci if (inode) { 638c2ecf20Sopenharmony_ci audit_log_format(ab, " dev="); 648c2ecf20Sopenharmony_ci audit_log_untrustedstring(ab, inode->i_sb->s_id); 658c2ecf20Sopenharmony_ci audit_log_format(ab, " ino=%lu", inode->i_ino); 668c2ecf20Sopenharmony_ci } 678c2ecf20Sopenharmony_ci audit_log_format(ab, " res=%d errno=%d", !result, errno); 688c2ecf20Sopenharmony_ci audit_log_end(ab); 698c2ecf20Sopenharmony_ci} 70