162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-only 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * Copyright (C) 2008 IBM Corporation 462306a36Sopenharmony_ci * Author: Mimi Zohar <zohar@us.ibm.com> 562306a36Sopenharmony_ci * 662306a36Sopenharmony_ci * File: integrity_audit.c 762306a36Sopenharmony_ci * Audit calls for the integrity subsystem 862306a36Sopenharmony_ci */ 962306a36Sopenharmony_ci 1062306a36Sopenharmony_ci#include <linux/fs.h> 1162306a36Sopenharmony_ci#include <linux/gfp.h> 1262306a36Sopenharmony_ci#include <linux/audit.h> 1362306a36Sopenharmony_ci#include "integrity.h" 1462306a36Sopenharmony_ci 1562306a36Sopenharmony_cistatic int integrity_audit_info; 1662306a36Sopenharmony_ci 1762306a36Sopenharmony_ci/* ima_audit_setup - enable informational auditing messages */ 1862306a36Sopenharmony_cistatic int __init integrity_audit_setup(char *str) 1962306a36Sopenharmony_ci{ 2062306a36Sopenharmony_ci unsigned long audit; 2162306a36Sopenharmony_ci 2262306a36Sopenharmony_ci if (!kstrtoul(str, 0, &audit)) 2362306a36Sopenharmony_ci integrity_audit_info = audit ? 1 : 0; 2462306a36Sopenharmony_ci return 1; 2562306a36Sopenharmony_ci} 2662306a36Sopenharmony_ci__setup("integrity_audit=", integrity_audit_setup); 2762306a36Sopenharmony_ci 2862306a36Sopenharmony_civoid integrity_audit_msg(int audit_msgno, struct inode *inode, 2962306a36Sopenharmony_ci const unsigned char *fname, const char *op, 3062306a36Sopenharmony_ci const char *cause, int result, int audit_info) 3162306a36Sopenharmony_ci{ 3262306a36Sopenharmony_ci integrity_audit_message(audit_msgno, inode, fname, op, cause, 3362306a36Sopenharmony_ci result, audit_info, 0); 3462306a36Sopenharmony_ci} 3562306a36Sopenharmony_ci 3662306a36Sopenharmony_civoid integrity_audit_message(int audit_msgno, struct inode *inode, 3762306a36Sopenharmony_ci const unsigned char *fname, const char *op, 3862306a36Sopenharmony_ci const char *cause, int result, int audit_info, 3962306a36Sopenharmony_ci int errno) 4062306a36Sopenharmony_ci{ 4162306a36Sopenharmony_ci struct audit_buffer *ab; 4262306a36Sopenharmony_ci char name[TASK_COMM_LEN]; 4362306a36Sopenharmony_ci 4462306a36Sopenharmony_ci if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ 4562306a36Sopenharmony_ci return; 4662306a36Sopenharmony_ci 4762306a36Sopenharmony_ci ab = audit_log_start(audit_context(), GFP_KERNEL, audit_msgno); 4862306a36Sopenharmony_ci if (!ab) 4962306a36Sopenharmony_ci return; 5062306a36Sopenharmony_ci audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u", 5162306a36Sopenharmony_ci task_pid_nr(current), 5262306a36Sopenharmony_ci from_kuid(&init_user_ns, current_uid()), 5362306a36Sopenharmony_ci from_kuid(&init_user_ns, audit_get_loginuid(current)), 5462306a36Sopenharmony_ci audit_get_sessionid(current)); 5562306a36Sopenharmony_ci audit_log_task_context(ab); 5662306a36Sopenharmony_ci audit_log_format(ab, " op=%s cause=%s comm=", op, cause); 5762306a36Sopenharmony_ci audit_log_untrustedstring(ab, get_task_comm(name, current)); 5862306a36Sopenharmony_ci if (fname) { 5962306a36Sopenharmony_ci audit_log_format(ab, " name="); 6062306a36Sopenharmony_ci audit_log_untrustedstring(ab, fname); 6162306a36Sopenharmony_ci } 6262306a36Sopenharmony_ci if (inode) { 6362306a36Sopenharmony_ci audit_log_format(ab, " dev="); 6462306a36Sopenharmony_ci audit_log_untrustedstring(ab, inode->i_sb->s_id); 6562306a36Sopenharmony_ci audit_log_format(ab, " ino=%lu", inode->i_ino); 6662306a36Sopenharmony_ci } 6762306a36Sopenharmony_ci audit_log_format(ab, " res=%d errno=%d", !result, errno); 6862306a36Sopenharmony_ci audit_log_end(ab); 6962306a36Sopenharmony_ci} 70