xref: /openbmc/linux/security/apparmor/include/audit.h (revision df2634f43f5106947f3735a0b61a6527a4b278cd) 
1 /*
2  * AppArmor security module
3  *
4  * This file contains AppArmor auditing function definitions.
5  *
6  * Copyright (C) 1998-2008 Novell/SUSE
7  * Copyright 2009-2010 Canonical Ltd.
8  *
9  * This program is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU General Public License as
11  * published by the Free Software Foundation, version 2 of the
12  * License.
13  */
14 
15 #ifndef __AA_AUDIT_H
16 #define __AA_AUDIT_H
17 
18 #include <linux/audit.h>
19 #include <linux/fs.h>
20 #include <linux/lsm_audit.h>
21 #include <linux/sched.h>
22 #include <linux/slab.h>
23 
24 #include "file.h"
25 
26 struct aa_profile;
27 
28 extern const char *audit_mode_names[];
29 #define AUDIT_MAX_INDEX 5
30 
31 #define AUDIT_APPARMOR_AUTO 0	/* auto choose audit message type */
32 
33 enum audit_mode {
34 	AUDIT_NORMAL,		/* follow normal auditing of accesses */
35 	AUDIT_QUIET_DENIED,	/* quiet all denied access messages */
36 	AUDIT_QUIET,		/* quiet all messages */
37 	AUDIT_NOQUIET,		/* do not quiet audit messages */
38 	AUDIT_ALL		/* audit all accesses */
39 };
40 
41 enum audit_type {
42 	AUDIT_APPARMOR_AUDIT,
43 	AUDIT_APPARMOR_ALLOWED,
44 	AUDIT_APPARMOR_DENIED,
45 	AUDIT_APPARMOR_HINT,
46 	AUDIT_APPARMOR_STATUS,
47 	AUDIT_APPARMOR_ERROR,
48 	AUDIT_APPARMOR_KILL
49 };
50 
51 extern const char *op_table[];
52 enum aa_ops {
53 	OP_NULL,
54 
55 	OP_SYSCTL,
56 	OP_CAPABLE,
57 
58 	OP_UNLINK,
59 	OP_MKDIR,
60 	OP_RMDIR,
61 	OP_MKNOD,
62 	OP_TRUNC,
63 	OP_LINK,
64 	OP_SYMLINK,
65 	OP_RENAME_SRC,
66 	OP_RENAME_DEST,
67 	OP_CHMOD,
68 	OP_CHOWN,
69 	OP_GETATTR,
70 	OP_OPEN,
71 
72 	OP_FPERM,
73 	OP_FLOCK,
74 	OP_FMMAP,
75 	OP_FMPROT,
76 
77 	OP_CREATE,
78 	OP_POST_CREATE,
79 	OP_BIND,
80 	OP_CONNECT,
81 	OP_LISTEN,
82 	OP_ACCEPT,
83 	OP_SENDMSG,
84 	OP_RECVMSG,
85 	OP_GETSOCKNAME,
86 	OP_GETPEERNAME,
87 	OP_GETSOCKOPT,
88 	OP_SETSOCKOPT,
89 	OP_SOCK_SHUTDOWN,
90 
91 	OP_PTRACE,
92 
93 	OP_EXEC,
94 	OP_CHANGE_HAT,
95 	OP_CHANGE_PROFILE,
96 	OP_CHANGE_ONEXEC,
97 
98 	OP_SETPROCATTR,
99 	OP_SETRLIMIT,
100 
101 	OP_PROF_REPL,
102 	OP_PROF_LOAD,
103 	OP_PROF_RM,
104 };
105 
106 
107 /* define a short hand for apparmor_audit_data portion of common_audit_data */
108 #define aad apparmor_audit_data
109 
110 void aa_audit_msg(int type, struct common_audit_data *sa,
111 		  void (*cb) (struct audit_buffer *, void *));
112 int aa_audit(int type, struct aa_profile *profile, gfp_t gfp,
113 	     struct common_audit_data *sa,
114 	     void (*cb) (struct audit_buffer *, void *));
115 
116 static inline int complain_error(int error)
117 {
118 	if (error == -EPERM || error == -EACCES)
119 		return 0;
120 	return error;
121 }
122 
123 #endif /* __AA_AUDIT_H */
124