1 /* 2 * Copyright (C) 2008 IBM Corporation 3 * Author: Mimi Zohar <zohar@us.ibm.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation, version 2 of the License. 8 * 9 * File: integrity_audit.c 10 * Audit calls for the integrity subsystem 11 */ 12 13 #include <linux/fs.h> 14 #include <linux/gfp.h> 15 #include <linux/audit.h> 16 #include "integrity.h" 17 18 static int integrity_audit_info; 19 20 /* ima_audit_setup - enable informational auditing messages */ 21 static int __init integrity_audit_setup(char *str) 22 { 23 unsigned long audit; 24 25 if (!strict_strtoul(str, 0, &audit)) 26 integrity_audit_info = audit ? 1 : 0; 27 return 1; 28 } 29 __setup("integrity_audit=", integrity_audit_setup); 30 31 void integrity_audit_msg(int audit_msgno, struct inode *inode, 32 const unsigned char *fname, const char *op, 33 const char *cause, int result, int audit_info) 34 { 35 struct audit_buffer *ab; 36 37 if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ 38 return; 39 40 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); 41 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u", 42 current->pid, 43 from_kuid(&init_user_ns, current_cred()->uid), 44 from_kuid(&init_user_ns, audit_get_loginuid(current)), 45 audit_get_sessionid(current)); 46 audit_log_task_context(ab); 47 audit_log_format(ab, " op="); 48 audit_log_string(ab, op); 49 audit_log_format(ab, " cause="); 50 audit_log_string(ab, cause); 51 audit_log_format(ab, " comm="); 52 audit_log_untrustedstring(ab, current->comm); 53 if (fname) { 54 audit_log_format(ab, " name="); 55 audit_log_untrustedstring(ab, fname); 56 } 57 if (inode) { 58 audit_log_format(ab, " dev="); 59 audit_log_untrustedstring(ab, inode->i_sb->s_id); 60 audit_log_format(ab, " ino=%lu", inode->i_ino); 61 } 62 audit_log_format(ab, " res=%d", !result); 63 audit_log_end(ab); 64 } 65