static int path_name(const char *op, struct aa_label *label, const struct path *path, int flags, char *buffer, const char **name, struct path_cond *cond, u32 request) { struct aa_profile *profile; const char *info = NULL; int error; error = aa_path_name(path, flags, buffer, name, &info, labels_profile(label)->disconnected); if (error) { fn_for_each_confined(label, profile, aa_audit_file(profile, &nullperms, op, request, *name, NULL, NULL, cond->uid, info, error)); return error; } return 0; }
/** * audit_base - core AppArmor function. * @ab: audit buffer to fill (NOT NULL) * @ca: audit structure containing data to audit (NOT NULL) * * Record common AppArmor audit data from @sa */ static void audit_pre(struct audit_buffer *ab, void *ca) { struct common_audit_data *sa = ca; if (aa_g_audit_header) { audit_log_format(ab, "apparmor="); audit_log_string(ab, aa_audit_type[aad(sa)->type]); } if (aad(sa)->op) { audit_log_format(ab, " operation="); audit_log_string(ab, op_table[aad(sa)->op]); } if (aad(sa)->info) { audit_log_format(ab, " info="); audit_log_string(ab, aad(sa)->info); if (aad(sa)->error) audit_log_format(ab, " error=%d", aad(sa)->error); } if (aad(sa)->label) { struct aa_label *label = aad(sa)->label; if (label_isprofile(label)) { struct aa_profile *profile = labels_profile(label); if (profile->ns != root_ns) { audit_log_format(ab, " namespace="); audit_log_untrustedstring(ab, profile->ns->base.hname); } audit_log_format(ab, " profile="); audit_log_untrustedstring(ab, profile->base.hname); } else { audit_log_format(ab, " label="); aa_label_audit(ab, root_ns, label, false, GFP_ATOMIC); } } if (aad(sa)->name) { audit_log_format(ab, " name="); audit_log_untrustedstring(ab, aad(sa)->name); } }
} /** * audit_iface - do audit message for policy unpacking/load/replace/remove * @new: profile if it has been allocated (MAYBE NULL) * @name: name of the profile being manipulated (MAYBE NULL) * @info: any extra info about the failure (MAYBE NULL) * @e: buffer position info * @error: error code * * Returns: %0 or error */ static int audit_iface(struct aa_profile *new, const char *name, const char *info, struct aa_ext *e, int error) { struct aa_profile *profile = labels_profile(__aa_current_label()); DEFINE_AUDIT_DATA(sa, LSM_AUDIT_DATA_NONE, 0); if (e) aad(&sa)->iface.pos = e->pos - e->start; aad(&sa)->target = new; aad(&sa)->name = name; aad(&sa)->info = info; aad(&sa)->error = error; return aa_audit(AUDIT_APPARMOR_STATUS, profile, &sa, audit_cb); } /* test if read will be in packed data bounds */ static bool inbounds(struct aa_ext *e, size_t size) { return (size <= e->end - e->pos);