/* audit callback for net specific fields */ void audit_net_cb(struct audit_buffer *ab, void *va) { struct common_audit_data *sa = va; audit_log_format(ab, " family="); if (address_family_names[sa->u.net->family]) audit_log_string(ab, address_family_names[sa->u.net->family]); else audit_log_format(ab, "\"unknown(%d)\"", sa->u.net->family); audit_log_format(ab, " sock_type="); if (sock_type_names[aad(sa)->net.type]) audit_log_string(ab, sock_type_names[aad(sa)->net.type]); else audit_log_format(ab, "\"unknown(%d)\"", aad(sa)->net.type); audit_log_format(ab, " protocol=%d", aad(sa)->net.protocol); if (aad(sa)->request & NET_PERMS_MASK) { audit_log_format(ab, " requested_mask="); aa_audit_perm_mask(ab, aad(sa)->request, NULL, 0, net_mask_names, NET_PERMS_MASK); if (aad(sa)->denied & NET_PERMS_MASK) { audit_log_format(ab, " denied_mask="); aa_audit_perm_mask(ab, aad(sa)->denied, NULL, 0, net_mask_names, NET_PERMS_MASK); } } if (aad(sa)->peer) { audit_log_format(ab, " peer="); aa_label_xaudit(ab, labels_ns(aad(sa)->label), aad(sa)->peer, FLAGS_NONE, GFP_ATOMIC); } }
/* audit callback for net specific fields */ void audit_net_cb(struct audit_buffer *ab, void *va) { struct common_audit_data *sa = va; audit_log_format(ab, " family="); if (address_family_names[sa->u.net->family]) { audit_log_string(ab, address_family_names[sa->u.net->family]); } else { audit_log_format(ab, "\"unknown(%d)\"", sa->u.net->family); } audit_log_format(ab, " sock_type="); if (sock_type_names[aad(sa)->net.type]) { audit_log_string(ab, sock_type_names[aad(sa)->net.type]); } else { audit_log_format(ab, "\"unknown(%d)\"", aad(sa)->net.type); } audit_log_format(ab, " protocol=%d", aad(sa)->net.protocol); if (aad(sa)->request & NET_PERMS_MASK) { audit_log_format(ab, " requested_mask="); aa_audit_perm_mask(ab, aad(sa)->request, NULL, 0, net_mask_names, NET_PERMS_MASK); if (aad(sa)->denied & NET_PERMS_MASK) { audit_log_format(ab, " denied_mask="); aa_audit_perm_mask(ab, aad(sa)->denied, NULL, 0, net_mask_names, NET_PERMS_MASK); } } if (sa->u.net->family == AF_UNIX) { if ((aad(sa)->request & ~NET_PEER_MASK) && aad(sa)->net.addr) audit_unix_addr(ab, "addr", unix_addr(aad(sa)->net.addr), aad(sa)->net.addrlen); else audit_unix_sk_addr(ab, "addr", sa->u.net->sk); if (aad(sa)->request & NET_PEER_MASK) { if (aad(sa)->net.addr) audit_unix_addr(ab, "peer_addr", unix_addr(aad(sa)->net.addr), aad(sa)->net.addrlen); else audit_unix_sk_addr(ab, "peer_addr", aad(sa)->net.peer_sk); } } if (aad(sa)->target) { audit_log_format(ab, " peer="); audit_log_untrustedstring(ab, aad(sa)->target); } }
/** * aa_audit_perms_cb - generic callback fn for auditing perms * @ab: audit buffer (NOT NULL) * @va: audit struct to audit values of (NOT NULL) */ static void aa_audit_perms_cb(struct audit_buffer *ab, void *va) { struct common_audit_data *sa = va; if (aad(sa)->request) { audit_log_format(ab, " requested_mask="); aa_audit_perm_mask(ab, aad(sa)->request, aa_file_perm_chrs, PERMS_CHRS_MASK, aa_file_perm_names, PERMS_NAMES_MASK); } if (aad(sa)->denied) { audit_log_format(ab, "denied_mask="); aa_audit_perm_mask(ab, aad(sa)->denied, aa_file_perm_chrs, PERMS_CHRS_MASK, aa_file_perm_names, PERMS_NAMES_MASK); } audit_log_format(ab, " target="); audit_log_untrustedstring(ab, aad(sa)->target); }