void
gr_log_forkfail(const int retval)
{
#ifdef CONFIG_GRKERNSEC_FORKFAIL
if (grsec_enable_forkfail && (retval == -EAGAIN || retval == -ENOMEM)) {
switch (retval) {
case -EAGAIN:
gr_log_str(GR_DONT_AUDIT, GR_FAILFORK_MSG, "EAGAIN");
break;
case -ENOMEM:
gr_log_str(GR_DONT_AUDIT, GR_FAILFORK_MSG, "ENOMEM");
break;
}
}
#endif
return;
}
void
gr_log_remount(const char *devname, const int retval)
{
#ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT
if (grsec_enable_mount && (retval >= 0))
gr_log_str(GR_DO_AUDIT, GR_REMOUNT_AUDIT_MSG, devname ? devname : "none");
#endif
return;
}
int
gr_handle_sysctl_mod(const char *dirname, const char *name, const int op)
{
#ifdef CONFIG_GRKERNSEC_SYSCTL
if (!strcmp(dirname, "grsecurity") && grsec_lock && (op & MAY_WRITE)) {
gr_log_str(GR_DONT_AUDIT, GR_SYSCTL_MSG, name);
return -EACCES;
}
#endif
return 0;
}