void gr_log_forkfail(const int retval) { #ifdef CONFIG_GRKERNSEC_FORKFAIL if (grsec_enable_forkfail && (retval == -EAGAIN || retval == -ENOMEM)) { switch (retval) { case -EAGAIN: gr_log_str(GR_DONT_AUDIT, GR_FAILFORK_MSG, "EAGAIN"); break; case -ENOMEM: gr_log_str(GR_DONT_AUDIT, GR_FAILFORK_MSG, "ENOMEM"); break; } } #endif return; }
void gr_log_remount(const char *devname, const int retval) { #ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT if (grsec_enable_mount && (retval >= 0)) gr_log_str(GR_DO_AUDIT, GR_REMOUNT_AUDIT_MSG, devname ? devname : "none"); #endif return; }
int gr_handle_sysctl_mod(const char *dirname, const char *name, const int op) { #ifdef CONFIG_GRKERNSEC_SYSCTL if (!strcmp(dirname, "grsecurity") && grsec_lock && (op & MAY_WRITE)) { gr_log_str(GR_DONT_AUDIT, GR_SYSCTL_MSG, name); return -EACCES; } #endif return 0; }