/** * kse_audit - Audit the granting or denial of permissions. * @ssid: source security identifier * @tsid: target security identifier * @tclass: target security class * @requested: requested permissions * @avd: access vector decisions * @result: result from kse_has_perm_noaudit * @a: auxiliary audit data * * Audit the granting or denial of permissions in accordance * with the policy. This function is typically called by * kse_has_perm() after a permission check, but can also be * called directly by callers who use kse_has_perm_noaudit() * in order to separate the permission check from the auditing. * For example, this separation is useful when the permission check must * be performed under a lock, to allow the lock to be released * before calling the auditing code. */ void kse_audit(struct task_security_struct *tss1, struct task_security_struct *tss2, struct inode_security_struct *iss, int flag, int tclass, int requested,int result, struct common_audit_data *a) { struct common_audit_data stack_data; if (!a) { a = &stack_data; memset(a, 0, sizeof(*a)); a->type = LSM_AUDIT_NO_AUDIT; } a->kse_audit_data.tclass = tclass; a->kse_audit_data.requested = requested; a->kse_audit_data.tss1 = tss1; a->kse_audit_data.flag = flag; if(flag == 0) { a->kse_audit_data.tss2 = tss2; a->kse_audit_data.iss = NULL; } else if(flag == 1) { a->kse_audit_data.tss2 = NULL; a->kse_audit_data.iss = iss; } a->kse_audit_data.result = result; a->lsm_pre_audit = kse_audit_pre_callback; a->lsm_post_audit = kse_audit_post_callback; common_lsm_audit(a); }
/** * aa_audit_msg - Log a message to the audit subsystem * @sa: audit event structure (NOT NULL) * @cb: optional callback fn for type specific fields (MAYBE NULL) */ void aa_audit_msg(int type, struct common_audit_data *sa, void (*cb) (struct audit_buffer *, void *)) { /* TODO: redirect messages for profile to the correct ns * rejects from subns should goto the audit associated * with it, and audits from parent ns should got ns * associated with it */ aad(sa)->type = type; common_lsm_audit(sa, audit_pre, cb); }
void aa_audit_msg(int type, struct common_audit_data *sa, void (*cb) (struct audit_buffer *, void *)) { sa->aad->type = type; common_lsm_audit(sa, audit_pre, cb); }