diff options
-rw-r--r-- | arch/i386/kernel/audit.c | 12 | ||||
-rw-r--r-- | arch/ia64/ia32/audit.c | 10 | ||||
-rw-r--r-- | arch/ia64/kernel/audit.c | 16 | ||||
-rw-r--r-- | arch/powerpc/kernel/audit.c | 16 | ||||
-rw-r--r-- | arch/powerpc/kernel/compat_audit.c | 10 | ||||
-rw-r--r-- | arch/s390/kernel/audit.c | 16 | ||||
-rw-r--r-- | arch/s390/kernel/compat_audit.c | 10 | ||||
-rw-r--r-- | arch/x86_64/ia32/audit.c | 10 | ||||
-rw-r--r-- | arch/x86_64/kernel/audit.c | 16 | ||||
-rw-r--r-- | include/asm-generic/audit_read.h | 8 | ||||
-rw-r--r-- | include/asm-generic/audit_write.h | 11 | ||||
-rw-r--r-- | include/linux/audit.h | 4 |
12 files changed, 139 insertions, 0 deletions
diff --git a/arch/i386/kernel/audit.c b/arch/i386/kernel/audit.c index 5a53c6f..28bbc46 100644 --- a/arch/i386/kernel/audit.c +++ b/arch/i386/kernel/audit.c @@ -8,6 +8,16 @@ static unsigned dir_class[] = { ~0U }; +static unsigned read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; + +static unsigned write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + static unsigned chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U @@ -15,6 +25,8 @@ static unsigned chattr_class[] = { static int __init audit_classes_init(void) { + audit_register_class(AUDIT_CLASS_WRITE, write_class); + audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); return 0; diff --git a/arch/ia64/ia32/audit.c b/arch/ia64/ia32/audit.c index ab94f2e..79850199 100644 --- a/arch/ia64/ia32/audit.c +++ b/arch/ia64/ia32/audit.c @@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U }; + +unsigned ia32_write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + +unsigned ia32_read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; diff --git a/arch/ia64/kernel/audit.c b/arch/ia64/kernel/audit.c index f251293..99488cd 100644 --- a/arch/ia64/kernel/audit.c +++ b/arch/ia64/kernel/audit.c @@ -8,6 +8,16 @@ static unsigned dir_class[] = { ~0U }; +static unsigned read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; + +static unsigned write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + static unsigned chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U @@ -17,10 +27,16 @@ static int __init audit_classes_init(void) { #ifdef CONFIG_IA32_SUPPORT extern __u32 ia32_dir_class[]; + extern __u32 ia32_write_class[]; + extern __u32 ia32_read_class[]; extern __u32 ia32_chattr_class[]; + audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class); + audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); #endif + audit_register_class(AUDIT_CLASS_WRITE, write_class); + audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); return 0; diff --git a/arch/powerpc/kernel/audit.c b/arch/powerpc/kernel/audit.c index caf085a..24a65e3 100644 --- a/arch/powerpc/kernel/audit.c +++ b/arch/powerpc/kernel/audit.c @@ -8,6 +8,16 @@ static unsigned dir_class[] = { ~0U }; +static unsigned read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; + +static unsigned write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + static unsigned chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U @@ -17,10 +27,16 @@ static int __init audit_classes_init(void) { #ifdef CONFIG_PPC64 extern __u32 ppc32_dir_class[]; + extern __u32 ppc32_write_class[]; + extern __u32 ppc32_read_class[]; extern __u32 ppc32_chattr_class[]; + audit_register_class(AUDIT_CLASS_WRITE_32, ppc32_write_class); + audit_register_class(AUDIT_CLASS_READ_32, ppc32_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class); #endif + audit_register_class(AUDIT_CLASS_WRITE, write_class); + audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); return 0; diff --git a/arch/powerpc/kernel/compat_audit.c b/arch/powerpc/kernel/compat_audit.c index dbbb8b8..ddc0a64 100644 --- a/arch/powerpc/kernel/compat_audit.c +++ b/arch/powerpc/kernel/compat_audit.c @@ -10,3 +10,13 @@ unsigned ppc32_chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U }; + +unsigned ppc32_write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + +unsigned ppc32_read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; diff --git a/arch/s390/kernel/audit.c b/arch/s390/kernel/audit.c index c26cd6c..cde5703 100644 --- a/arch/s390/kernel/audit.c +++ b/arch/s390/kernel/audit.c @@ -8,6 +8,16 @@ static unsigned dir_class[] = { ~0U }; +static unsigned read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; + +static unsigned write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + static unsigned chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U @@ -17,10 +27,16 @@ static int __init audit_classes_init(void) { #ifdef CONFIG_COMPAT extern __u32 s390_dir_class[]; + extern __u32 s390_write_class[]; + extern __u32 s390_read_class[]; extern __u32 s390_chattr_class[]; + audit_register_class(AUDIT_CLASS_WRITE_32, s390_write_class); + audit_register_class(AUDIT_CLASS_READ_32, s390_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class); #endif + audit_register_class(AUDIT_CLASS_WRITE, write_class); + audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); return 0; diff --git a/arch/s390/kernel/compat_audit.c b/arch/s390/kernel/compat_audit.c index 1a7d34f..d9e5f35 100644 --- a/arch/s390/kernel/compat_audit.c +++ b/arch/s390/kernel/compat_audit.c @@ -10,3 +10,13 @@ unsigned s390_chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U }; + +unsigned s390_write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + +unsigned s390_read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; diff --git a/arch/x86_64/ia32/audit.c b/arch/x86_64/ia32/audit.c index ab94f2e..79850199 100644 --- a/arch/x86_64/ia32/audit.c +++ b/arch/x86_64/ia32/audit.c @@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U }; + +unsigned ia32_write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + +unsigned ia32_read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; diff --git a/arch/x86_64/kernel/audit.c b/arch/x86_64/kernel/audit.c index a067aa4..36840ac 100644 --- a/arch/x86_64/kernel/audit.c +++ b/arch/x86_64/kernel/audit.c @@ -8,6 +8,16 @@ static unsigned dir_class[] = { ~0U }; +static unsigned read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; + +static unsigned write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + static unsigned chattr_class[] = { #include <asm-generic/audit_change_attr.h> ~0U @@ -17,10 +27,16 @@ static int __init audit_classes_init(void) { #ifdef CONFIG_IA32_EMULATION extern __u32 ia32_dir_class[]; + extern __u32 ia32_write_class[]; + extern __u32 ia32_read_class[]; extern __u32 ia32_chattr_class[]; + audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class); + audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class); audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class); #endif + audit_register_class(AUDIT_CLASS_WRITE, write_class); + audit_register_class(AUDIT_CLASS_READ, read_class); audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class); audit_register_class(AUDIT_CLASS_CHATTR, chattr_class); return 0; diff --git a/include/asm-generic/audit_read.h b/include/asm-generic/audit_read.h new file mode 100644 index 0000000..0e87464 --- /dev/null +++ b/include/asm-generic/audit_read.h @@ -0,0 +1,8 @@ +__NR_readlink, +__NR_quotactl, +__NR_listxattr, +__NR_llistxattr, +__NR_flistxattr, +__NR_getxattr, +__NR_lgetxattr, +__NR_fgetxattr, diff --git a/include/asm-generic/audit_write.h b/include/asm-generic/audit_write.h new file mode 100644 index 0000000..f10d367 --- /dev/null +++ b/include/asm-generic/audit_write.h @@ -0,0 +1,11 @@ +#include <asm-generic/audit_dir_write.h> +__NR_acct, +__NR_swapon, +__NR_quotactl, +__NR_truncate, +#ifdef __NR_truncate64 +__NR_truncate64, +#endif +#ifdef __NR_bind +__NR_bind, /* bind can affect fs object only in one way... */ +#endif diff --git a/include/linux/audit.h b/include/linux/audit.h index 64f9f9e..1077362 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -132,6 +132,10 @@ #define AUDIT_CLASS_DIR_WRITE_32 1 #define AUDIT_CLASS_CHATTR 2 #define AUDIT_CLASS_CHATTR_32 3 +#define AUDIT_CLASS_READ 4 +#define AUDIT_CLASS_READ_32 5 +#define AUDIT_CLASS_WRITE 6 +#define AUDIT_CLASS_WRITE_32 7 /* This bitmask is used to validate user input. It represents all bits that * are currently used in an audit field constant understood by the kernel. |