Back to home page

OSCL-LXR
 
 

     

0001 /* SPDX-License-Identifier: GPL-2.0-or-later */
0002 /* audit.h -- Auditing support
0003  *
0004  * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
0005  * All Rights Reserved.
0006  *
0007  * Written by Rickard E. (Rik) Faith <faith@redhat.com>
0008  */
0009 #ifndef _LINUX_AUDIT_H_
0010 #define _LINUX_AUDIT_H_
0011 
0012 #include <linux/sched.h>
0013 #include <linux/ptrace.h>
0014 #include <linux/audit_arch.h>
0015 #include <uapi/linux/audit.h>
0016 #include <uapi/linux/netfilter/nf_tables.h>
0017 
0018 #define AUDIT_INO_UNSET ((unsigned long)-1)
0019 #define AUDIT_DEV_UNSET ((dev_t)-1)
0020 
0021 struct audit_sig_info {
0022     uid_t       uid;
0023     pid_t       pid;
0024     char        ctx[];
0025 };
0026 
0027 struct audit_buffer;
0028 struct audit_context;
0029 struct inode;
0030 struct netlink_skb_parms;
0031 struct path;
0032 struct linux_binprm;
0033 struct mq_attr;
0034 struct mqstat;
0035 struct audit_watch;
0036 struct audit_tree;
0037 struct sk_buff;
0038 
0039 struct audit_krule {
0040     u32         pflags;
0041     u32         flags;
0042     u32         listnr;
0043     u32         action;
0044     u32         mask[AUDIT_BITMASK_SIZE];
0045     u32         buflen; /* for data alloc on list rules */
0046     u32         field_count;
0047     char            *filterkey; /* ties events to rules */
0048     struct audit_field  *fields;
0049     struct audit_field  *arch_f; /* quick access to arch field */
0050     struct audit_field  *inode_f; /* quick access to an inode field */
0051     struct audit_watch  *watch; /* associated watch */
0052     struct audit_tree   *tree;  /* associated watched tree */
0053     struct audit_fsnotify_mark  *exe;
0054     struct list_head    rlist;  /* entry in audit_{watch,tree}.rules list */
0055     struct list_head    list;   /* for AUDIT_LIST* purposes only */
0056     u64         prio;
0057 };
0058 
0059 /* Flag to indicate legacy AUDIT_LOGINUID unset usage */
0060 #define AUDIT_LOGINUID_LEGACY       0x1
0061 
0062 struct audit_field {
0063     u32             type;
0064     union {
0065         u32         val;
0066         kuid_t          uid;
0067         kgid_t          gid;
0068         struct {
0069             char        *lsm_str;
0070             void        *lsm_rule;
0071         };
0072     };
0073     u32             op;
0074 };
0075 
0076 enum audit_ntp_type {
0077     AUDIT_NTP_OFFSET,
0078     AUDIT_NTP_FREQ,
0079     AUDIT_NTP_STATUS,
0080     AUDIT_NTP_TAI,
0081     AUDIT_NTP_TICK,
0082     AUDIT_NTP_ADJUST,
0083 
0084     AUDIT_NTP_NVALS /* count */
0085 };
0086 
0087 #ifdef CONFIG_AUDITSYSCALL
0088 struct audit_ntp_val {
0089     long long oldval, newval;
0090 };
0091 
0092 struct audit_ntp_data {
0093     struct audit_ntp_val vals[AUDIT_NTP_NVALS];
0094 };
0095 #else
0096 struct audit_ntp_data {};
0097 #endif
0098 
0099 enum audit_nfcfgop {
0100     AUDIT_XT_OP_REGISTER,
0101     AUDIT_XT_OP_REPLACE,
0102     AUDIT_XT_OP_UNREGISTER,
0103     AUDIT_NFT_OP_TABLE_REGISTER,
0104     AUDIT_NFT_OP_TABLE_UNREGISTER,
0105     AUDIT_NFT_OP_CHAIN_REGISTER,
0106     AUDIT_NFT_OP_CHAIN_UNREGISTER,
0107     AUDIT_NFT_OP_RULE_REGISTER,
0108     AUDIT_NFT_OP_RULE_UNREGISTER,
0109     AUDIT_NFT_OP_SET_REGISTER,
0110     AUDIT_NFT_OP_SET_UNREGISTER,
0111     AUDIT_NFT_OP_SETELEM_REGISTER,
0112     AUDIT_NFT_OP_SETELEM_UNREGISTER,
0113     AUDIT_NFT_OP_GEN_REGISTER,
0114     AUDIT_NFT_OP_OBJ_REGISTER,
0115     AUDIT_NFT_OP_OBJ_UNREGISTER,
0116     AUDIT_NFT_OP_OBJ_RESET,
0117     AUDIT_NFT_OP_FLOWTABLE_REGISTER,
0118     AUDIT_NFT_OP_FLOWTABLE_UNREGISTER,
0119     AUDIT_NFT_OP_INVALID,
0120 };
0121 
0122 extern int __init audit_register_class(int class, unsigned *list);
0123 extern int audit_classify_syscall(int abi, unsigned syscall);
0124 extern int audit_classify_arch(int arch);
0125 /* only for compat system calls */
0126 extern unsigned compat_write_class[];
0127 extern unsigned compat_read_class[];
0128 extern unsigned compat_dir_class[];
0129 extern unsigned compat_chattr_class[];
0130 extern unsigned compat_signal_class[];
0131 
0132 extern int audit_classify_compat_syscall(int abi, unsigned syscall);
0133 
0134 /* audit_names->type values */
0135 #define AUDIT_TYPE_UNKNOWN  0   /* we don't know yet */
0136 #define AUDIT_TYPE_NORMAL   1   /* a "normal" audit record */
0137 #define AUDIT_TYPE_PARENT   2   /* a parent audit record */
0138 #define AUDIT_TYPE_CHILD_DELETE 3   /* a child being deleted */
0139 #define AUDIT_TYPE_CHILD_CREATE 4   /* a child being created */
0140 
0141 /* maximized args number that audit_socketcall can process */
0142 #define AUDITSC_ARGS        6
0143 
0144 /* bit values for ->signal->audit_tty */
0145 #define AUDIT_TTY_ENABLE    BIT(0)
0146 #define AUDIT_TTY_LOG_PASSWD    BIT(1)
0147 
0148 struct filename;
0149 
0150 #define AUDIT_OFF   0
0151 #define AUDIT_ON    1
0152 #define AUDIT_LOCKED    2
0153 #ifdef CONFIG_AUDIT
0154 /* These are defined in audit.c */
0155                 /* Public API */
0156 extern __printf(4, 5)
0157 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
0158            const char *fmt, ...);
0159 
0160 extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type);
0161 extern __printf(2, 3)
0162 void audit_log_format(struct audit_buffer *ab, const char *fmt, ...);
0163 extern void         audit_log_end(struct audit_buffer *ab);
0164 extern bool         audit_string_contains_control(const char *string,
0165                               size_t len);
0166 extern void         audit_log_n_hex(struct audit_buffer *ab,
0167                       const unsigned char *buf,
0168                       size_t len);
0169 extern void         audit_log_n_string(struct audit_buffer *ab,
0170                            const char *buf,
0171                            size_t n);
0172 extern void         audit_log_n_untrustedstring(struct audit_buffer *ab,
0173                             const char *string,
0174                             size_t n);
0175 extern void         audit_log_untrustedstring(struct audit_buffer *ab,
0176                               const char *string);
0177 extern void         audit_log_d_path(struct audit_buffer *ab,
0178                          const char *prefix,
0179                          const struct path *path);
0180 extern void         audit_log_key(struct audit_buffer *ab,
0181                       char *key);
0182 extern void         audit_log_path_denied(int type,
0183                           const char *operation);
0184 extern void         audit_log_lost(const char *message);
0185 
0186 extern int audit_log_task_context(struct audit_buffer *ab);
0187 extern void audit_log_task_info(struct audit_buffer *ab);
0188 
0189 extern int          audit_update_lsm_rules(void);
0190 
0191                 /* Private API (for audit.c only) */
0192 extern int audit_rule_change(int type, int seq, void *data, size_t datasz);
0193 extern int audit_list_rules_send(struct sk_buff *request_skb, int seq);
0194 
0195 extern int audit_set_loginuid(kuid_t loginuid);
0196 
0197 static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
0198 {
0199     return tsk->loginuid;
0200 }
0201 
0202 static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
0203 {
0204     return tsk->sessionid;
0205 }
0206 
0207 extern u32 audit_enabled;
0208 
0209 extern int audit_signal_info(int sig, struct task_struct *t);
0210 
0211 #else /* CONFIG_AUDIT */
0212 static inline __printf(4, 5)
0213 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
0214            const char *fmt, ...)
0215 { }
0216 static inline struct audit_buffer *audit_log_start(struct audit_context *ctx,
0217                            gfp_t gfp_mask, int type)
0218 {
0219     return NULL;
0220 }
0221 static inline __printf(2, 3)
0222 void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
0223 { }
0224 static inline void audit_log_end(struct audit_buffer *ab)
0225 { }
0226 static inline void audit_log_n_hex(struct audit_buffer *ab,
0227                    const unsigned char *buf, size_t len)
0228 { }
0229 static inline void audit_log_n_string(struct audit_buffer *ab,
0230                       const char *buf, size_t n)
0231 { }
0232 static inline void  audit_log_n_untrustedstring(struct audit_buffer *ab,
0233                         const char *string, size_t n)
0234 { }
0235 static inline void audit_log_untrustedstring(struct audit_buffer *ab,
0236                          const char *string)
0237 { }
0238 static inline void audit_log_d_path(struct audit_buffer *ab,
0239                     const char *prefix,
0240                     const struct path *path)
0241 { }
0242 static inline void audit_log_key(struct audit_buffer *ab, char *key)
0243 { }
0244 static inline void audit_log_path_denied(int type, const char *operation)
0245 { }
0246 static inline int audit_log_task_context(struct audit_buffer *ab)
0247 {
0248     return 0;
0249 }
0250 static inline void audit_log_task_info(struct audit_buffer *ab)
0251 { }
0252 
0253 static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
0254 {
0255     return INVALID_UID;
0256 }
0257 
0258 static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
0259 {
0260     return AUDIT_SID_UNSET;
0261 }
0262 
0263 #define audit_enabled AUDIT_OFF
0264 
0265 static inline int audit_signal_info(int sig, struct task_struct *t)
0266 {
0267     return 0;
0268 }
0269 
0270 #endif /* CONFIG_AUDIT */
0271 
0272 #ifdef CONFIG_AUDIT_COMPAT_GENERIC
0273 #define audit_is_compat(arch)  (!((arch) & __AUDIT_ARCH_64BIT))
0274 #else
0275 #define audit_is_compat(arch)  false
0276 #endif
0277 
0278 #define AUDIT_INODE_PARENT  1   /* dentry represents the parent */
0279 #define AUDIT_INODE_HIDDEN  2   /* audit record should be hidden */
0280 #define AUDIT_INODE_NOEVAL  4   /* audit record incomplete */
0281 
0282 #ifdef CONFIG_AUDITSYSCALL
0283 #include <asm/syscall.h> /* for syscall_get_arch() */
0284 
0285 /* These are defined in auditsc.c */
0286                 /* Public API */
0287 extern int  audit_alloc(struct task_struct *task);
0288 extern void __audit_free(struct task_struct *task);
0289 extern void __audit_uring_entry(u8 op);
0290 extern void __audit_uring_exit(int success, long code);
0291 extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1,
0292                   unsigned long a2, unsigned long a3);
0293 extern void __audit_syscall_exit(int ret_success, long ret_value);
0294 extern struct filename *__audit_reusename(const __user char *uptr);
0295 extern void __audit_getname(struct filename *name);
0296 extern void __audit_inode(struct filename *name, const struct dentry *dentry,
0297                 unsigned int flags);
0298 extern void __audit_file(const struct file *);
0299 extern void __audit_inode_child(struct inode *parent,
0300                 const struct dentry *dentry,
0301                 const unsigned char type);
0302 extern void audit_seccomp(unsigned long syscall, long signr, int code);
0303 extern void audit_seccomp_actions_logged(const char *names,
0304                      const char *old_names, int res);
0305 extern void __audit_ptrace(struct task_struct *t);
0306 
0307 static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
0308 {
0309     task->audit_context = ctx;
0310 }
0311 
0312 static inline struct audit_context *audit_context(void)
0313 {
0314     return current->audit_context;
0315 }
0316 
0317 static inline bool audit_dummy_context(void)
0318 {
0319     void *p = audit_context();
0320     return !p || *(int *)p;
0321 }
0322 static inline void audit_free(struct task_struct *task)
0323 {
0324     if (unlikely(task->audit_context))
0325         __audit_free(task);
0326 }
0327 static inline void audit_uring_entry(u8 op)
0328 {
0329     /*
0330      * We intentionally check audit_context() before audit_enabled as most
0331      * Linux systems (as of ~2021) rely on systemd which forces audit to
0332      * be enabled regardless of the user's audit configuration.
0333      */
0334     if (unlikely(audit_context() && audit_enabled))
0335         __audit_uring_entry(op);
0336 }
0337 static inline void audit_uring_exit(int success, long code)
0338 {
0339     if (unlikely(audit_context()))
0340         __audit_uring_exit(success, code);
0341 }
0342 static inline void audit_syscall_entry(int major, unsigned long a0,
0343                        unsigned long a1, unsigned long a2,
0344                        unsigned long a3)
0345 {
0346     if (unlikely(audit_context()))
0347         __audit_syscall_entry(major, a0, a1, a2, a3);
0348 }
0349 static inline void audit_syscall_exit(void *pt_regs)
0350 {
0351     if (unlikely(audit_context())) {
0352         int success = is_syscall_success(pt_regs);
0353         long return_code = regs_return_value(pt_regs);
0354 
0355         __audit_syscall_exit(success, return_code);
0356     }
0357 }
0358 static inline struct filename *audit_reusename(const __user char *name)
0359 {
0360     if (unlikely(!audit_dummy_context()))
0361         return __audit_reusename(name);
0362     return NULL;
0363 }
0364 static inline void audit_getname(struct filename *name)
0365 {
0366     if (unlikely(!audit_dummy_context()))
0367         __audit_getname(name);
0368 }
0369 static inline void audit_inode(struct filename *name,
0370                 const struct dentry *dentry,
0371                 unsigned int aflags) {
0372     if (unlikely(!audit_dummy_context()))
0373         __audit_inode(name, dentry, aflags);
0374 }
0375 static inline void audit_file(struct file *file)
0376 {
0377     if (unlikely(!audit_dummy_context()))
0378         __audit_file(file);
0379 }
0380 static inline void audit_inode_parent_hidden(struct filename *name,
0381                         const struct dentry *dentry)
0382 {
0383     if (unlikely(!audit_dummy_context()))
0384         __audit_inode(name, dentry,
0385                 AUDIT_INODE_PARENT | AUDIT_INODE_HIDDEN);
0386 }
0387 static inline void audit_inode_child(struct inode *parent,
0388                      const struct dentry *dentry,
0389                      const unsigned char type) {
0390     if (unlikely(!audit_dummy_context()))
0391         __audit_inode_child(parent, dentry, type);
0392 }
0393 void audit_core_dumps(long signr);
0394 
0395 static inline void audit_ptrace(struct task_struct *t)
0396 {
0397     if (unlikely(!audit_dummy_context()))
0398         __audit_ptrace(t);
0399 }
0400 
0401                 /* Private API (for audit.c only) */
0402 extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
0403 extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
0404 extern void __audit_bprm(struct linux_binprm *bprm);
0405 extern int __audit_socketcall(int nargs, unsigned long *args);
0406 extern int __audit_sockaddr(int len, void *addr);
0407 extern void __audit_fd_pair(int fd1, int fd2);
0408 extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
0409 extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout);
0410 extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification);
0411 extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
0412 extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
0413                   const struct cred *new,
0414                   const struct cred *old);
0415 extern void __audit_log_capset(const struct cred *new, const struct cred *old);
0416 extern void __audit_mmap_fd(int fd, int flags);
0417 extern void __audit_openat2_how(struct open_how *how);
0418 extern void __audit_log_kern_module(char *name);
0419 extern void __audit_fanotify(unsigned int response);
0420 extern void __audit_tk_injoffset(struct timespec64 offset);
0421 extern void __audit_ntp_log(const struct audit_ntp_data *ad);
0422 extern void __audit_log_nfcfg(const char *name, u8 af, unsigned int nentries,
0423                   enum audit_nfcfgop op, gfp_t gfp);
0424 
0425 static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
0426 {
0427     if (unlikely(!audit_dummy_context()))
0428         __audit_ipc_obj(ipcp);
0429 }
0430 static inline void audit_fd_pair(int fd1, int fd2)
0431 {
0432     if (unlikely(!audit_dummy_context()))
0433         __audit_fd_pair(fd1, fd2);
0434 }
0435 static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode)
0436 {
0437     if (unlikely(!audit_dummy_context()))
0438         __audit_ipc_set_perm(qbytes, uid, gid, mode);
0439 }
0440 static inline void audit_bprm(struct linux_binprm *bprm)
0441 {
0442     if (unlikely(!audit_dummy_context()))
0443         __audit_bprm(bprm);
0444 }
0445 static inline int audit_socketcall(int nargs, unsigned long *args)
0446 {
0447     if (unlikely(!audit_dummy_context()))
0448         return __audit_socketcall(nargs, args);
0449     return 0;
0450 }
0451 
0452 static inline int audit_socketcall_compat(int nargs, u32 *args)
0453 {
0454     unsigned long a[AUDITSC_ARGS];
0455     int i;
0456 
0457     if (audit_dummy_context())
0458         return 0;
0459 
0460     for (i = 0; i < nargs; i++)
0461         a[i] = (unsigned long)args[i];
0462     return __audit_socketcall(nargs, a);
0463 }
0464 
0465 static inline int audit_sockaddr(int len, void *addr)
0466 {
0467     if (unlikely(!audit_dummy_context()))
0468         return __audit_sockaddr(len, addr);
0469     return 0;
0470 }
0471 static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
0472 {
0473     if (unlikely(!audit_dummy_context()))
0474         __audit_mq_open(oflag, mode, attr);
0475 }
0476 static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout)
0477 {
0478     if (unlikely(!audit_dummy_context()))
0479         __audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout);
0480 }
0481 static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
0482 {
0483     if (unlikely(!audit_dummy_context()))
0484         __audit_mq_notify(mqdes, notification);
0485 }
0486 static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
0487 {
0488     if (unlikely(!audit_dummy_context()))
0489         __audit_mq_getsetattr(mqdes, mqstat);
0490 }
0491 
0492 static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
0493                        const struct cred *new,
0494                        const struct cred *old)
0495 {
0496     if (unlikely(!audit_dummy_context()))
0497         return __audit_log_bprm_fcaps(bprm, new, old);
0498     return 0;
0499 }
0500 
0501 static inline void audit_log_capset(const struct cred *new,
0502                    const struct cred *old)
0503 {
0504     if (unlikely(!audit_dummy_context()))
0505         __audit_log_capset(new, old);
0506 }
0507 
0508 static inline void audit_mmap_fd(int fd, int flags)
0509 {
0510     if (unlikely(!audit_dummy_context()))
0511         __audit_mmap_fd(fd, flags);
0512 }
0513 
0514 static inline void audit_openat2_how(struct open_how *how)
0515 {
0516     if (unlikely(!audit_dummy_context()))
0517         __audit_openat2_how(how);
0518 }
0519 
0520 static inline void audit_log_kern_module(char *name)
0521 {
0522     if (!audit_dummy_context())
0523         __audit_log_kern_module(name);
0524 }
0525 
0526 static inline void audit_fanotify(unsigned int response)
0527 {
0528     if (!audit_dummy_context())
0529         __audit_fanotify(response);
0530 }
0531 
0532 static inline void audit_tk_injoffset(struct timespec64 offset)
0533 {
0534     /* ignore no-op events */
0535     if (offset.tv_sec == 0 && offset.tv_nsec == 0)
0536         return;
0537 
0538     if (!audit_dummy_context())
0539         __audit_tk_injoffset(offset);
0540 }
0541 
0542 static inline void audit_ntp_init(struct audit_ntp_data *ad)
0543 {
0544     memset(ad, 0, sizeof(*ad));
0545 }
0546 
0547 static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
0548                      enum audit_ntp_type type, long long val)
0549 {
0550     ad->vals[type].oldval = val;
0551 }
0552 
0553 static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
0554                      enum audit_ntp_type type, long long val)
0555 {
0556     ad->vals[type].newval = val;
0557 }
0558 
0559 static inline void audit_ntp_log(const struct audit_ntp_data *ad)
0560 {
0561     if (!audit_dummy_context())
0562         __audit_ntp_log(ad);
0563 }
0564 
0565 static inline void audit_log_nfcfg(const char *name, u8 af,
0566                    unsigned int nentries,
0567                    enum audit_nfcfgop op, gfp_t gfp)
0568 {
0569     if (audit_enabled)
0570         __audit_log_nfcfg(name, af, nentries, op, gfp);
0571 }
0572 
0573 extern int audit_n_rules;
0574 extern int audit_signals;
0575 #else /* CONFIG_AUDITSYSCALL */
0576 static inline int audit_alloc(struct task_struct *task)
0577 {
0578     return 0;
0579 }
0580 static inline void audit_free(struct task_struct *task)
0581 { }
0582 static inline void audit_uring_entry(u8 op)
0583 { }
0584 static inline void audit_uring_exit(int success, long code)
0585 { }
0586 static inline void audit_syscall_entry(int major, unsigned long a0,
0587                        unsigned long a1, unsigned long a2,
0588                        unsigned long a3)
0589 { }
0590 static inline void audit_syscall_exit(void *pt_regs)
0591 { }
0592 static inline bool audit_dummy_context(void)
0593 {
0594     return true;
0595 }
0596 static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
0597 { }
0598 static inline struct audit_context *audit_context(void)
0599 {
0600     return NULL;
0601 }
0602 static inline struct filename *audit_reusename(const __user char *name)
0603 {
0604     return NULL;
0605 }
0606 static inline void audit_getname(struct filename *name)
0607 { }
0608 static inline void audit_inode(struct filename *name,
0609                 const struct dentry *dentry,
0610                 unsigned int aflags)
0611 { }
0612 static inline void audit_file(struct file *file)
0613 {
0614 }
0615 static inline void audit_inode_parent_hidden(struct filename *name,
0616                 const struct dentry *dentry)
0617 { }
0618 static inline void audit_inode_child(struct inode *parent,
0619                      const struct dentry *dentry,
0620                      const unsigned char type)
0621 { }
0622 static inline void audit_core_dumps(long signr)
0623 { }
0624 static inline void audit_seccomp(unsigned long syscall, long signr, int code)
0625 { }
0626 static inline void audit_seccomp_actions_logged(const char *names,
0627                         const char *old_names, int res)
0628 { }
0629 static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
0630 { }
0631 static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
0632                     gid_t gid, umode_t mode)
0633 { }
0634 static inline void audit_bprm(struct linux_binprm *bprm)
0635 { }
0636 static inline int audit_socketcall(int nargs, unsigned long *args)
0637 {
0638     return 0;
0639 }
0640 
0641 static inline int audit_socketcall_compat(int nargs, u32 *args)
0642 {
0643     return 0;
0644 }
0645 
0646 static inline void audit_fd_pair(int fd1, int fd2)
0647 { }
0648 static inline int audit_sockaddr(int len, void *addr)
0649 {
0650     return 0;
0651 }
0652 static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
0653 { }
0654 static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len,
0655                      unsigned int msg_prio,
0656                      const struct timespec64 *abs_timeout)
0657 { }
0658 static inline void audit_mq_notify(mqd_t mqdes,
0659                    const struct sigevent *notification)
0660 { }
0661 static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
0662 { }
0663 static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
0664                        const struct cred *new,
0665                        const struct cred *old)
0666 {
0667     return 0;
0668 }
0669 static inline void audit_log_capset(const struct cred *new,
0670                     const struct cred *old)
0671 { }
0672 static inline void audit_mmap_fd(int fd, int flags)
0673 { }
0674 
0675 static inline void audit_openat2_how(struct open_how *how)
0676 { }
0677 
0678 static inline void audit_log_kern_module(char *name)
0679 {
0680 }
0681 
0682 static inline void audit_fanotify(unsigned int response)
0683 { }
0684 
0685 static inline void audit_tk_injoffset(struct timespec64 offset)
0686 { }
0687 
0688 static inline void audit_ntp_init(struct audit_ntp_data *ad)
0689 { }
0690 
0691 static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
0692                      enum audit_ntp_type type, long long val)
0693 { }
0694 
0695 static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
0696                      enum audit_ntp_type type, long long val)
0697 { }
0698 
0699 static inline void audit_ntp_log(const struct audit_ntp_data *ad)
0700 { }
0701 
0702 static inline void audit_ptrace(struct task_struct *t)
0703 { }
0704 
0705 static inline void audit_log_nfcfg(const char *name, u8 af,
0706                    unsigned int nentries,
0707                    enum audit_nfcfgop op, gfp_t gfp)
0708 { }
0709 
0710 #define audit_n_rules 0
0711 #define audit_signals 0
0712 #endif /* CONFIG_AUDITSYSCALL */
0713 
0714 static inline bool audit_loginuid_set(struct task_struct *tsk)
0715 {
0716     return uid_valid(audit_get_loginuid(tsk));
0717 }
0718 
0719 #endif
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!