[PATCH] audit: more syscall classes added
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro
Родитель
c08037997d
Коммит
dc104fb323
|
|
@ -8,6 +8,16 @@ static unsigned dir_class[] = {
|
|||
~0U
|
||||
};
|
||||
|
||||
static unsigned read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned chattr_class[] = {
|
||||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
|
|
@ -15,6 +25,8 @@ static unsigned chattr_class[] = {
|
|||
|
||||
static int __init audit_classes_init(void)
|
||||
{
|
||||
audit_register_class(AUDIT_CLASS_WRITE, write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ, read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = {
|
|||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned ia32_write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned ia32_read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
|
|
|||
|
|
@ -8,6 +8,16 @@ static unsigned dir_class[] = {
|
|||
~0U
|
||||
};
|
||||
|
||||
static unsigned read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned chattr_class[] = {
|
||||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
|
|
@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
|
|||
{
|
||||
#ifdef CONFIG_IA32_SUPPORT
|
||||
extern __u32 ia32_dir_class[];
|
||||
extern __u32 ia32_write_class[];
|
||||
extern __u32 ia32_read_class[];
|
||||
extern __u32 ia32_chattr_class[];
|
||||
audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class);
|
||||
#endif
|
||||
audit_register_class(AUDIT_CLASS_WRITE, write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ, read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -8,6 +8,16 @@ static unsigned dir_class[] = {
|
|||
~0U
|
||||
};
|
||||
|
||||
static unsigned read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned chattr_class[] = {
|
||||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
|
|
@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
|
|||
{
|
||||
#ifdef CONFIG_PPC64
|
||||
extern __u32 ppc32_dir_class[];
|
||||
extern __u32 ppc32_write_class[];
|
||||
extern __u32 ppc32_read_class[];
|
||||
extern __u32 ppc32_chattr_class[];
|
||||
audit_register_class(AUDIT_CLASS_WRITE_32, ppc32_write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ_32, ppc32_read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class);
|
||||
#endif
|
||||
audit_register_class(AUDIT_CLASS_WRITE, write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ, read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -10,3 +10,13 @@ unsigned ppc32_chattr_class[] = {
|
|||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned ppc32_write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned ppc32_read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
|
|
|||
|
|
@ -8,6 +8,16 @@ static unsigned dir_class[] = {
|
|||
~0U
|
||||
};
|
||||
|
||||
static unsigned read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned chattr_class[] = {
|
||||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
|
|
@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
|
|||
{
|
||||
#ifdef CONFIG_COMPAT
|
||||
extern __u32 s390_dir_class[];
|
||||
extern __u32 s390_write_class[];
|
||||
extern __u32 s390_read_class[];
|
||||
extern __u32 s390_chattr_class[];
|
||||
audit_register_class(AUDIT_CLASS_WRITE_32, s390_write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ_32, s390_read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class);
|
||||
#endif
|
||||
audit_register_class(AUDIT_CLASS_WRITE, write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ, read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -10,3 +10,13 @@ unsigned s390_chattr_class[] = {
|
|||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned s390_write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned s390_read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
|
|
|||
|
|
@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = {
|
|||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned ia32_write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
unsigned ia32_read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
|
|
|||
|
|
@ -8,6 +8,16 @@ static unsigned dir_class[] = {
|
|||
~0U
|
||||
};
|
||||
|
||||
static unsigned read_class[] = {
|
||||
#include <asm-generic/audit_read.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned write_class[] = {
|
||||
#include <asm-generic/audit_write.h>
|
||||
~0U
|
||||
};
|
||||
|
||||
static unsigned chattr_class[] = {
|
||||
#include <asm-generic/audit_change_attr.h>
|
||||
~0U
|
||||
|
|
@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
|
|||
{
|
||||
#ifdef CONFIG_IA32_EMULATION
|
||||
extern __u32 ia32_dir_class[];
|
||||
extern __u32 ia32_write_class[];
|
||||
extern __u32 ia32_read_class[];
|
||||
extern __u32 ia32_chattr_class[];
|
||||
audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class);
|
||||
#endif
|
||||
audit_register_class(AUDIT_CLASS_WRITE, write_class);
|
||||
audit_register_class(AUDIT_CLASS_READ, read_class);
|
||||
audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
|
||||
audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,8 @@
|
|||
__NR_readlink,
|
||||
__NR_quotactl,
|
||||
__NR_listxattr,
|
||||
__NR_llistxattr,
|
||||
__NR_flistxattr,
|
||||
__NR_getxattr,
|
||||
__NR_lgetxattr,
|
||||
__NR_fgetxattr,
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
#include <asm-generic/audit_dir_write.h>
|
||||
__NR_acct,
|
||||
__NR_swapon,
|
||||
__NR_quotactl,
|
||||
__NR_truncate,
|
||||
#ifdef __NR_truncate64
|
||||
__NR_truncate64,
|
||||
#endif
|
||||
#ifdef __NR_bind
|
||||
__NR_bind, /* bind can affect fs object only in one way... */
|
||||
#endif
|
||||
|
|
@ -132,6 +132,10 @@
|
|||
#define AUDIT_CLASS_DIR_WRITE_32 1
|
||||
#define AUDIT_CLASS_CHATTR 2
|
||||
#define AUDIT_CLASS_CHATTR_32 3
|
||||
#define AUDIT_CLASS_READ 4
|
||||
#define AUDIT_CLASS_READ_32 5
|
||||
#define AUDIT_CLASS_WRITE 6
|
||||
#define AUDIT_CLASS_WRITE_32 7
|
||||
|
||||
/* This bitmask is used to validate user input. It represents all bits that
|
||||
* are currently used in an audit field constant understood by the kernel.
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче