[PATCH] audit: more syscall classes added
authorAl Viro <viro@zeniv.linux.org.uk>
Thu, 31 Aug 2006 23:05:56 +0000 (19:05 -0400)
committerAl Viro <viro@zeniv.linux.org.uk>
Mon, 11 Sep 2006 17:32:27 +0000 (13:32 -0400)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
12 files changed:
arch/i386/kernel/audit.c
arch/ia64/ia32/audit.c
arch/ia64/kernel/audit.c
arch/powerpc/kernel/audit.c
arch/powerpc/kernel/compat_audit.c
arch/s390/kernel/audit.c
arch/s390/kernel/compat_audit.c
arch/x86_64/ia32/audit.c
arch/x86_64/kernel/audit.c
include/asm-generic/audit_read.h [new file with mode: 0644]
include/asm-generic/audit_write.h [new file with mode: 0644]
include/linux/audit.h

index 5a53c6f371ffca5cde185e266ee417441dec8984..28bbc46f75c2696f6ecc6ed73e1f1a5c53c294eb 100644 (file)
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
 ~0U
 };
 
+static unsigned read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
+
+static unsigned write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
 static unsigned chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
@@ -15,6 +25,8 @@ static unsigned chattr_class[] = {
 
 static int __init audit_classes_init(void)
 {
+       audit_register_class(AUDIT_CLASS_WRITE, write_class);
+       audit_register_class(AUDIT_CLASS_READ, read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
        return 0;
index ab94f2e58cdd83ad98d7eb4f77666689ed64d779..798501994bd937b8f2bc6e17321c6f2aa2eb384b 100644 (file)
@@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
 };
+
+unsigned ia32_write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
+unsigned ia32_read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
index f2512931ccafd7a1d6ed37702fb2ac48b0fe287a..99488cdbf5cd06542747d41316859506389094b1 100644 (file)
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
 ~0U
 };
 
+static unsigned read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
+
+static unsigned write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
 static unsigned chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
 {
 #ifdef CONFIG_IA32_SUPPORT
        extern __u32 ia32_dir_class[];
+       extern __u32 ia32_write_class[];
+       extern __u32 ia32_read_class[];
        extern __u32 ia32_chattr_class[];
+       audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class);
+       audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class);
 #endif
+       audit_register_class(AUDIT_CLASS_WRITE, write_class);
+       audit_register_class(AUDIT_CLASS_READ, read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
        return 0;
index caf085a19234f01d16753c62bf388f90734134f8..24a65e3724e14fd9bd58ae3027570e3fc923079c 100644 (file)
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
 ~0U
 };
 
+static unsigned read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
+
+static unsigned write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
 static unsigned chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
 {
 #ifdef CONFIG_PPC64
        extern __u32 ppc32_dir_class[];
+       extern __u32 ppc32_write_class[];
+       extern __u32 ppc32_read_class[];
        extern __u32 ppc32_chattr_class[];
+       audit_register_class(AUDIT_CLASS_WRITE_32, ppc32_write_class);
+       audit_register_class(AUDIT_CLASS_READ_32, ppc32_read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ppc32_dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR_32, ppc32_chattr_class);
 #endif
+       audit_register_class(AUDIT_CLASS_WRITE, write_class);
+       audit_register_class(AUDIT_CLASS_READ, read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
        return 0;
index dbbb8b81f1d90c6cbc894282ec14199a4b4ee70d..ddc0a64896a24e886aa12ebfdf14b26125746906 100644 (file)
@@ -10,3 +10,13 @@ unsigned ppc32_chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
 };
+
+unsigned ppc32_write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
+unsigned ppc32_read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
index c26cd6cb23197ad0a547d8808035c8b0562f1ea8..cde57039334cdd50f775a02b8400b5f381b60051 100644 (file)
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
 ~0U
 };
 
+static unsigned read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
+
+static unsigned write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
 static unsigned chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
 {
 #ifdef CONFIG_COMPAT
        extern __u32 s390_dir_class[];
+       extern __u32 s390_write_class[];
+       extern __u32 s390_read_class[];
        extern __u32 s390_chattr_class[];
+       audit_register_class(AUDIT_CLASS_WRITE_32, s390_write_class);
+       audit_register_class(AUDIT_CLASS_READ_32, s390_read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE_32, s390_dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR_32, s390_chattr_class);
 #endif
+       audit_register_class(AUDIT_CLASS_WRITE, write_class);
+       audit_register_class(AUDIT_CLASS_READ, read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
        return 0;
index 1a7d34fecf6705dbfb26949c7f9c58e428684340..d9e5f3540d4847a0c6d03893e15e8d6c693e846e 100644 (file)
@@ -10,3 +10,13 @@ unsigned s390_chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
 };
+
+unsigned s390_write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
+unsigned s390_read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
index ab94f2e58cdd83ad98d7eb4f77666689ed64d779..798501994bd937b8f2bc6e17321c6f2aa2eb384b 100644 (file)
@@ -9,3 +9,13 @@ unsigned ia32_chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
 };
+
+unsigned ia32_write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
+unsigned ia32_read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
index a067aa468a853229a2d0816b522fbc44faa32400..36840acb65133792563e21c2c811bf9426b49820 100644 (file)
@@ -8,6 +8,16 @@ static unsigned dir_class[] = {
 ~0U
 };
 
+static unsigned read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
+
+static unsigned write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+
 static unsigned chattr_class[] = {
 #include <asm-generic/audit_change_attr.h>
 ~0U
@@ -17,10 +27,16 @@ static int __init audit_classes_init(void)
 {
 #ifdef CONFIG_IA32_EMULATION
        extern __u32 ia32_dir_class[];
+       extern __u32 ia32_write_class[];
+       extern __u32 ia32_read_class[];
        extern __u32 ia32_chattr_class[];
+       audit_register_class(AUDIT_CLASS_WRITE_32, ia32_write_class);
+       audit_register_class(AUDIT_CLASS_READ_32, ia32_read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE_32, ia32_dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR_32, ia32_chattr_class);
 #endif
+       audit_register_class(AUDIT_CLASS_WRITE, write_class);
+       audit_register_class(AUDIT_CLASS_READ, read_class);
        audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
        audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
        return 0;
diff --git a/include/asm-generic/audit_read.h b/include/asm-generic/audit_read.h
new file mode 100644 (file)
index 0000000..0e87464
--- /dev/null
@@ -0,0 +1,8 @@
+__NR_readlink,
+__NR_quotactl,
+__NR_listxattr,
+__NR_llistxattr,
+__NR_flistxattr,
+__NR_getxattr,
+__NR_lgetxattr,
+__NR_fgetxattr,
diff --git a/include/asm-generic/audit_write.h b/include/asm-generic/audit_write.h
new file mode 100644 (file)
index 0000000..f10d367
--- /dev/null
@@ -0,0 +1,11 @@
+#include <asm-generic/audit_dir_write.h>
+__NR_acct,
+__NR_swapon,
+__NR_quotactl,
+__NR_truncate,
+#ifdef __NR_truncate64
+__NR_truncate64,
+#endif
+#ifdef __NR_bind
+__NR_bind,             /* bind can affect fs object only in one way... */
+#endif
index 64f9f9e56ac5c6d0d5b572e1cffd99cb9b8d917e..1077362a2efb9594425c98fa839dd5ca72545652 100644 (file)
 #define AUDIT_CLASS_DIR_WRITE_32 1
 #define AUDIT_CLASS_CHATTR 2
 #define AUDIT_CLASS_CHATTR_32 3
+#define AUDIT_CLASS_READ 4
+#define AUDIT_CLASS_READ_32 5
+#define AUDIT_CLASS_WRITE 6
+#define AUDIT_CLASS_WRITE_32 7
 
 /* This bitmask is used to validate user input.  It represents all bits that
  * are currently used in an audit field constant understood by the kernel.