projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:


755d418019c8850b2a3688d875fc042a9ceaad59
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / tty / tty_audit.c
1 /*
2 * Creating audit events from TTY input.
3 *
4 * Copyright (C) 2007 Red Hat, Inc. All rights reserved. This copyrighted
5 * material is made available to anyone wishing to use, modify, copy, or
6 * redistribute it subject to the terms and conditions of the GNU General
7 * Public License v.2.
8 *
9 * Authors: Miloslav Trmac <mitr@redhat.com>
10 */
11
12 #include <linux/audit.h>
13 #include <linux/slab.h>
14 #include <linux/tty.h>
15
16 struct tty_audit_buf {
17 atomic_t count;
18 struct mutex mutex; /* Protects all data below */
19 int major, minor; /* The TTY which the data is from */
20 unsigned icanon:1;
21 size_t valid;
22 unsigned char *data; /* Allocated size N_TTY_BUF_SIZE */
23 };
24
25 static struct tty_audit_buf *tty_audit_buf_alloc(int major, int minor,
26 unsigned icanon)
27 {
28 struct tty_audit_buf *buf;
29
30 buf = kmalloc(sizeof(*buf), GFP_KERNEL);
31 if (!buf)
32 goto err;
33 buf->data = kmalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
34 if (!buf->data)
35 goto err_buf;
36 atomic_set(&buf->count, 1);
37 mutex_init(&buf->mutex);
38 buf->major = major;
39 buf->minor = minor;
40 buf->icanon = icanon;
41 buf->valid = 0;
42 return buf;
43
44 err_buf:
45 kfree(buf);
46 err:
47 return NULL;
48 }
49
50 static void tty_audit_buf_free(struct tty_audit_buf *buf)
51 {
52 WARN_ON(buf->valid != 0);
53 kfree(buf->data);
54 kfree(buf);
55 }
56
57 static void tty_audit_buf_put(struct tty_audit_buf *buf)
58 {
59 if (atomic_dec_and_test(&buf->count))
60 tty_audit_buf_free(buf);
61 }
62
63 static void tty_audit_log(const char *description, int major, int minor,
64 unsigned char *data, size_t size)
65 {
66 struct audit_buffer *ab;
67 struct task_struct *tsk = current;
68 uid_t uid = from_kuid(&init_user_ns, task_uid(tsk));
69 uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(tsk));
70 u32 sessionid = audit_get_sessionid(tsk);
71
72 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY);
73 if (ab) {
74 char name[sizeof(tsk->comm)];
75
76 audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u major=%d"
77 " minor=%d comm=", description, tsk->pid, uid,
78 loginuid, sessionid, major, minor);
79 get_task_comm(name, tsk);
80 audit_log_untrustedstring(ab, name);
81 audit_log_format(ab, " data=");
82 audit_log_n_hex(ab, data, size);
83 audit_log_end(ab);
84 }
85 }
86
87 /**
88 * tty_audit_buf_push - Push buffered data out
89 *
90 * Generate an audit message from the contents of @buf, which is owned by
91 * the current task. @buf->mutex must be locked.
92 */
93 static void tty_audit_buf_push(struct tty_audit_buf *buf)
94 {
95 if (buf->valid == 0)
96 return;
97 if (audit_enabled == 0) {
98 buf->valid = 0;
99 return;
100 }
101 tty_audit_log("tty", buf->major, buf->minor, buf->data, buf->valid);
102 buf->valid = 0;
103 }
104
105 /**
106 * tty_audit_exit - Handle a task exit
107 *
108 * Make sure all buffered data is written out and deallocate the buffer.
109 * Only needs to be called if current->signal->tty_audit_buf != %NULL.
110 */
111 void tty_audit_exit(void)
112 {
113 struct tty_audit_buf *buf;
114 unsigned long flags;
115
116 spin_lock_irqsave(&current->sighand->siglock, flags);
117 buf = current->signal->tty_audit_buf;
118 current->signal->tty_audit_buf = NULL;
119 spin_unlock_irqrestore(&current->sighand->siglock, flags);
120 if (!buf)
121 return;
122
123 mutex_lock(&buf->mutex);
124 tty_audit_buf_push(buf);
125 mutex_unlock(&buf->mutex);
126
127 tty_audit_buf_put(buf);
128 }
129
130 /**
131 * tty_audit_fork - Copy TTY audit state for a new task
132 *
133 * Set up TTY audit state in @sig from current. @sig needs no locking.
134 */
135 void tty_audit_fork(struct signal_struct *sig)
136 {
137 unsigned long flags;
138
139 spin_lock_irqsave(&current->sighand->siglock, flags);
140 sig->audit_tty = current->signal->audit_tty;
141 spin_unlock_irqrestore(&current->sighand->siglock, flags);
142 }
143
144 /**
145 * tty_audit_tiocsti - Log TIOCSTI
146 */
147 void tty_audit_tiocsti(struct tty_struct *tty, char ch)
148 {
149 struct tty_audit_buf *buf;
150 int major, minor, should_audit;
151 unsigned long flags;
152
153 spin_lock_irqsave(&current->sighand->siglock, flags);
154 should_audit = current->signal->audit_tty;
155 buf = current->signal->tty_audit_buf;
156 if (buf)
157 atomic_inc(&buf->count);
158 spin_unlock_irqrestore(&current->sighand->siglock, flags);
159
160 major = tty->driver->major;
161 minor = tty->driver->minor_start + tty->index;
162 if (buf) {
163 mutex_lock(&buf->mutex);
164 if (buf->major == major && buf->minor == minor)
165 tty_audit_buf_push(buf);
166 mutex_unlock(&buf->mutex);
167 tty_audit_buf_put(buf);
168 }
169
170 if (should_audit && audit_enabled) {
171 kuid_t auid;
172 unsigned int sessionid;
173
174 auid = audit_get_loginuid(current);
175 sessionid = audit_get_sessionid(current);
176 tty_audit_log("ioctl=TIOCSTI", major, minor, &ch, 1);
177 }
178 }
179
180 /**
181 * tty_audit_push_current - Flush current's pending audit data
182 *
183 * Try to lock sighand and get a reference to the tty audit buffer if available.
184 * Flush the buffer or return an appropriate error code.
185 */
186 int tty_audit_push_current(void)
187 {
188 struct tty_audit_buf *buf = ERR_PTR(-EPERM);
189 struct task_struct *tsk = current;
190 unsigned long flags;
191
192 if (!lock_task_sighand(tsk, &flags))
193 return -ESRCH;
194
195 if (tsk->signal->audit_tty) {
196 buf = tsk->signal->tty_audit_buf;
197 if (buf)
198 atomic_inc(&buf->count);
199 }
200 unlock_task_sighand(tsk, &flags);
201
202 /*
203 * Return 0 when signal->audit_tty set
204 * but tsk->signal->tty_audit_buf == NULL.
205 */
206 if (!buf || IS_ERR(buf))
207 return PTR_ERR(buf);
208
209 mutex_lock(&buf->mutex);
210 tty_audit_buf_push(buf);
211 mutex_unlock(&buf->mutex);
212
213 tty_audit_buf_put(buf);
214 return 0;
215 }
216
217 /**
218 * tty_audit_buf_get - Get an audit buffer.
219 *
220 * Get an audit buffer for @tty, allocate it if necessary. Return %NULL
221 * if TTY auditing is disabled or out of memory. Otherwise, return a new
222 * reference to the buffer.
223 */
224 static struct tty_audit_buf *tty_audit_buf_get(struct tty_struct *tty,
225 unsigned icanon)
226 {
227 struct tty_audit_buf *buf, *buf2;
228 unsigned long flags;
229
230 buf = NULL;
231 buf2 = NULL;
232 spin_lock_irqsave(&current->sighand->siglock, flags);
233 if (likely(!current->signal->audit_tty))
234 goto out;
235 buf = current->signal->tty_audit_buf;
236 if (buf) {
237 atomic_inc(&buf->count);
238 goto out;
239 }
240 spin_unlock_irqrestore(&current->sighand->siglock, flags);
241
242 buf2 = tty_audit_buf_alloc(tty->driver->major,
243 tty->driver->minor_start + tty->index,
244 icanon);
245 if (buf2 == NULL) {
246 audit_log_lost("out of memory in TTY auditing");
247 return NULL;
248 }
249
250 spin_lock_irqsave(&current->sighand->siglock, flags);
251 if (!current->signal->audit_tty)
252 goto out;
253 buf = current->signal->tty_audit_buf;
254 if (!buf) {
255 current->signal->tty_audit_buf = buf2;
256 buf = buf2;
257 buf2 = NULL;
258 }
259 atomic_inc(&buf->count);
260 /* Fall through */
261 out:
262 spin_unlock_irqrestore(&current->sighand->siglock, flags);
263 if (buf2)
264 tty_audit_buf_free(buf2);
265 return buf;
266 }
267
268 /**
269 * tty_audit_add_data - Add data for TTY auditing.
270 *
271 * Audit @data of @size from @tty, if necessary.
272 */
273 void tty_audit_add_data(struct tty_struct *tty, unsigned char *data,
274 size_t size, unsigned icanon)
275 {
276 struct tty_audit_buf *buf;
277 int major, minor;
278
279 if (unlikely(size == 0))
280 return;
281
282 if (tty->driver->type == TTY_DRIVER_TYPE_PTY
283 && tty->driver->subtype == PTY_TYPE_MASTER)
284 return;
285
286 buf = tty_audit_buf_get(tty, icanon);
287 if (!buf)
288 return;
289
290 mutex_lock(&buf->mutex);
291 major = tty->driver->major;
292 minor = tty->driver->minor_start + tty->index;
293 if (buf->major != major || buf->minor != minor
294 || buf->icanon != icanon) {
295 tty_audit_buf_push(buf);
296 buf->major = major;
297 buf->minor = minor;
298 buf->icanon = icanon;
299 }
300 do {
301 size_t run;
302
303 run = N_TTY_BUF_SIZE - buf->valid;
304 if (run > size)
305 run = size;
306 memcpy(buf->data + buf->valid, data, run);
307 buf->valid += run;
308 data += run;
309 size -= run;
310 if (buf->valid == N_TTY_BUF_SIZE)
311 tty_audit_buf_push(buf);
312 } while (size != 0);
313 mutex_unlock(&buf->mutex);
314 tty_audit_buf_put(buf);
315 }
316
317 /**
318 * tty_audit_push - Push buffered data out
319 *
320 * Make sure no audit data is pending for @tty on the current process.
321 */
322 void tty_audit_push(struct tty_struct *tty)
323 {
324 struct tty_audit_buf *buf;
325 unsigned long flags;
326
327 spin_lock_irqsave(&current->sighand->siglock, flags);
328 if (likely(!current->signal->audit_tty)) {
329 spin_unlock_irqrestore(&current->sighand->siglock, flags);
330 return;
331 }
332 buf = current->signal->tty_audit_buf;
333 if (buf)
334 atomic_inc(&buf->count);
335 spin_unlock_irqrestore(&current->sighand->siglock, flags);
336
337 if (buf) {
338 int major, minor;
339
340 major = tty->driver->major;
341 minor = tty->driver->minor_start + tty->index;
342 mutex_lock(&buf->mutex);
343 if (buf->major == major && buf->minor == minor)
344 tty_audit_buf_push(buf);
345 mutex_unlock(&buf->mutex);
346 tty_audit_buf_put(buf);
347 }
348 }
kernel source for telekom puls (alcatel/mediatek)