2 * security/tomoyo/audit.c
4 * Pathname restriction functions.
6 * Copyright (C) 2005-2010 NTT DATA CORPORATION
10 #include <linux/slab.h>
13 * tomoyo_filetype - Get string representation of file type.
15 * @mode: Mode value for stat().
17 * Returns file type string.
19 static inline const char *tomoyo_filetype(const mode_t mode)
21 switch (mode & S_IFMT) {
24 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_FILE];
26 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_DIRECTORY];
28 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_SYMLINK];
30 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_FIFO];
32 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_SOCKET];
34 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_BLOCK_DEV];
36 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_CHAR_DEV];
38 return "unknown"; /* This should not happen. */
42 * tomoyo_print_header - Get header line of audit log.
44 * @r: Pointer to "struct tomoyo_request_info".
46 * Returns string representation.
48 * This function uses kmalloc(), so caller must kfree() if this function
51 static char *tomoyo_print_header(struct tomoyo_request_info *r)
53 struct tomoyo_time stamp;
54 const pid_t gpid = task_pid_nr(current);
55 struct tomoyo_obj_info *obj = r->obj;
56 static const int tomoyo_buffer_len = 4096;
57 char *buffer = kmalloc(tomoyo_buffer_len, GFP_NOFS);
65 tomoyo_convert_time(tv.tv_sec, &stamp);
67 pos = snprintf(buffer, tomoyo_buffer_len - 1,
68 "#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s "
69 "granted=%s (global-pid=%u) task={ pid=%u ppid=%u "
70 "uid=%u gid=%u euid=%u egid=%u suid=%u sgid=%u "
71 "fsuid=%u fsgid=%u }", stamp.year, stamp.month,
72 stamp.day, stamp.hour, stamp.min, stamp.sec, r->profile,
73 tomoyo_mode[r->mode], tomoyo_yesno(r->granted), gpid,
74 tomoyo_sys_getpid(), tomoyo_sys_getppid(),
75 current_uid(), current_gid(), current_euid(),
76 current_egid(), current_suid(), current_sgid(),
77 current_fsuid(), current_fsgid());
80 if (!obj->validate_done) {
81 tomoyo_get_attributes(obj);
82 obj->validate_done = true;
84 for (i = 0; i < TOMOYO_MAX_PATH_STAT; i++) {
85 struct tomoyo_mini_stat *stat;
88 if (!obj->stat_valid[i])
94 pos += snprintf(buffer + pos,
95 tomoyo_buffer_len - 1 - pos,
96 " path%u.parent={ uid=%u gid=%u "
97 "ino=%lu perm=0%o }", (i >> 1) + 1,
98 stat->uid, stat->gid, (unsigned long)
99 stat->ino, stat->mode & S_IALLUGO);
102 pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,
103 " path%u={ uid=%u gid=%u ino=%lu major=%u"
104 " minor=%u perm=0%o type=%s", (i >> 1) + 1,
105 stat->uid, stat->gid, (unsigned long)
106 stat->ino, MAJOR(dev), MINOR(dev),
107 mode & S_IALLUGO, tomoyo_filetype(mode));
108 if (S_ISCHR(mode) || S_ISBLK(mode)) {
110 pos += snprintf(buffer + pos,
111 tomoyo_buffer_len - 1 - pos,
112 " dev_major=%u dev_minor=%u",
113 MAJOR(dev), MINOR(dev));
115 pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,
119 if (pos < tomoyo_buffer_len - 1)
126 * tomoyo_init_log - Allocate buffer for audit logs.
128 * @r: Pointer to "struct tomoyo_request_info".
129 * @len: Buffer size needed for @fmt and @args.
130 * @fmt: The printf()'s format string.
131 * @args: va_list structure for @fmt.
133 * Returns pointer to allocated memory.
135 * This function uses kzalloc(), so caller must kfree() if this function
136 * didn't return NULL.
138 char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt,
142 const char *header = NULL;
144 const char *domainname = r->domain->domainname->name;
145 header = tomoyo_print_header(r);
148 /* +10 is for '\n' etc. and '\0'. */
149 len += strlen(domainname) + strlen(header) + 10;
150 len = tomoyo_round2(len);
151 buf = kzalloc(len, GFP_NOFS);
155 pos = snprintf(buf, len, "%s", header);
156 pos += snprintf(buf + pos, len - pos, "\n%s\n", domainname);
157 vsnprintf(buf + pos, len - pos, fmt, args);
163 /* Wait queue for /sys/kernel/security/tomoyo/audit. */
164 static DECLARE_WAIT_QUEUE_HEAD(tomoyo_log_wait);
166 /* Structure for audit log. */
168 struct list_head list;
173 /* The list for "struct tomoyo_log". */
174 static LIST_HEAD(tomoyo_log);
176 /* Lock for "struct list_head tomoyo_log". */
177 static DEFINE_SPINLOCK(tomoyo_log_lock);
179 /* Length of "stuct list_head tomoyo_log". */
180 static unsigned int tomoyo_log_count;
183 * tomoyo_get_audit - Get audit mode.
185 * @ns: Pointer to "struct tomoyo_policy_namespace".
186 * @profile: Profile number.
187 * @index: Index number of functionality.
188 * @is_granted: True if granted log, false otherwise.
190 * Returns true if this request should be audited, false otherwise.
192 static bool tomoyo_get_audit(const struct tomoyo_policy_namespace *ns,
193 const u8 profile, const u8 index,
194 const bool is_granted)
197 const u8 category = tomoyo_index2category[index] +
198 TOMOYO_MAX_MAC_INDEX;
199 struct tomoyo_profile *p;
200 if (!tomoyo_policy_loaded)
202 p = tomoyo_profile(ns, profile);
203 if (tomoyo_log_count >= p->pref[TOMOYO_PREF_MAX_AUDIT_LOG])
205 mode = p->config[index];
206 if (mode == TOMOYO_CONFIG_USE_DEFAULT)
207 mode = p->config[category];
208 if (mode == TOMOYO_CONFIG_USE_DEFAULT)
209 mode = p->default_config;
211 return mode & TOMOYO_CONFIG_WANT_GRANT_LOG;
212 return mode & TOMOYO_CONFIG_WANT_REJECT_LOG;
216 * tomoyo_write_log2 - Write an audit log.
218 * @r: Pointer to "struct tomoyo_request_info".
219 * @len: Buffer size needed for @fmt and @args.
220 * @fmt: The printf()'s format string.
221 * @args: va_list structure for @fmt.
225 void tomoyo_write_log2(struct tomoyo_request_info *r, int len, const char *fmt,
229 struct tomoyo_log *entry;
230 bool quota_exceeded = false;
231 if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type, r->granted))
233 buf = tomoyo_init_log(r, len, fmt, args);
236 entry = kzalloc(sizeof(*entry), GFP_NOFS);
242 len = tomoyo_round2(strlen(buf) + 1);
244 * The entry->size is used for memory quota checks.
245 * Don't go beyond strlen(entry->log).
247 entry->size = len + tomoyo_round2(sizeof(*entry));
248 spin_lock(&tomoyo_log_lock);
249 if (tomoyo_memory_quota[TOMOYO_MEMORY_AUDIT] &&
250 tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] + entry->size >=
251 tomoyo_memory_quota[TOMOYO_MEMORY_AUDIT]) {
252 quota_exceeded = true;
254 tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] += entry->size;
255 list_add_tail(&entry->list, &tomoyo_log);
258 spin_unlock(&tomoyo_log_lock);
259 if (quota_exceeded) {
264 wake_up(&tomoyo_log_wait);
270 * tomoyo_write_log - Write an audit log.
272 * @r: Pointer to "struct tomoyo_request_info".
273 * @fmt: The printf()'s format string, followed by parameters.
277 void tomoyo_write_log(struct tomoyo_request_info *r, const char *fmt, ...)
282 len = vsnprintf((char *) &len, 1, fmt, args) + 1;
285 tomoyo_write_log2(r, len, fmt, args);
290 * tomoyo_read_log - Read an audit log.
292 * @head: Pointer to "struct tomoyo_io_buffer".
296 void tomoyo_read_log(struct tomoyo_io_buffer *head)
298 struct tomoyo_log *ptr = NULL;
301 kfree(head->read_buf);
302 head->read_buf = NULL;
303 spin_lock(&tomoyo_log_lock);
304 if (!list_empty(&tomoyo_log)) {
305 ptr = list_entry(tomoyo_log.next, typeof(*ptr), list);
306 list_del(&ptr->list);
308 tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] -= ptr->size;
310 spin_unlock(&tomoyo_log_lock);
312 head->read_buf = ptr->log;
313 head->r.w[head->r.w_pos++] = head->read_buf;
319 * tomoyo_poll_log - Wait for an audit log.
321 * @file: Pointer to "struct file".
322 * @wait: Pointer to "poll_table".
324 * Returns POLLIN | POLLRDNORM when ready to read an audit log.
326 int tomoyo_poll_log(struct file *file, poll_table *wait)
328 if (tomoyo_log_count)
329 return POLLIN | POLLRDNORM;
330 poll_wait(file, &tomoyo_log_wait, wait);
331 if (tomoyo_log_count)
332 return POLLIN | POLLRDNORM;