1 // SPDX-License-Identifier: GPL-2.0
5  * Copyright (C) 2005-2011  NTT DATA CORPORATION
12  * tomoyo_print_bprm - Print "struct linux_binprm" for auditing.
30 	unsigned long pos = bprm->p;  in tomoyo_print_bprm()
32 	int argv_count = bprm->argc;  in tomoyo_print_bprm()
33 	int envp_count = bprm->envc;  in tomoyo_print_bprm()
38 	len = snprintf(buffer, tomoyo_buffer_len - 1, "argv[]={ ");  in tomoyo_print_bprm()
48 		pos += PAGE_SIZE - offset;  in tomoyo_print_bprm()
51 			const char *kaddr = dump->data;  in tomoyo_print_bprm()
56 			if (cp >= buffer + tomoyo_buffer_len - 32) {  in tomoyo_print_bprm()
77 				if (--argv_count == 0) {  in tomoyo_print_bprm()
89 				if (--envp_count == 0) {  in tomoyo_print_bprm()
106 	snprintf(buffer, tomoyo_buffer_len - 1,  in tomoyo_print_bprm()
112  * tomoyo_filetype - Get string representation of file type.
141  * tomoyo_print_header - Get header line of audit log.
154 	struct tomoyo_obj_info *obj = r->obj;  in tomoyo_print_header()
165 	pos = snprintf(buffer, tomoyo_buffer_len - 1,  in tomoyo_print_header()
166 …"#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s granted=%s (global-pid=%u) task={ pid=%u ppid=…  in tomoyo_print_header()
168 		       stamp.min, stamp.sec, r->profile, tomoyo_mode[r->mode],  in tomoyo_print_header()
169 		       str_yes_no(r->granted), gpid, tomoyo_sys_getpid(),  in tomoyo_print_header()
181 	if (!obj->validate_done) {  in tomoyo_print_header()
183 		obj->validate_done = true;  in tomoyo_print_header()
190 		if (!obj->stat_valid[i])  in tomoyo_print_header()
192 		stat = &obj->stat[i];  in tomoyo_print_header()
193 		dev = stat->dev;  in tomoyo_print_header()
194 		mode = stat->mode;  in tomoyo_print_header()
197 					tomoyo_buffer_len - 1 - pos,  in tomoyo_print_header()
200 					from_kuid(&init_user_ns, stat->uid),  in tomoyo_print_header()
201 					from_kgid(&init_user_ns, stat->gid),  in tomoyo_print_header()
202 					(unsigned long)stat->ino,  in tomoyo_print_header()
203 					stat->mode & S_IALLUGO);  in tomoyo_print_header()
206 		pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,  in tomoyo_print_header()
209 				from_kuid(&init_user_ns, stat->uid),  in tomoyo_print_header()
210 				from_kgid(&init_user_ns, stat->gid),  in tomoyo_print_header()
211 				(unsigned long)stat->ino,  in tomoyo_print_header()
215 			dev = stat->rdev;  in tomoyo_print_header()
217 					tomoyo_buffer_len - 1 - pos,  in tomoyo_print_header()
221 		pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,  in tomoyo_print_header()
225 	if (pos < tomoyo_buffer_len - 1)  in tomoyo_print_header()
232  * tomoyo_init_log - Allocate buffer for audit logs.
253 	const char *domainname = r->domain->domainname->name;  in tomoyo_init_log()
260 	if (r->ee) {  in tomoyo_init_log()
261 		struct file *file = r->ee->bprm->file;  in tomoyo_init_log()
263 		realpath = tomoyo_realpath_from_path(&file->f_path);  in tomoyo_init_log()
264 		bprm_info = tomoyo_print_bprm(r->ee->bprm, &r->ee->dump);  in tomoyo_init_log()
269 	} else if (r->obj && r->obj->symlink_target) {  in tomoyo_init_log()
270 		symlink = r->obj->symlink_target->name;  in tomoyo_init_log()
278 	len--;  in tomoyo_init_log()
281 		struct linux_binprm *bprm = r->ee->bprm;  in tomoyo_init_log()
283 		pos += snprintf(buf + pos, len - pos,  in tomoyo_init_log()
285 				realpath, bprm->argc, bprm->envc, bprm_info);  in tomoyo_init_log()
287 		pos += snprintf(buf + pos, len - pos, " symlink.target=\"%s\"",  in tomoyo_init_log()
289 	pos += snprintf(buf + pos, len - pos, "\n%s\n", domainname);  in tomoyo_init_log()
290 	vsnprintf(buf + pos, len - pos, fmt, args);  in tomoyo_init_log()
318  * tomoyo_get_audit - Get audit mode.
341 	if (tomoyo_log_count >= p->pref[TOMOYO_PREF_MAX_AUDIT_LOG])  in tomoyo_get_audit()
343 	if (is_granted && matched_acl && matched_acl->cond &&  in tomoyo_get_audit()
344 	    matched_acl->cond->grant_log != TOMOYO_GRANTLOG_AUTO)  in tomoyo_get_audit()
345 		return matched_acl->cond->grant_log == TOMOYO_GRANTLOG_YES;  in tomoyo_get_audit()
346 	mode = p->config[index];  in tomoyo_get_audit()
348 		mode = p->config[category];  in tomoyo_get_audit()
350 		mode = p->default_config;  in tomoyo_get_audit()
357  * tomoyo_write_log2 - Write an audit log.
373 	if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type,  in tomoyo_write_log2()
374 			      r->matched_acl, r->granted))  in tomoyo_write_log2()
384 	entry->log = buf;  in tomoyo_write_log2()
387 	 * The entry->size is used for memory quota checks.  in tomoyo_write_log2()
388 	 * Don't go beyond strlen(entry->log).  in tomoyo_write_log2()
390 	entry->size = len + kmalloc_size_roundup(sizeof(*entry));  in tomoyo_write_log2()
393 	    tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] + entry->size >=  in tomoyo_write_log2()
397 		tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] += entry->size;  in tomoyo_write_log2()
398 		list_add_tail(&entry->list, &tomoyo_log);  in tomoyo_write_log2()
413  * tomoyo_write_log - Write an audit log.
434  * tomoyo_read_log - Read an audit log.
444 	if (head->r.w_pos)  in tomoyo_read_log()
446 	kfree(head->read_buf);  in tomoyo_read_log()
447 	head->read_buf = NULL;  in tomoyo_read_log()
451 		list_del(&ptr->list);  in tomoyo_read_log()
452 		tomoyo_log_count--;  in tomoyo_read_log()
453 		tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] -= ptr->size;  in tomoyo_read_log()
457 		head->read_buf = ptr->log;  in tomoyo_read_log()
458 		head->r.w[head->r.w_pos++] = head->read_buf;  in tomoyo_read_log()
464  * tomoyo_poll_log - Wait for an audit log.