Unverified Commit 9b08a166 authored by Mickaël Salaün's avatar Mickaël Salaün
Browse files

lsm: Add audit_log_lsm_data() helper 



Extract code from dump_common_audit_data() into the audit_log_lsm_data()
helper. This helps reuse common LSM audit data while not abusing
AUDIT_AVC records because of the common_lsm_audit() helper.

Depends-on: 7ccbe076 ("lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set")
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: James Morris <jmorris@namei.org>
Cc: Serge E. Hallyn <serge@hallyn.com>
Acked-by: default avatarPaul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-2-mic@digikod.net


Reviewed-by: default avatarGünther Noack <gnoack3000@gmail.com>
Signed-off-by: default avatarMickaël Salaün <mic@digikod.net>
parent c5efa393

include/linux/lsm_audit.h

+8 −0
Original line number Diff line number Diff line
@@ -132,6 +132,9 @@ void common_lsm_audit(struct common_audit_data *a, 
	void (*pre_audit)(struct audit_buffer *, void *),

	void (*post_audit)(struct audit_buffer *, void *));



void audit_log_lsm_data(struct audit_buffer *ab,

			const struct common_audit_data *a);



#else /* CONFIG_AUDIT */



static inline void common_lsm_audit(struct common_audit_data *a,
@@ -140,6 +143,11 @@ static inline void common_lsm_audit(struct common_audit_data *a, 
{

}



static inline void audit_log_lsm_data(struct audit_buffer *ab,

			const struct common_audit_data *a)

{

}



#endif /* CONFIG_AUDIT */



#endif

security/lsm_audit.c

+18 −9
Original line number Diff line number Diff line
@@ -189,16 +189,13 @@ static inline void print_ipv4_addr(struct audit_buffer *ab, __be32 addr, 
}



/**

 * dump_common_audit_data - helper to dump common audit data

 * audit_log_lsm_data - helper to log common LSM audit data

 * @ab : the audit buffer

 * @a : common audit data

 *

 */

static void dump_common_audit_data(struct audit_buffer *ab,

				   struct common_audit_data *a)

void audit_log_lsm_data(struct audit_buffer *ab,

			const struct common_audit_data *a)

{

	char comm[sizeof(current->comm)];



	/*

	 * To keep stack sizes in check force programmers to notice if they

	 * start making this union too large!  See struct lsm_network_audit
@@ -206,9 +203,6 @@ static void dump_common_audit_data(struct audit_buffer *ab, 
	 */

	BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2);



	audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current));

	audit_log_untrustedstring(ab, get_task_comm(comm, current));



	switch (a->type) {

	case LSM_AUDIT_DATA_NONE:

		return;
@@ -431,6 +425,21 @@ static void dump_common_audit_data(struct audit_buffer *ab, 
	} /* switch (a->type) */

}



/**

 * dump_common_audit_data - helper to dump common audit data

 * @ab : the audit buffer

 * @a : common audit data

 */

static void dump_common_audit_data(struct audit_buffer *ab,

				   const struct common_audit_data *a)

{

	char comm[sizeof(current->comm)];



	audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current));

	audit_log_untrustedstring(ab, get_task_comm(comm, current));

	audit_log_lsm_data(ab, a);

}



/**

 * common_lsm_audit - generic LSM auditing function

 * @a:  auxiliary audit data