1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
2 | /* audit.h -- Auditing support |
3 | * |
4 | * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina. |
5 | * All Rights Reserved. |
6 | * |
7 | * Written by Rickard E. (Rik) Faith <faith@redhat.com> |
8 | */ |
9 | #ifndef _LINUX_AUDIT_H_ |
10 | #define _LINUX_AUDIT_H_ |
11 | |
12 | #include <linux/sched.h> |
13 | #include <linux/ptrace.h> |
14 | #include <linux/audit_arch.h> |
15 | #include <uapi/linux/audit.h> |
16 | #include <uapi/linux/netfilter/nf_tables.h> |
17 | |
18 | #define AUDIT_INO_UNSET ((unsigned long)-1) |
19 | #define AUDIT_DEV_UNSET ((dev_t)-1) |
20 | |
21 | struct audit_sig_info { |
22 | uid_t uid; |
23 | pid_t pid; |
24 | char ctx[]; |
25 | }; |
26 | |
27 | struct audit_buffer; |
28 | struct audit_context; |
29 | struct inode; |
30 | struct netlink_skb_parms; |
31 | struct path; |
32 | struct linux_binprm; |
33 | struct mq_attr; |
34 | struct mqstat; |
35 | struct audit_watch; |
36 | struct audit_tree; |
37 | struct sk_buff; |
38 | |
39 | struct audit_krule { |
40 | u32 pflags; |
41 | u32 flags; |
42 | u32 listnr; |
43 | u32 action; |
44 | u32 mask[AUDIT_BITMASK_SIZE]; |
45 | u32 buflen; /* for data alloc on list rules */ |
46 | u32 field_count; |
47 | char *filterkey; /* ties events to rules */ |
48 | struct audit_field *fields; |
49 | struct audit_field *arch_f; /* quick access to arch field */ |
50 | struct audit_field *inode_f; /* quick access to an inode field */ |
51 | struct audit_watch *watch; /* associated watch */ |
52 | struct audit_tree *tree; /* associated watched tree */ |
53 | struct audit_fsnotify_mark *exe; |
54 | struct list_head rlist; /* entry in audit_{watch,tree}.rules list */ |
55 | struct list_head list; /* for AUDIT_LIST* purposes only */ |
56 | u64 prio; |
57 | }; |
58 | |
59 | /* Flag to indicate legacy AUDIT_LOGINUID unset usage */ |
60 | #define AUDIT_LOGINUID_LEGACY 0x1 |
61 | |
62 | struct audit_field { |
63 | u32 type; |
64 | union { |
65 | u32 val; |
66 | kuid_t uid; |
67 | kgid_t gid; |
68 | struct { |
69 | char *lsm_str; |
70 | void *lsm_rule; |
71 | }; |
72 | }; |
73 | u32 op; |
74 | }; |
75 | |
76 | enum audit_ntp_type { |
77 | AUDIT_NTP_OFFSET, |
78 | AUDIT_NTP_FREQ, |
79 | AUDIT_NTP_STATUS, |
80 | AUDIT_NTP_TAI, |
81 | AUDIT_NTP_TICK, |
82 | AUDIT_NTP_ADJUST, |
83 | |
84 | AUDIT_NTP_NVALS /* count */ |
85 | }; |
86 | |
87 | #ifdef CONFIG_AUDITSYSCALL |
88 | struct audit_ntp_val { |
89 | long long oldval, newval; |
90 | }; |
91 | |
92 | struct audit_ntp_data { |
93 | struct audit_ntp_val vals[AUDIT_NTP_NVALS]; |
94 | }; |
95 | #else |
96 | struct audit_ntp_data {}; |
97 | #endif |
98 | |
99 | enum audit_nfcfgop { |
100 | AUDIT_XT_OP_REGISTER, |
101 | AUDIT_XT_OP_REPLACE, |
102 | AUDIT_XT_OP_UNREGISTER, |
103 | AUDIT_NFT_OP_TABLE_REGISTER, |
104 | AUDIT_NFT_OP_TABLE_UNREGISTER, |
105 | AUDIT_NFT_OP_CHAIN_REGISTER, |
106 | AUDIT_NFT_OP_CHAIN_UNREGISTER, |
107 | AUDIT_NFT_OP_RULE_REGISTER, |
108 | AUDIT_NFT_OP_RULE_UNREGISTER, |
109 | AUDIT_NFT_OP_SET_REGISTER, |
110 | AUDIT_NFT_OP_SET_UNREGISTER, |
111 | AUDIT_NFT_OP_SETELEM_REGISTER, |
112 | AUDIT_NFT_OP_SETELEM_UNREGISTER, |
113 | AUDIT_NFT_OP_GEN_REGISTER, |
114 | AUDIT_NFT_OP_OBJ_REGISTER, |
115 | AUDIT_NFT_OP_OBJ_UNREGISTER, |
116 | AUDIT_NFT_OP_OBJ_RESET, |
117 | AUDIT_NFT_OP_FLOWTABLE_REGISTER, |
118 | AUDIT_NFT_OP_FLOWTABLE_UNREGISTER, |
119 | AUDIT_NFT_OP_INVALID, |
120 | }; |
121 | |
122 | extern int __init audit_register_class(int class, unsigned *list); |
123 | extern int audit_classify_syscall(int abi, unsigned syscall); |
124 | extern int audit_classify_arch(int arch); |
125 | /* only for compat system calls */ |
126 | extern unsigned compat_write_class[]; |
127 | extern unsigned compat_read_class[]; |
128 | extern unsigned compat_dir_class[]; |
129 | extern unsigned compat_chattr_class[]; |
130 | extern unsigned compat_signal_class[]; |
131 | |
132 | extern int audit_classify_compat_syscall(int abi, unsigned syscall); |
133 | |
134 | /* audit_names->type values */ |
135 | #define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */ |
136 | #define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */ |
137 | #define AUDIT_TYPE_PARENT 2 /* a parent audit record */ |
138 | #define AUDIT_TYPE_CHILD_DELETE 3 /* a child being deleted */ |
139 | #define AUDIT_TYPE_CHILD_CREATE 4 /* a child being created */ |
140 | |
141 | /* maximized args number that audit_socketcall can process */ |
142 | #define AUDITSC_ARGS 6 |
143 | |
144 | /* bit values for ->signal->audit_tty */ |
145 | #define AUDIT_TTY_ENABLE BIT(0) |
146 | #define AUDIT_TTY_LOG_PASSWD BIT(1) |
147 | |
148 | struct filename; |
149 | |
150 | #define AUDIT_OFF 0 |
151 | #define AUDIT_ON 1 |
152 | #define AUDIT_LOCKED 2 |
153 | #ifdef CONFIG_AUDIT |
154 | /* These are defined in audit.c */ |
155 | /* Public API */ |
156 | extern __printf(4, 5) |
157 | void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type, |
158 | const char *fmt, ...); |
159 | |
160 | extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type); |
161 | extern __printf(2, 3) |
162 | void audit_log_format(struct audit_buffer *ab, const char *fmt, ...); |
163 | extern void audit_log_end(struct audit_buffer *ab); |
164 | extern bool audit_string_contains_control(const char *string, |
165 | size_t len); |
166 | extern void audit_log_n_hex(struct audit_buffer *ab, |
167 | const unsigned char *buf, |
168 | size_t len); |
169 | extern void audit_log_n_string(struct audit_buffer *ab, |
170 | const char *buf, |
171 | size_t n); |
172 | extern void audit_log_n_untrustedstring(struct audit_buffer *ab, |
173 | const char *string, |
174 | size_t n); |
175 | extern void audit_log_untrustedstring(struct audit_buffer *ab, |
176 | const char *string); |
177 | extern void audit_log_d_path(struct audit_buffer *ab, |
178 | const char *prefix, |
179 | const struct path *path); |
180 | extern void audit_log_key(struct audit_buffer *ab, |
181 | char *key); |
182 | extern void audit_log_path_denied(int type, |
183 | const char *operation); |
184 | extern void audit_log_lost(const char *message); |
185 | |
186 | extern int audit_log_task_context(struct audit_buffer *ab); |
187 | extern void audit_log_task_info(struct audit_buffer *ab); |
188 | |
189 | extern int audit_update_lsm_rules(void); |
190 | |
191 | /* Private API (for audit.c only) */ |
192 | extern int audit_rule_change(int type, int seq, void *data, size_t datasz); |
193 | extern int audit_list_rules_send(struct sk_buff *request_skb, int seq); |
194 | |
195 | extern int audit_set_loginuid(kuid_t loginuid); |
196 | |
197 | static inline kuid_t audit_get_loginuid(struct task_struct *tsk) |
198 | { |
199 | return tsk->loginuid; |
200 | } |
201 | |
202 | static inline unsigned int audit_get_sessionid(struct task_struct *tsk) |
203 | { |
204 | return tsk->sessionid; |
205 | } |
206 | |
207 | extern u32 audit_enabled; |
208 | |
209 | extern int audit_signal_info(int sig, struct task_struct *t); |
210 | |
211 | #else /* CONFIG_AUDIT */ |
212 | static inline __printf(4, 5) |
213 | void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type, |
214 | const char *fmt, ...) |
215 | { } |
216 | static inline struct audit_buffer *audit_log_start(struct audit_context *ctx, |
217 | gfp_t gfp_mask, int type) |
218 | { |
219 | return NULL; |
220 | } |
221 | static inline __printf(2, 3) |
222 | void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) |
223 | { } |
224 | static inline void audit_log_end(struct audit_buffer *ab) |
225 | { } |
226 | static inline void audit_log_n_hex(struct audit_buffer *ab, |
227 | const unsigned char *buf, size_t len) |
228 | { } |
229 | static inline void audit_log_n_string(struct audit_buffer *ab, |
230 | const char *buf, size_t n) |
231 | { } |
232 | static inline void audit_log_n_untrustedstring(struct audit_buffer *ab, |
233 | const char *string, size_t n) |
234 | { } |
235 | static inline void audit_log_untrustedstring(struct audit_buffer *ab, |
236 | const char *string) |
237 | { } |
238 | static inline void audit_log_d_path(struct audit_buffer *ab, |
239 | const char *prefix, |
240 | const struct path *path) |
241 | { } |
242 | static inline void audit_log_key(struct audit_buffer *ab, char *key) |
243 | { } |
244 | static inline void audit_log_path_denied(int type, const char *operation) |
245 | { } |
246 | static inline int audit_log_task_context(struct audit_buffer *ab) |
247 | { |
248 | return 0; |
249 | } |
250 | static inline void audit_log_task_info(struct audit_buffer *ab) |
251 | { } |
252 | |
253 | static inline kuid_t audit_get_loginuid(struct task_struct *tsk) |
254 | { |
255 | return INVALID_UID; |
256 | } |
257 | |
258 | static inline unsigned int audit_get_sessionid(struct task_struct *tsk) |
259 | { |
260 | return AUDIT_SID_UNSET; |
261 | } |
262 | |
263 | #define audit_enabled AUDIT_OFF |
264 | |
265 | static inline int audit_signal_info(int sig, struct task_struct *t) |
266 | { |
267 | return 0; |
268 | } |
269 | |
270 | #endif /* CONFIG_AUDIT */ |
271 | |
272 | #ifdef CONFIG_AUDIT_COMPAT_GENERIC |
273 | #define audit_is_compat(arch) (!((arch) & __AUDIT_ARCH_64BIT)) |
274 | #else |
275 | #define audit_is_compat(arch) false |
276 | #endif |
277 | |
278 | #define AUDIT_INODE_PARENT 1 /* dentry represents the parent */ |
279 | #define AUDIT_INODE_HIDDEN 2 /* audit record should be hidden */ |
280 | #define AUDIT_INODE_NOEVAL 4 /* audit record incomplete */ |
281 | |
282 | #ifdef CONFIG_AUDITSYSCALL |
283 | #include <asm/syscall.h> /* for syscall_get_arch() */ |
284 | |
285 | /* These are defined in auditsc.c */ |
286 | /* Public API */ |
287 | extern int audit_alloc(struct task_struct *task); |
288 | extern void __audit_free(struct task_struct *task); |
289 | extern void __audit_uring_entry(u8 op); |
290 | extern void __audit_uring_exit(int success, long code); |
291 | extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1, |
292 | unsigned long a2, unsigned long a3); |
293 | extern void __audit_syscall_exit(int ret_success, long ret_value); |
294 | extern struct filename *__audit_reusename(const __user char *uptr); |
295 | extern void __audit_getname(struct filename *name); |
296 | extern void __audit_inode(struct filename *name, const struct dentry *dentry, |
297 | unsigned int flags); |
298 | extern void __audit_file(const struct file *); |
299 | extern void __audit_inode_child(struct inode *parent, |
300 | const struct dentry *dentry, |
301 | const unsigned char type); |
302 | extern void audit_seccomp(unsigned long syscall, long signr, int code); |
303 | extern void audit_seccomp_actions_logged(const char *names, |
304 | const char *old_names, int res); |
305 | extern void __audit_ptrace(struct task_struct *t); |
306 | |
307 | static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx) |
308 | { |
309 | task->audit_context = ctx; |
310 | } |
311 | |
312 | static inline struct audit_context *audit_context(void) |
313 | { |
314 | return current->audit_context; |
315 | } |
316 | |
317 | static inline bool audit_dummy_context(void) |
318 | { |
319 | void *p = audit_context(); |
320 | return !p || *(int *)p; |
321 | } |
322 | static inline void audit_free(struct task_struct *task) |
323 | { |
324 | if (unlikely(task->audit_context)) |
325 | __audit_free(task); |
326 | } |
327 | static inline void audit_uring_entry(u8 op) |
328 | { |
329 | /* |
330 | * We intentionally check audit_context() before audit_enabled as most |
331 | * Linux systems (as of ~2021) rely on systemd which forces audit to |
332 | * be enabled regardless of the user's audit configuration. |
333 | */ |
334 | if (unlikely(audit_context() && audit_enabled)) |
335 | __audit_uring_entry(op); |
336 | } |
337 | static inline void audit_uring_exit(int success, long code) |
338 | { |
339 | if (unlikely(audit_context())) |
340 | __audit_uring_exit(success, code); |
341 | } |
342 | static inline void audit_syscall_entry(int major, unsigned long a0, |
343 | unsigned long a1, unsigned long a2, |
344 | unsigned long a3) |
345 | { |
346 | if (unlikely(audit_context())) |
347 | __audit_syscall_entry(major, a0, a1, a2, a3); |
348 | } |
349 | static inline void audit_syscall_exit(void *pt_regs) |
350 | { |
351 | if (unlikely(audit_context())) { |
352 | int success = is_syscall_success(pt_regs); |
353 | long return_code = regs_return_value(pt_regs); |
354 | |
355 | __audit_syscall_exit(success, return_code); |
356 | } |
357 | } |
358 | static inline struct filename *audit_reusename(const __user char *name) |
359 | { |
360 | if (unlikely(!audit_dummy_context())) |
361 | return __audit_reusename(name); |
362 | return NULL; |
363 | } |
364 | static inline void audit_getname(struct filename *name) |
365 | { |
366 | if (unlikely(!audit_dummy_context())) |
367 | __audit_getname(name); |
368 | } |
369 | static inline void audit_inode(struct filename *name, |
370 | const struct dentry *dentry, |
371 | unsigned int aflags) { |
372 | if (unlikely(!audit_dummy_context())) |
373 | __audit_inode(name, dentry, aflags); |
374 | } |
375 | static inline void audit_file(struct file *file) |
376 | { |
377 | if (unlikely(!audit_dummy_context())) |
378 | __audit_file(file); |
379 | } |
380 | static inline void audit_inode_parent_hidden(struct filename *name, |
381 | const struct dentry *dentry) |
382 | { |
383 | if (unlikely(!audit_dummy_context())) |
384 | __audit_inode(name, dentry, |
385 | AUDIT_INODE_PARENT | AUDIT_INODE_HIDDEN); |
386 | } |
387 | static inline void audit_inode_child(struct inode *parent, |
388 | const struct dentry *dentry, |
389 | const unsigned char type) { |
390 | if (unlikely(!audit_dummy_context())) |
391 | __audit_inode_child(parent, dentry, type); |
392 | } |
393 | void audit_core_dumps(long signr); |
394 | |
395 | static inline void audit_ptrace(struct task_struct *t) |
396 | { |
397 | if (unlikely(!audit_dummy_context())) |
398 | __audit_ptrace(t); |
399 | } |
400 | |
401 | /* Private API (for audit.c only) */ |
402 | extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp); |
403 | extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode); |
404 | extern void __audit_bprm(struct linux_binprm *bprm); |
405 | extern int __audit_socketcall(int nargs, unsigned long *args); |
406 | extern int __audit_sockaddr(int len, void *addr); |
407 | extern void __audit_fd_pair(int fd1, int fd2); |
408 | extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr); |
409 | extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout); |
410 | extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification); |
411 | extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat); |
412 | extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm, |
413 | const struct cred *new, |
414 | const struct cred *old); |
415 | extern void __audit_log_capset(const struct cred *new, const struct cred *old); |
416 | extern void __audit_mmap_fd(int fd, int flags); |
417 | extern void __audit_openat2_how(struct open_how *how); |
418 | extern void __audit_log_kern_module(char *name); |
419 | extern void __audit_fanotify(unsigned int response); |
420 | extern void __audit_tk_injoffset(struct timespec64 offset); |
421 | extern void __audit_ntp_log(const struct audit_ntp_data *ad); |
422 | extern void __audit_log_nfcfg(const char *name, u8 af, unsigned int nentries, |
423 | enum audit_nfcfgop op, gfp_t gfp); |
424 | |
425 | static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) |
426 | { |
427 | if (unlikely(!audit_dummy_context())) |
428 | __audit_ipc_obj(ipcp); |
429 | } |
430 | static inline void audit_fd_pair(int fd1, int fd2) |
431 | { |
432 | if (unlikely(!audit_dummy_context())) |
433 | __audit_fd_pair(fd1, fd2); |
434 | } |
435 | static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode) |
436 | { |
437 | if (unlikely(!audit_dummy_context())) |
438 | __audit_ipc_set_perm(qbytes, uid, gid, mode); |
439 | } |
440 | static inline void audit_bprm(struct linux_binprm *bprm) |
441 | { |
442 | if (unlikely(!audit_dummy_context())) |
443 | __audit_bprm(bprm); |
444 | } |
445 | static inline int audit_socketcall(int nargs, unsigned long *args) |
446 | { |
447 | if (unlikely(!audit_dummy_context())) |
448 | return __audit_socketcall(nargs, args); |
449 | return 0; |
450 | } |
451 | |
452 | static inline int audit_socketcall_compat(int nargs, u32 *args) |
453 | { |
454 | unsigned long a[AUDITSC_ARGS]; |
455 | int i; |
456 | |
457 | if (audit_dummy_context()) |
458 | return 0; |
459 | |
460 | for (i = 0; i < nargs; i++) |
461 | a[i] = (unsigned long)args[i]; |
462 | return __audit_socketcall(nargs, a); |
463 | } |
464 | |
465 | static inline int audit_sockaddr(int len, void *addr) |
466 | { |
467 | if (unlikely(!audit_dummy_context())) |
468 | return __audit_sockaddr(len, addr); |
469 | return 0; |
470 | } |
471 | static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) |
472 | { |
473 | if (unlikely(!audit_dummy_context())) |
474 | __audit_mq_open(oflag, mode, attr); |
475 | } |
476 | static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout) |
477 | { |
478 | if (unlikely(!audit_dummy_context())) |
479 | __audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout); |
480 | } |
481 | static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification) |
482 | { |
483 | if (unlikely(!audit_dummy_context())) |
484 | __audit_mq_notify(mqdes, notification); |
485 | } |
486 | static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) |
487 | { |
488 | if (unlikely(!audit_dummy_context())) |
489 | __audit_mq_getsetattr(mqdes, mqstat); |
490 | } |
491 | |
492 | static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm, |
493 | const struct cred *new, |
494 | const struct cred *old) |
495 | { |
496 | if (unlikely(!audit_dummy_context())) |
497 | return __audit_log_bprm_fcaps(bprm, new, old); |
498 | return 0; |
499 | } |
500 | |
501 | static inline void audit_log_capset(const struct cred *new, |
502 | const struct cred *old) |
503 | { |
504 | if (unlikely(!audit_dummy_context())) |
505 | __audit_log_capset(new, old); |
506 | } |
507 | |
508 | static inline void audit_mmap_fd(int fd, int flags) |
509 | { |
510 | if (unlikely(!audit_dummy_context())) |
511 | __audit_mmap_fd(fd, flags); |
512 | } |
513 | |
514 | static inline void audit_openat2_how(struct open_how *how) |
515 | { |
516 | if (unlikely(!audit_dummy_context())) |
517 | __audit_openat2_how(how); |
518 | } |
519 | |
520 | static inline void audit_log_kern_module(char *name) |
521 | { |
522 | if (!audit_dummy_context()) |
523 | __audit_log_kern_module(name); |
524 | } |
525 | |
526 | static inline void audit_fanotify(unsigned int response) |
527 | { |
528 | if (!audit_dummy_context()) |
529 | __audit_fanotify(response); |
530 | } |
531 | |
532 | static inline void audit_tk_injoffset(struct timespec64 offset) |
533 | { |
534 | /* ignore no-op events */ |
535 | if (offset.tv_sec == 0 && offset.tv_nsec == 0) |
536 | return; |
537 | |
538 | if (!audit_dummy_context()) |
539 | __audit_tk_injoffset(offset); |
540 | } |
541 | |
542 | static inline void audit_ntp_init(struct audit_ntp_data *ad) |
543 | { |
544 | memset(ad, 0, sizeof(*ad)); |
545 | } |
546 | |
547 | static inline void audit_ntp_set_old(struct audit_ntp_data *ad, |
548 | enum audit_ntp_type type, long long val) |
549 | { |
550 | ad->vals[type].oldval = val; |
551 | } |
552 | |
553 | static inline void audit_ntp_set_new(struct audit_ntp_data *ad, |
554 | enum audit_ntp_type type, long long val) |
555 | { |
556 | ad->vals[type].newval = val; |
557 | } |
558 | |
559 | static inline void audit_ntp_log(const struct audit_ntp_data *ad) |
560 | { |
561 | if (!audit_dummy_context()) |
562 | __audit_ntp_log(ad); |
563 | } |
564 | |
565 | static inline void audit_log_nfcfg(const char *name, u8 af, |
566 | unsigned int nentries, |
567 | enum audit_nfcfgop op, gfp_t gfp) |
568 | { |
569 | if (audit_enabled) |
570 | __audit_log_nfcfg(name, af, nentries, op, gfp); |
571 | } |
572 | |
573 | extern int audit_n_rules; |
574 | extern int audit_signals; |
575 | #else /* CONFIG_AUDITSYSCALL */ |
576 | static inline int audit_alloc(struct task_struct *task) |
577 | { |
578 | return 0; |
579 | } |
580 | static inline void audit_free(struct task_struct *task) |
581 | { } |
582 | static inline void audit_uring_entry(u8 op) |
583 | { } |
584 | static inline void audit_uring_exit(int success, long code) |
585 | { } |
586 | static inline void audit_syscall_entry(int major, unsigned long a0, |
587 | unsigned long a1, unsigned long a2, |
588 | unsigned long a3) |
589 | { } |
590 | static inline void audit_syscall_exit(void *pt_regs) |
591 | { } |
592 | static inline bool audit_dummy_context(void) |
593 | { |
594 | return true; |
595 | } |
596 | static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx) |
597 | { } |
598 | static inline struct audit_context *audit_context(void) |
599 | { |
600 | return NULL; |
601 | } |
602 | static inline struct filename *audit_reusename(const __user char *name) |
603 | { |
604 | return NULL; |
605 | } |
606 | static inline void audit_getname(struct filename *name) |
607 | { } |
608 | static inline void audit_inode(struct filename *name, |
609 | const struct dentry *dentry, |
610 | unsigned int aflags) |
611 | { } |
612 | static inline void audit_file(struct file *file) |
613 | { |
614 | } |
615 | static inline void audit_inode_parent_hidden(struct filename *name, |
616 | const struct dentry *dentry) |
617 | { } |
618 | static inline void audit_inode_child(struct inode *parent, |
619 | const struct dentry *dentry, |
620 | const unsigned char type) |
621 | { } |
622 | static inline void audit_core_dumps(long signr) |
623 | { } |
624 | static inline void audit_seccomp(unsigned long syscall, long signr, int code) |
625 | { } |
626 | static inline void audit_seccomp_actions_logged(const char *names, |
627 | const char *old_names, int res) |
628 | { } |
629 | static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) |
630 | { } |
631 | static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, |
632 | gid_t gid, umode_t mode) |
633 | { } |
634 | static inline void audit_bprm(struct linux_binprm *bprm) |
635 | { } |
636 | static inline int audit_socketcall(int nargs, unsigned long *args) |
637 | { |
638 | return 0; |
639 | } |
640 | |
641 | static inline int audit_socketcall_compat(int nargs, u32 *args) |
642 | { |
643 | return 0; |
644 | } |
645 | |
646 | static inline void audit_fd_pair(int fd1, int fd2) |
647 | { } |
648 | static inline int audit_sockaddr(int len, void *addr) |
649 | { |
650 | return 0; |
651 | } |
652 | static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) |
653 | { } |
654 | static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, |
655 | unsigned int msg_prio, |
656 | const struct timespec64 *abs_timeout) |
657 | { } |
658 | static inline void audit_mq_notify(mqd_t mqdes, |
659 | const struct sigevent *notification) |
660 | { } |
661 | static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) |
662 | { } |
663 | static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm, |
664 | const struct cred *new, |
665 | const struct cred *old) |
666 | { |
667 | return 0; |
668 | } |
669 | static inline void audit_log_capset(const struct cred *new, |
670 | const struct cred *old) |
671 | { } |
672 | static inline void audit_mmap_fd(int fd, int flags) |
673 | { } |
674 | |
675 | static inline void audit_openat2_how(struct open_how *how) |
676 | { } |
677 | |
678 | static inline void audit_log_kern_module(char *name) |
679 | { |
680 | } |
681 | |
682 | static inline void audit_fanotify(unsigned int response) |
683 | { } |
684 | |
685 | static inline void audit_tk_injoffset(struct timespec64 offset) |
686 | { } |
687 | |
688 | static inline void audit_ntp_init(struct audit_ntp_data *ad) |
689 | { } |
690 | |
691 | static inline void audit_ntp_set_old(struct audit_ntp_data *ad, |
692 | enum audit_ntp_type type, long long val) |
693 | { } |
694 | |
695 | static inline void audit_ntp_set_new(struct audit_ntp_data *ad, |
696 | enum audit_ntp_type type, long long val) |
697 | { } |
698 | |
699 | static inline void audit_ntp_log(const struct audit_ntp_data *ad) |
700 | { } |
701 | |
702 | static inline void audit_ptrace(struct task_struct *t) |
703 | { } |
704 | |
705 | static inline void audit_log_nfcfg(const char *name, u8 af, |
706 | unsigned int nentries, |
707 | enum audit_nfcfgop op, gfp_t gfp) |
708 | { } |
709 | |
710 | #define audit_n_rules 0 |
711 | #define audit_signals 0 |
712 | #endif /* CONFIG_AUDITSYSCALL */ |
713 | |
714 | static inline bool audit_loginuid_set(struct task_struct *tsk) |
715 | { |
716 | return uid_valid(audit_get_loginuid(tsk)); |
717 | } |
718 | |
719 | #endif |
720 | |