| 1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
|---|
| 2 | /* |
|---|
| 3 | * Landlock - Audit helpers |
|---|
| 4 | * |
|---|
| 5 | * Copyright © 2023-2025 Microsoft Corporation |
|---|
| 6 | */ |
|---|
| 7 | |
|---|
| 8 | #ifndef _SECURITY_LANDLOCK_AUDIT_H |
|---|
| 9 | #define _SECURITY_LANDLOCK_AUDIT_H |
|---|
| 10 | |
|---|
| 11 | #include <linux/audit.h> |
|---|
| 12 | #include <linux/lsm_audit.h> |
|---|
| 13 | |
|---|
| 14 | #include "access.h" |
|---|
| 15 | #include "cred.h" |
|---|
| 16 | |
|---|
| 17 | enum landlock_request_type { |
|---|
| 18 | LANDLOCK_REQUEST_PTRACE = 1, |
|---|
| 19 | LANDLOCK_REQUEST_FS_CHANGE_TOPOLOGY, |
|---|
| 20 | LANDLOCK_REQUEST_FS_ACCESS, |
|---|
| 21 | LANDLOCK_REQUEST_NET_ACCESS, |
|---|
| 22 | LANDLOCK_REQUEST_SCOPE_ABSTRACT_UNIX_SOCKET, |
|---|
| 23 | LANDLOCK_REQUEST_SCOPE_SIGNAL, |
|---|
| 24 | }; |
|---|
| 25 | |
|---|
| 26 | /* |
|---|
| 27 | * We should be careful to only use a variable of this type for |
|---|
| 28 | * landlock_log_denial(). This way, the compiler can remove it entirely if |
|---|
| 29 | * CONFIG_AUDIT is not set. |
|---|
| 30 | */ |
|---|
| 31 | struct landlock_request { |
|---|
| 32 | /* Mandatory fields. */ |
|---|
| 33 | enum landlock_request_type type; |
|---|
| 34 | struct common_audit_data audit; |
|---|
| 35 | |
|---|
| 36 | /** |
|---|
| 37 | * layer_plus_one: First layer level that denies the request + 1. The |
|---|
| 38 | * extra one is useful to detect uninitialized field. |
|---|
| 39 | */ |
|---|
| 40 | size_t layer_plus_one; |
|---|
| 41 | |
|---|
| 42 | /* Required field for configurable access control. */ |
|---|
| 43 | access_mask_t access; |
|---|
| 44 | |
|---|
| 45 | /* Required fields for requests with layer masks. */ |
|---|
| 46 | const layer_mask_t (*layer_masks)[]; |
|---|
| 47 | size_t layer_masks_size; |
|---|
| 48 | |
|---|
| 49 | /* Required fields for requests with deny masks. */ |
|---|
| 50 | const access_mask_t all_existing_optional_access; |
|---|
| 51 | deny_masks_t deny_masks; |
|---|
| 52 | }; |
|---|
| 53 | |
|---|
| 54 | #ifdef CONFIG_AUDIT |
|---|
| 55 | |
|---|
| 56 | void landlock_log_drop_domain(const struct landlock_hierarchy *const hierarchy); |
|---|
| 57 | |
|---|
| 58 | void landlock_log_denial(const struct landlock_cred_security *const subject, |
|---|
| 59 | const struct landlock_request *const request); |
|---|
| 60 | |
|---|
| 61 | #else /* CONFIG_AUDIT */ |
|---|
| 62 | |
|---|
| 63 | static inline void |
|---|
| 64 | landlock_log_drop_domain(const struct landlock_hierarchy *const hierarchy) |
|---|
| 65 | { |
|---|
| 66 | } |
|---|
| 67 | |
|---|
| 68 | static inline void |
|---|
| 69 | landlock_log_denial(const struct landlock_cred_security *const subject, |
|---|
| 70 | const struct landlock_request *const request) |
|---|
| 71 | { |
|---|
| 72 | } |
|---|
| 73 | |
|---|
| 74 | #endif /* CONFIG_AUDIT */ |
|---|
| 75 | |
|---|
| 76 | #endif /* _SECURITY_LANDLOCK_AUDIT_H */ |
|---|
| 77 | |
|---|
