[PATCH] Audit of POSIX Message Queue Syscalls v.2
Amy Griffis
amy.griffis at hp.com
Wed May 24 21:32:21 UTC 2006
On Wed, May 24, 2006 at 04:09:55PM -0500, George C. Wilson wrote:
> @@ -1230,6 +1298,200 @@ uid_t audit_get_loginuid(struct audit_co
> }
>
> /**
> + * audit_mq_open - record audit data for a POSIX MQ open
> + * @oflag: open flag
> + * @mode: mode bits
> + * @u_attr: queue attributes
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
> +{
> + struct audit_aux_data_mq_open *ax;
> + struct audit_context *context = current->audit_context;
> +
> + if (!audit_enabled)
> + return 0;
Should be checking !context->in_syscall instead of !audit_enabled,
please see
https://www.redhat.com/archives/linux-audit/2006-May/msg00083.html
Same applies to all the new audit_mq_* routines.
> +
> + if (likely(!context))
> + return 0;
> +
> + ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> + if (!ax)
> + return -ENOMEM;
> +
> + if (u_attr != NULL) {
> + if (copy_from_user(&ax->attr, u_attr, sizeof(ax->attr)))
> + return -EFAULT;
> + } else
> + memset(&ax->attr, 0, sizeof(ax->attr));
> +
> + ax->oflag = oflag;
> + ax->mode = mode;
> +
> + ax->d.type = AUDIT_MQ_OPEN;
> + ax->d.next = context->aux;
> + context->aux = (void *)ax;
> + return 0;
> +}
> +
> +/**
> + * audit_mq_timedsend - record audit data for a POSIX MQ timed send
> + * @mqdes: MQ descriptor
> + * @msg_len: Message length
> + * @msg_prio: Message priority
> + * @abs_timeout: Message timeout in absolute time
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
> + const struct timespec __user *u_abs_timeout)
> +{
> + struct audit_aux_data_mq_sendrecv *ax;
> + struct audit_context *context = current->audit_context;
> +
> + if (!audit_enabled)
> + return 0;
> +
> + if (likely(!context))
> + return 0;
> +
> + ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> + if (!ax)
> + return -ENOMEM;
> +
> + if (u_abs_timeout != NULL) {
> + if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout)))
> + return -EFAULT;
> + } else
> + memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
> +
> + ax->mqdes = mqdes;
> + ax->msg_len = msg_len;
> + ax->msg_prio = msg_prio;
> +
> + ax->d.type = AUDIT_MQ_SENDRECV;
> + ax->d.next = context->aux;
> + context->aux = (void *)ax;
> + return 0;
> +}
> +
> +/**
> + * audit_mq_timedreceive - record audit data for a POSIX MQ timed receive
> + * @mqdes: MQ descriptor
> + * @msg_len: Message length
> + * @msg_prio: Message priority
> + * @abs_timeout: Message timeout in absolute time
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_timedreceive(mqd_t mqdes, size_t msg_len,
> + unsigned int __user *u_msg_prio,
> + const struct timespec __user *u_abs_timeout)
> +{
> + struct audit_aux_data_mq_sendrecv *ax;
> + struct audit_context *context = current->audit_context;
> +
> + if (!audit_enabled)
> + return 0;
> +
> + if (likely(!context))
> + return 0;
> +
> + ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> + if (!ax)
> + return -ENOMEM;
> +
> + if (u_msg_prio != NULL) {
> + if (get_user(ax->msg_prio, u_msg_prio))
> + return -EFAULT;
> + } else
> + ax->msg_prio = 0;
> +
> + if (u_abs_timeout != NULL) {
> + if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout)))
> + return -EFAULT;
> + } else
> + memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
> +
> + ax->mqdes = mqdes;
> + ax->msg_len = msg_len;
> +
> + ax->d.type = AUDIT_MQ_SENDRECV;
> + ax->d.next = context->aux;
> + context->aux = (void *)ax;
> + return 0;
> +}
> +
> +/**
> + * audit_mq_notify - record audit data for a POSIX MQ notify
> + * @mqdes: MQ descriptor
> + * @u_notification: Notification event
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +
> +int audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
> +{
> + struct audit_aux_data_mq_notify *ax;
> + struct audit_context *context = current->audit_context;
> +
> + if (!audit_enabled)
> + return 0;
> +
> + if (likely(!context))
> + return 0;
> +
> + ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> + if (!ax)
> + return -ENOMEM;
> +
> + if (u_notification != NULL) {
> + if (copy_from_user(&ax->notification, u_notification, sizeof(ax->notification)))
> + return -EFAULT;
> + } else
> + memset(&ax->notification, 0, sizeof(ax->notification));
> +
> + ax->mqdes = mqdes;
> +
> + ax->d.type = AUDIT_MQ_NOTIFY;
> + ax->d.next = context->aux;
> + context->aux = (void *)ax;
> + return 0;
> +}
> +
> +/**
> + * audit_mq_getsetattr - record audit data for a POSIX MQ get/set attribute
> + * @mqdes: MQ descriptor
> + * @mqstat: MQ flags
> + *
> + * Returns 0 for success or NULL context or < 0 on error.
> + */
> +int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
> +{
> + struct audit_aux_data_mq_getsetattr *ax;
> + struct audit_context *context = current->audit_context;
> +
> + if (!audit_enabled)
> + return 0;
> +
> + if (likely(!context))
> + return 0;
> +
> + ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
> + if (!ax)
> + return -ENOMEM;
> +
> + ax->mqdes = mqdes;
> + ax->mqstat = *mqstat;
> +
> + ax->d.type = AUDIT_MQ_GETSETATTR;
> + ax->d.next = context->aux;
> + context->aux = (void *)ax;
> + return 0;
> +}
> +
> +/**
> * audit_ipc_obj - record audit data for ipc object
> * @ipcp: ipc permissions
> *
> --
> George Wilson <ltcgcw at us.ibm.com>
> IBM Linux Technology Center
>
> --
> Linux-audit mailing list
> Linux-audit at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
>
More information about the Linux-audit
mailing list