[RFC PATCH v2 1/1] audit: Add generic compat syscall support
Will Deacon
will.deacon at arm.com
Mon Nov 25 19:01:54 UTC 2013
On Tue, Nov 19, 2013 at 09:43:55AM +0000, AKASHI Takahiro wrote:
> (v1 was created mistakenly. Please igore it.)
>
> lib/audit.c provides a generic definition for auditing system calls.
> lib/compat_audit.c similarly adds compat syscall support for
> bi-architectures (32/64-bit).
>
> Each architecture must define audit_is_compat() in asm/audit.h.
>
> Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org>
> ---
> include/linux/audit.h | 9 +++++++++
> lib/Makefile | 3 +++
> lib/audit.c | 17 +++++++++++++++++
> lib/compat_audit.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++
> 4 files changed, 80 insertions(+)
> create mode 100644 lib/compat_audit.c
>
> diff --git a/include/linux/audit.h b/include/linux/audit.h
> index 729a4d1..c49a312 100644
> --- a/include/linux/audit.h
> +++ b/include/linux/audit.h
> @@ -76,6 +76,15 @@ struct audit_field {
> extern int __init audit_register_class(int class, unsigned *list);
> extern int audit_classify_syscall(int abi, unsigned syscall);
> extern int audit_classify_arch(int arch);
> +#if defined(CONFIG_AUDIT_GENERIC) && defined(CONFIG_COMPAT)
> +extern unsigned compat_write_class[];
> +extern unsigned compat_read_class[];
> +extern unsigned compat_dir_class[];
> +extern unsigned compat_chattr_class[];
> +extern unsigned compat_signal_class[];
> +
> +extern int audit_classify_compat_syscall(int abi, unsigned syscall);
> +#endif
>
> /* audit_names->type values */
> #define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */
> diff --git a/lib/Makefile b/lib/Makefile
> index f3bb2cb..5bb185a 100644
> --- a/lib/Makefile
> +++ b/lib/Makefile
> @@ -96,6 +96,9 @@ obj-$(CONFIG_TEXTSEARCH_BM) += ts_bm.o
> obj-$(CONFIG_TEXTSEARCH_FSM) += ts_fsm.o
> obj-$(CONFIG_SMP) += percpu_counter.o
> obj-$(CONFIG_AUDIT_GENERIC) += audit.o
> +ifeq ($(CONFIG_COMPAT),y)
> +obj-$(CONFIG_AUDIT_GENERIC) += compat_audit.o
> +endif
>
> obj-$(CONFIG_SWIOTLB) += swiotlb.o
> obj-$(CONFIG_IOMMU_HELPER) += iommu-helper.o
> diff --git a/lib/audit.c b/lib/audit.c
> index 76bbed4..3bf3858 100644
> --- a/lib/audit.c
> +++ b/lib/audit.c
> @@ -1,6 +1,7 @@
> #include <linux/init.h>
> #include <linux/types.h>
> #include <linux/audit.h>
> +#include <asm/audit.h>
> #include <asm/unistd.h>
>
> static unsigned dir_class[] = {
> @@ -30,11 +31,20 @@ static unsigned signal_class[] = {
>
> int audit_classify_arch(int arch)
> {
> +#ifdef CONFIG_COMPAT
> + if (audit_is_compat(arch))
> + return 1;
> +#endif
> return 0;
> }
>
> int audit_classify_syscall(int abi, unsigned syscall)
> {
> +#ifdef CONFIG_COMPAT
> + if (audit_is_compat(abi))
> + return audit_classify_compat_syscall(abi, syscall);
> +#endif
Hmm, I'm not sure this is the right way to solve this problem. Whether
something is compat or not depends on the task to which it is associated. If
this is always the current task for the audit cases, then you can just use
something like is_compat_task. Otherwise, I think we need to get a handle on
the task_struct here. An arch-callback feels like the wrong approach to me.
Will
More information about the Linux-audit
mailing list