1
/*
2
 * Copyright (C) 2008 IBM Corporation
3
 * Author: Mimi Zohar <[email protected]>
4
 *
5
 * This program is free software; you can redistribute it and/or modify
6
 * it under the terms of the GNU General Public License as published by
7
 * the Free Software Foundation, version 2 of the License.
8
 *
9
 * File: integrity_audit.c
10
 * 	Audit calls for the integrity subsystem
11
 */
12

13
#include <linux/fs.h>
14
#include <linux/gfp.h>
15
#include <linux/audit.h>
16
#include "ima.h"
17

18
static int ima_audit;
19

20
#ifdef CONFIG_IMA_AUDIT
21

22
/* ima_audit_setup - enable informational auditing messages */
23
static int __init ima_audit_setup(char *str)
24
{
25
	unsigned long audit;
26

27
	if (!strict_strtoul(str, 0, &audit))
28
		ima_audit = audit ? 1 : 0;
29
	return 1;
30
}
31
__setup("ima_audit=", ima_audit_setup);
32
#endif
33

34
void integrity_audit_msg(int audit_msgno, struct inode *inode,
35
			 const unsigned char *fname, const char *op,
36
			 const char *cause, int result, int audit_info)
37
{
38
	struct audit_buffer *ab;
39

40
	if (!ima_audit && audit_info == 1) /* Skip informational messages */
41
		return;
42

43
	ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
44
	audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
45
			 current->pid, current_cred()->uid,
46
			 audit_get_loginuid(current),
47
			 audit_get_sessionid(current));
48
	audit_log_task_context(ab);
49
	audit_log_format(ab, " op=");
50
	audit_log_string(ab, op);
51
	audit_log_format(ab, " cause=");
52
	audit_log_string(ab, cause);
53
	audit_log_format(ab, " comm=");
54
	audit_log_untrustedstring(ab, current->comm);
55
	if (fname) {
56
		audit_log_format(ab, " name=");
57
		audit_log_untrustedstring(ab, fname);
58
	}
59
	if (inode)
60
		audit_log_format(ab, " dev=%s ino=%lu",
61
				 inode->i_sb->s_id, inode->i_ino);
62
	audit_log_format(ab, " res=%d", !result ? 0 : 1);
63
	audit_log_end(ab);
64
}
65

66