LCOV - code coverage report
Current view: top level - include/linux - audit.h (source / functions) Hit Total Coverage
Test: fstests of 6.5.0-rc3-achx @ Mon Jul 31 20:08:12 PDT 2023 Lines: 1 1 100.0 %
Date: 2023-07-31 20:08:12 Functions: 0 0 -

          Line data    Source code
       1             : /* SPDX-License-Identifier: GPL-2.0-or-later */
       2             : /* audit.h -- Auditing support
       3             :  *
       4             :  * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
       5             :  * All Rights Reserved.
       6             :  *
       7             :  * Written by Rickard E. (Rik) Faith <faith@redhat.com>
       8             :  */
       9             : #ifndef _LINUX_AUDIT_H_
      10             : #define _LINUX_AUDIT_H_
      11             : 
      12             : #include <linux/sched.h>
      13             : #include <linux/ptrace.h>
      14             : #include <linux/audit_arch.h>
      15             : #include <uapi/linux/audit.h>
      16             : #include <uapi/linux/netfilter/nf_tables.h>
      17             : #include <uapi/linux/fanotify.h>
      18             : 
      19             : #define AUDIT_INO_UNSET ((unsigned long)-1)
      20             : #define AUDIT_DEV_UNSET ((dev_t)-1)
      21             : 
      22             : struct audit_sig_info {
      23             :         uid_t           uid;
      24             :         pid_t           pid;
      25             :         char            ctx[];
      26             : };
      27             : 
      28             : struct audit_buffer;
      29             : struct audit_context;
      30             : struct inode;
      31             : struct netlink_skb_parms;
      32             : struct path;
      33             : struct linux_binprm;
      34             : struct mq_attr;
      35             : struct mqstat;
      36             : struct audit_watch;
      37             : struct audit_tree;
      38             : struct sk_buff;
      39             : 
      40             : struct audit_krule {
      41             :         u32                     pflags;
      42             :         u32                     flags;
      43             :         u32                     listnr;
      44             :         u32                     action;
      45             :         u32                     mask[AUDIT_BITMASK_SIZE];
      46             :         u32                     buflen; /* for data alloc on list rules */
      47             :         u32                     field_count;
      48             :         char                    *filterkey; /* ties events to rules */
      49             :         struct audit_field      *fields;
      50             :         struct audit_field      *arch_f; /* quick access to arch field */
      51             :         struct audit_field      *inode_f; /* quick access to an inode field */
      52             :         struct audit_watch      *watch; /* associated watch */
      53             :         struct audit_tree       *tree;  /* associated watched tree */
      54             :         struct audit_fsnotify_mark      *exe;
      55             :         struct list_head        rlist;  /* entry in audit_{watch,tree}.rules list */
      56             :         struct list_head        list;   /* for AUDIT_LIST* purposes only */
      57             :         u64                     prio;
      58             : };
      59             : 
      60             : /* Flag to indicate legacy AUDIT_LOGINUID unset usage */
      61             : #define AUDIT_LOGINUID_LEGACY           0x1
      62             : 
      63             : struct audit_field {
      64             :         u32                             type;
      65             :         union {
      66             :                 u32                     val;
      67             :                 kuid_t                  uid;
      68             :                 kgid_t                  gid;
      69             :                 struct {
      70             :                         char            *lsm_str;
      71             :                         void            *lsm_rule;
      72             :                 };
      73             :         };
      74             :         u32                             op;
      75             : };
      76             : 
      77             : enum audit_ntp_type {
      78             :         AUDIT_NTP_OFFSET,
      79             :         AUDIT_NTP_FREQ,
      80             :         AUDIT_NTP_STATUS,
      81             :         AUDIT_NTP_TAI,
      82             :         AUDIT_NTP_TICK,
      83             :         AUDIT_NTP_ADJUST,
      84             : 
      85             :         AUDIT_NTP_NVALS /* count */
      86             : };
      87             : 
      88             : #ifdef CONFIG_AUDITSYSCALL
      89             : struct audit_ntp_val {
      90             :         long long oldval, newval;
      91             : };
      92             : 
      93             : struct audit_ntp_data {
      94             :         struct audit_ntp_val vals[AUDIT_NTP_NVALS];
      95             : };
      96             : #else
      97             : struct audit_ntp_data {};
      98             : #endif
      99             : 
     100             : enum audit_nfcfgop {
     101             :         AUDIT_XT_OP_REGISTER,
     102             :         AUDIT_XT_OP_REPLACE,
     103             :         AUDIT_XT_OP_UNREGISTER,
     104             :         AUDIT_NFT_OP_TABLE_REGISTER,
     105             :         AUDIT_NFT_OP_TABLE_UNREGISTER,
     106             :         AUDIT_NFT_OP_CHAIN_REGISTER,
     107             :         AUDIT_NFT_OP_CHAIN_UNREGISTER,
     108             :         AUDIT_NFT_OP_RULE_REGISTER,
     109             :         AUDIT_NFT_OP_RULE_UNREGISTER,
     110             :         AUDIT_NFT_OP_SET_REGISTER,
     111             :         AUDIT_NFT_OP_SET_UNREGISTER,
     112             :         AUDIT_NFT_OP_SETELEM_REGISTER,
     113             :         AUDIT_NFT_OP_SETELEM_UNREGISTER,
     114             :         AUDIT_NFT_OP_GEN_REGISTER,
     115             :         AUDIT_NFT_OP_OBJ_REGISTER,
     116             :         AUDIT_NFT_OP_OBJ_UNREGISTER,
     117             :         AUDIT_NFT_OP_OBJ_RESET,
     118             :         AUDIT_NFT_OP_FLOWTABLE_REGISTER,
     119             :         AUDIT_NFT_OP_FLOWTABLE_UNREGISTER,
     120             :         AUDIT_NFT_OP_INVALID,
     121             : };
     122             : 
     123             : extern int __init audit_register_class(int class, unsigned *list);
     124             : extern int audit_classify_syscall(int abi, unsigned syscall);
     125             : extern int audit_classify_arch(int arch);
     126             : /* only for compat system calls */
     127             : extern unsigned compat_write_class[];
     128             : extern unsigned compat_read_class[];
     129             : extern unsigned compat_dir_class[];
     130             : extern unsigned compat_chattr_class[];
     131             : extern unsigned compat_signal_class[];
     132             : 
     133             : /* audit_names->type values */
     134             : #define AUDIT_TYPE_UNKNOWN      0       /* we don't know yet */
     135             : #define AUDIT_TYPE_NORMAL       1       /* a "normal" audit record */
     136             : #define AUDIT_TYPE_PARENT       2       /* a parent audit record */
     137             : #define AUDIT_TYPE_CHILD_DELETE 3       /* a child being deleted */
     138             : #define AUDIT_TYPE_CHILD_CREATE 4       /* a child being created */
     139             : 
     140             : /* maximized args number that audit_socketcall can process */
     141             : #define AUDITSC_ARGS            6
     142             : 
     143             : /* bit values for ->signal->audit_tty */
     144             : #define AUDIT_TTY_ENABLE        BIT(0)
     145             : #define AUDIT_TTY_LOG_PASSWD    BIT(1)
     146             : 
     147             : struct filename;
     148             : 
     149             : #define AUDIT_OFF       0
     150             : #define AUDIT_ON        1
     151             : #define AUDIT_LOCKED    2
     152             : #ifdef CONFIG_AUDIT
     153             : /* These are defined in audit.c */
     154             :                                 /* Public API */
     155             : extern __printf(4, 5)
     156             : void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
     157             :                const char *fmt, ...);
     158             : 
     159             : extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type);
     160             : extern __printf(2, 3)
     161             : void audit_log_format(struct audit_buffer *ab, const char *fmt, ...);
     162             : extern void                 audit_log_end(struct audit_buffer *ab);
     163             : extern bool                 audit_string_contains_control(const char *string,
     164             :                                                           size_t len);
     165             : extern void                 audit_log_n_hex(struct audit_buffer *ab,
     166             :                                           const unsigned char *buf,
     167             :                                           size_t len);
     168             : extern void                 audit_log_n_string(struct audit_buffer *ab,
     169             :                                                const char *buf,
     170             :                                                size_t n);
     171             : extern void                 audit_log_n_untrustedstring(struct audit_buffer *ab,
     172             :                                                         const char *string,
     173             :                                                         size_t n);
     174             : extern void                 audit_log_untrustedstring(struct audit_buffer *ab,
     175             :                                                       const char *string);
     176             : extern void                 audit_log_d_path(struct audit_buffer *ab,
     177             :                                              const char *prefix,
     178             :                                              const struct path *path);
     179             : extern void                 audit_log_key(struct audit_buffer *ab,
     180             :                                           char *key);
     181             : extern void                 audit_log_path_denied(int type,
     182             :                                                   const char *operation);
     183             : extern void                 audit_log_lost(const char *message);
     184             : 
     185             : extern int audit_log_task_context(struct audit_buffer *ab);
     186             : extern void audit_log_task_info(struct audit_buffer *ab);
     187             : 
     188             : extern int                  audit_update_lsm_rules(void);
     189             : 
     190             :                                 /* Private API (for audit.c only) */
     191             : extern int audit_rule_change(int type, int seq, void *data, size_t datasz);
     192             : extern int audit_list_rules_send(struct sk_buff *request_skb, int seq);
     193             : 
     194             : extern int audit_set_loginuid(kuid_t loginuid);
     195             : 
     196             : static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
     197             : {
     198             :         return tsk->loginuid;
     199             : }
     200             : 
     201             : static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
     202             : {
     203             :         return tsk->sessionid;
     204             : }
     205             : 
     206             : extern u32 audit_enabled;
     207             : 
     208             : extern int audit_signal_info(int sig, struct task_struct *t);
     209             : 
     210             : #else /* CONFIG_AUDIT */
     211             : static inline __printf(4, 5)
     212             : void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
     213             :                const char *fmt, ...)
     214             : { }
     215             : static inline struct audit_buffer *audit_log_start(struct audit_context *ctx,
     216             :                                                    gfp_t gfp_mask, int type)
     217             : {
     218             :         return NULL;
     219             : }
     220             : static inline __printf(2, 3)
     221             : void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
     222             : { }
     223             : static inline void audit_log_end(struct audit_buffer *ab)
     224             : { }
     225             : static inline void audit_log_n_hex(struct audit_buffer *ab,
     226             :                                    const unsigned char *buf, size_t len)
     227             : { }
     228             : static inline void audit_log_n_string(struct audit_buffer *ab,
     229             :                                       const char *buf, size_t n)
     230             : { }
     231             : static inline void  audit_log_n_untrustedstring(struct audit_buffer *ab,
     232             :                                                 const char *string, size_t n)
     233             : { }
     234             : static inline void audit_log_untrustedstring(struct audit_buffer *ab,
     235             :                                              const char *string)
     236             : { }
     237             : static inline void audit_log_d_path(struct audit_buffer *ab,
     238             :                                     const char *prefix,
     239             :                                     const struct path *path)
     240             : { }
     241             : static inline void audit_log_key(struct audit_buffer *ab, char *key)
     242             : { }
     243             : static inline void audit_log_path_denied(int type, const char *operation)
     244             : { }
     245             : static inline int audit_log_task_context(struct audit_buffer *ab)
     246             : {
     247             :         return 0;
     248             : }
     249             : static inline void audit_log_task_info(struct audit_buffer *ab)
     250             : { }
     251             : 
     252             : static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
     253             : {
     254             :         return INVALID_UID;
     255             : }
     256             : 
     257             : static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
     258             : {
     259             :         return AUDIT_SID_UNSET;
     260             : }
     261             : 
     262             : #define audit_enabled AUDIT_OFF
     263             : 
     264             : static inline int audit_signal_info(int sig, struct task_struct *t)
     265             : {
     266             :         return 0;
     267             : }
     268             : 
     269             : #endif /* CONFIG_AUDIT */
     270             : 
     271             : #ifdef CONFIG_AUDIT_COMPAT_GENERIC
     272             : #define audit_is_compat(arch)  (!((arch) & __AUDIT_ARCH_64BIT))
     273             : #else
     274             : #define audit_is_compat(arch)  false
     275             : #endif
     276             : 
     277             : #define AUDIT_INODE_PARENT      1       /* dentry represents the parent */
     278             : #define AUDIT_INODE_HIDDEN      2       /* audit record should be hidden */
     279             : #define AUDIT_INODE_NOEVAL      4       /* audit record incomplete */
     280             : 
     281             : #ifdef CONFIG_AUDITSYSCALL
     282             : #include <asm/syscall.h> /* for syscall_get_arch() */
     283             : 
     284             : /* These are defined in auditsc.c */
     285             :                                 /* Public API */
     286             : extern int  audit_alloc(struct task_struct *task);
     287             : extern void __audit_free(struct task_struct *task);
     288             : extern void __audit_uring_entry(u8 op);
     289             : extern void __audit_uring_exit(int success, long code);
     290             : extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1,
     291             :                                   unsigned long a2, unsigned long a3);
     292             : extern void __audit_syscall_exit(int ret_success, long ret_value);
     293             : extern struct filename *__audit_reusename(const __user char *uptr);
     294             : extern void __audit_getname(struct filename *name);
     295             : extern void __audit_inode(struct filename *name, const struct dentry *dentry,
     296             :                                 unsigned int flags);
     297             : extern void __audit_file(const struct file *);
     298             : extern void __audit_inode_child(struct inode *parent,
     299             :                                 const struct dentry *dentry,
     300             :                                 const unsigned char type);
     301             : extern void audit_seccomp(unsigned long syscall, long signr, int code);
     302             : extern void audit_seccomp_actions_logged(const char *names,
     303             :                                          const char *old_names, int res);
     304             : extern void __audit_ptrace(struct task_struct *t);
     305             : 
     306             : static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
     307             : {
     308             :         task->audit_context = ctx;
     309             : }
     310             : 
     311             : static inline struct audit_context *audit_context(void)
     312             : {
     313             :         return current->audit_context;
     314             : }
     315             : 
     316             : static inline bool audit_dummy_context(void)
     317             : {
     318             :         void *p = audit_context();
     319             :         return !p || *(int *)p;
     320             : }
     321             : static inline void audit_free(struct task_struct *task)
     322             : {
     323             :         if (unlikely(task->audit_context))
     324             :                 __audit_free(task);
     325             : }
     326             : static inline void audit_uring_entry(u8 op)
     327             : {
     328             :         /*
     329             :          * We intentionally check audit_context() before audit_enabled as most
     330             :          * Linux systems (as of ~2021) rely on systemd which forces audit to
     331             :          * be enabled regardless of the user's audit configuration.
     332             :          */
     333             :         if (unlikely(audit_context() && audit_enabled))
     334             :                 __audit_uring_entry(op);
     335             : }
     336             : static inline void audit_uring_exit(int success, long code)
     337             : {
     338             :         if (unlikely(audit_context()))
     339             :                 __audit_uring_exit(success, code);
     340             : }
     341             : static inline void audit_syscall_entry(int major, unsigned long a0,
     342             :                                        unsigned long a1, unsigned long a2,
     343             :                                        unsigned long a3)
     344             : {
     345             :         if (unlikely(audit_context()))
     346             :                 __audit_syscall_entry(major, a0, a1, a2, a3);
     347             : }
     348             : static inline void audit_syscall_exit(void *pt_regs)
     349             : {
     350             :         if (unlikely(audit_context())) {
     351             :                 int success = is_syscall_success(pt_regs);
     352             :                 long return_code = regs_return_value(pt_regs);
     353             : 
     354             :                 __audit_syscall_exit(success, return_code);
     355             :         }
     356             : }
     357             : static inline struct filename *audit_reusename(const __user char *name)
     358             : {
     359             :         if (unlikely(!audit_dummy_context()))
     360             :                 return __audit_reusename(name);
     361             :         return NULL;
     362             : }
     363             : static inline void audit_getname(struct filename *name)
     364             : {
     365             :         if (unlikely(!audit_dummy_context()))
     366             :                 __audit_getname(name);
     367             : }
     368             : static inline void audit_inode(struct filename *name,
     369             :                                 const struct dentry *dentry,
     370             :                                 unsigned int aflags) {
     371             :         if (unlikely(!audit_dummy_context()))
     372             :                 __audit_inode(name, dentry, aflags);
     373             : }
     374             : static inline void audit_file(struct file *file)
     375             : {
     376             :         if (unlikely(!audit_dummy_context()))
     377             :                 __audit_file(file);
     378             : }
     379             : static inline void audit_inode_parent_hidden(struct filename *name,
     380             :                                                 const struct dentry *dentry)
     381             : {
     382             :         if (unlikely(!audit_dummy_context()))
     383             :                 __audit_inode(name, dentry,
     384             :                                 AUDIT_INODE_PARENT | AUDIT_INODE_HIDDEN);
     385             : }
     386             : static inline void audit_inode_child(struct inode *parent,
     387             :                                      const struct dentry *dentry,
     388             :                                      const unsigned char type) {
     389             :         if (unlikely(!audit_dummy_context()))
     390             :                 __audit_inode_child(parent, dentry, type);
     391             : }
     392             : void audit_core_dumps(long signr);
     393             : 
     394             : static inline void audit_ptrace(struct task_struct *t)
     395             : {
     396             :         if (unlikely(!audit_dummy_context()))
     397             :                 __audit_ptrace(t);
     398             : }
     399             : 
     400             :                                 /* Private API (for audit.c only) */
     401             : extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
     402             : extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
     403             : extern void __audit_bprm(struct linux_binprm *bprm);
     404             : extern int __audit_socketcall(int nargs, unsigned long *args);
     405             : extern int __audit_sockaddr(int len, void *addr);
     406             : extern void __audit_fd_pair(int fd1, int fd2);
     407             : extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
     408             : extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout);
     409             : extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification);
     410             : extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
     411             : extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
     412             :                                   const struct cred *new,
     413             :                                   const struct cred *old);
     414             : extern void __audit_log_capset(const struct cred *new, const struct cred *old);
     415             : extern void __audit_mmap_fd(int fd, int flags);
     416             : extern void __audit_openat2_how(struct open_how *how);
     417             : extern void __audit_log_kern_module(char *name);
     418             : extern void __audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar);
     419             : extern void __audit_tk_injoffset(struct timespec64 offset);
     420             : extern void __audit_ntp_log(const struct audit_ntp_data *ad);
     421             : extern void __audit_log_nfcfg(const char *name, u8 af, unsigned int nentries,
     422             :                               enum audit_nfcfgop op, gfp_t gfp);
     423             : 
     424             : static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
     425             : {
     426             :         if (unlikely(!audit_dummy_context()))
     427             :                 __audit_ipc_obj(ipcp);
     428             : }
     429             : static inline void audit_fd_pair(int fd1, int fd2)
     430             : {
     431             :         if (unlikely(!audit_dummy_context()))
     432             :                 __audit_fd_pair(fd1, fd2);
     433             : }
     434             : static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode)
     435             : {
     436             :         if (unlikely(!audit_dummy_context()))
     437             :                 __audit_ipc_set_perm(qbytes, uid, gid, mode);
     438             : }
     439             : static inline void audit_bprm(struct linux_binprm *bprm)
     440             : {
     441             :         if (unlikely(!audit_dummy_context()))
     442             :                 __audit_bprm(bprm);
     443             : }
     444             : static inline int audit_socketcall(int nargs, unsigned long *args)
     445             : {
     446             :         if (unlikely(!audit_dummy_context()))
     447             :                 return __audit_socketcall(nargs, args);
     448             :         return 0;
     449             : }
     450             : 
     451             : static inline int audit_socketcall_compat(int nargs, u32 *args)
     452             : {
     453             :         unsigned long a[AUDITSC_ARGS];
     454             :         int i;
     455             : 
     456             :         if (audit_dummy_context())
     457             :                 return 0;
     458             : 
     459             :         for (i = 0; i < nargs; i++)
     460             :                 a[i] = (unsigned long)args[i];
     461             :         return __audit_socketcall(nargs, a);
     462             : }
     463             : 
     464             : static inline int audit_sockaddr(int len, void *addr)
     465             : {
     466             :         if (unlikely(!audit_dummy_context()))
     467             :                 return __audit_sockaddr(len, addr);
     468             :         return 0;
     469             : }
     470             : static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
     471             : {
     472             :         if (unlikely(!audit_dummy_context()))
     473             :                 __audit_mq_open(oflag, mode, attr);
     474             : }
     475             : static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout)
     476             : {
     477             :         if (unlikely(!audit_dummy_context()))
     478             :                 __audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout);
     479             : }
     480             : static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
     481             : {
     482             :         if (unlikely(!audit_dummy_context()))
     483             :                 __audit_mq_notify(mqdes, notification);
     484             : }
     485             : static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
     486             : {
     487             :         if (unlikely(!audit_dummy_context()))
     488             :                 __audit_mq_getsetattr(mqdes, mqstat);
     489             : }
     490             : 
     491             : static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
     492             :                                        const struct cred *new,
     493             :                                        const struct cred *old)
     494             : {
     495             :         if (unlikely(!audit_dummy_context()))
     496             :                 return __audit_log_bprm_fcaps(bprm, new, old);
     497             :         return 0;
     498             : }
     499             : 
     500             : static inline void audit_log_capset(const struct cred *new,
     501             :                                    const struct cred *old)
     502             : {
     503             :         if (unlikely(!audit_dummy_context()))
     504             :                 __audit_log_capset(new, old);
     505             : }
     506             : 
     507             : static inline void audit_mmap_fd(int fd, int flags)
     508             : {
     509             :         if (unlikely(!audit_dummy_context()))
     510             :                 __audit_mmap_fd(fd, flags);
     511             : }
     512             : 
     513             : static inline void audit_openat2_how(struct open_how *how)
     514             : {
     515             :         if (unlikely(!audit_dummy_context()))
     516             :                 __audit_openat2_how(how);
     517             : }
     518             : 
     519             : static inline void audit_log_kern_module(char *name)
     520             : {
     521             :         if (!audit_dummy_context())
     522             :                 __audit_log_kern_module(name);
     523             : }
     524             : 
     525             : static inline void audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar)
     526             : {
     527             :         if (!audit_dummy_context())
     528             :                 __audit_fanotify(response, friar);
     529             : }
     530             : 
     531             : static inline void audit_tk_injoffset(struct timespec64 offset)
     532             : {
     533             :         /* ignore no-op events */
     534             :         if (offset.tv_sec == 0 && offset.tv_nsec == 0)
     535             :                 return;
     536             : 
     537             :         if (!audit_dummy_context())
     538             :                 __audit_tk_injoffset(offset);
     539             : }
     540             : 
     541             : static inline void audit_ntp_init(struct audit_ntp_data *ad)
     542             : {
     543             :         memset(ad, 0, sizeof(*ad));
     544             : }
     545             : 
     546             : static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
     547             :                                      enum audit_ntp_type type, long long val)
     548             : {
     549             :         ad->vals[type].oldval = val;
     550             : }
     551             : 
     552             : static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
     553             :                                      enum audit_ntp_type type, long long val)
     554             : {
     555             :         ad->vals[type].newval = val;
     556             : }
     557             : 
     558             : static inline void audit_ntp_log(const struct audit_ntp_data *ad)
     559             : {
     560             :         if (!audit_dummy_context())
     561             :                 __audit_ntp_log(ad);
     562             : }
     563             : 
     564             : static inline void audit_log_nfcfg(const char *name, u8 af,
     565             :                                    unsigned int nentries,
     566             :                                    enum audit_nfcfgop op, gfp_t gfp)
     567             : {
     568             :         if (audit_enabled)
     569             :                 __audit_log_nfcfg(name, af, nentries, op, gfp);
     570             : }
     571             : 
     572             : extern int audit_n_rules;
     573             : extern int audit_signals;
     574             : #else /* CONFIG_AUDITSYSCALL */
     575             : static inline int audit_alloc(struct task_struct *task)
     576             : {
     577             :         return 0;
     578             : }
     579             : static inline void audit_free(struct task_struct *task)
     580             : { }
     581             : static inline void audit_uring_entry(u8 op)
     582             : { }
     583             : static inline void audit_uring_exit(int success, long code)
     584             : { }
     585             : static inline void audit_syscall_entry(int major, unsigned long a0,
     586             :                                        unsigned long a1, unsigned long a2,
     587             :                                        unsigned long a3)
     588             : { }
     589             : static inline void audit_syscall_exit(void *pt_regs)
     590             : { }
     591             : static inline bool audit_dummy_context(void)
     592             : {
     593             :         return true;
     594             : }
     595             : static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
     596             : { }
     597             : static inline struct audit_context *audit_context(void)
     598             : {
     599             :         return NULL;
     600             : }
     601             : static inline struct filename *audit_reusename(const __user char *name)
     602             : {
     603             :         return NULL;
     604             : }
     605             : static inline void audit_getname(struct filename *name)
     606             : { }
     607             : static inline void audit_inode(struct filename *name,
     608             :                                 const struct dentry *dentry,
     609             :                                 unsigned int aflags)
     610   819981910 : { }
     611             : static inline void audit_file(struct file *file)
     612             : {
     613             : }
     614             : static inline void audit_inode_parent_hidden(struct filename *name,
     615             :                                 const struct dentry *dentry)
     616             : { }
     617             : static inline void audit_inode_child(struct inode *parent,
     618             :                                      const struct dentry *dentry,
     619             :                                      const unsigned char type)
     620             : { }
     621             : static inline void audit_core_dumps(long signr)
     622             : { }
     623             : static inline void audit_seccomp(unsigned long syscall, long signr, int code)
     624             : { }
     625             : static inline void audit_seccomp_actions_logged(const char *names,
     626             :                                                 const char *old_names, int res)
     627             : { }
     628             : static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
     629             : { }
     630             : static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
     631             :                                         gid_t gid, umode_t mode)
     632             : { }
     633             : static inline void audit_bprm(struct linux_binprm *bprm)
     634             : { }
     635             : static inline int audit_socketcall(int nargs, unsigned long *args)
     636             : {
     637             :         return 0;
     638             : }
     639             : 
     640             : static inline int audit_socketcall_compat(int nargs, u32 *args)
     641             : {
     642             :         return 0;
     643             : }
     644             : 
     645             : static inline void audit_fd_pair(int fd1, int fd2)
     646             : { }
     647             : static inline int audit_sockaddr(int len, void *addr)
     648             : {
     649             :         return 0;
     650             : }
     651             : static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
     652             : { }
     653             : static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len,
     654             :                                      unsigned int msg_prio,
     655             :                                      const struct timespec64 *abs_timeout)
     656             : { }
     657             : static inline void audit_mq_notify(mqd_t mqdes,
     658             :                                    const struct sigevent *notification)
     659             : { }
     660             : static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
     661             : { }
     662             : static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
     663             :                                        const struct cred *new,
     664             :                                        const struct cred *old)
     665             : {
     666             :         return 0;
     667             : }
     668             : static inline void audit_log_capset(const struct cred *new,
     669             :                                     const struct cred *old)
     670             : { }
     671             : static inline void audit_mmap_fd(int fd, int flags)
     672             : { }
     673             : 
     674             : static inline void audit_openat2_how(struct open_how *how)
     675             : { }
     676             : 
     677             : static inline void audit_log_kern_module(char *name)
     678             : {
     679             : }
     680             : 
     681             : static inline void audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar)
     682             : { }
     683             : 
     684             : static inline void audit_tk_injoffset(struct timespec64 offset)
     685             : { }
     686             : 
     687             : static inline void audit_ntp_init(struct audit_ntp_data *ad)
     688             : { }
     689             : 
     690             : static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
     691             :                                      enum audit_ntp_type type, long long val)
     692             : { }
     693             : 
     694             : static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
     695             :                                      enum audit_ntp_type type, long long val)
     696             : { }
     697             : 
     698             : static inline void audit_ntp_log(const struct audit_ntp_data *ad)
     699             : { }
     700             : 
     701             : static inline void audit_ptrace(struct task_struct *t)
     702             : { }
     703             : 
     704             : static inline void audit_log_nfcfg(const char *name, u8 af,
     705             :                                    unsigned int nentries,
     706             :                                    enum audit_nfcfgop op, gfp_t gfp)
     707             : { }
     708             : 
     709             : #define audit_n_rules 0
     710             : #define audit_signals 0
     711             : #endif /* CONFIG_AUDITSYSCALL */
     712             : 
     713             : static inline bool audit_loginuid_set(struct task_struct *tsk)
     714             : {
     715             :         return uid_valid(audit_get_loginuid(tsk));
     716             : }
     717             : 
     718             : #endif

Generated by: LCOV version 1.14