Line data Source code
1 : /* SPDX-License-Identifier: GPL-2.0-or-later */
2 : /* audit.h -- Auditing support
3 : *
4 : * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
5 : * All Rights Reserved.
6 : *
7 : * Written by Rickard E. (Rik) Faith <faith@redhat.com>
8 : */
9 : #ifndef _LINUX_AUDIT_H_
10 : #define _LINUX_AUDIT_H_
11 :
12 : #include <linux/sched.h>
13 : #include <linux/ptrace.h>
14 : #include <linux/audit_arch.h>
15 : #include <uapi/linux/audit.h>
16 : #include <uapi/linux/netfilter/nf_tables.h>
17 : #include <uapi/linux/fanotify.h>
18 :
19 : #define AUDIT_INO_UNSET ((unsigned long)-1)
20 : #define AUDIT_DEV_UNSET ((dev_t)-1)
21 :
22 : struct audit_sig_info {
23 : uid_t uid;
24 : pid_t pid;
25 : char ctx[];
26 : };
27 :
28 : struct audit_buffer;
29 : struct audit_context;
30 : struct inode;
31 : struct netlink_skb_parms;
32 : struct path;
33 : struct linux_binprm;
34 : struct mq_attr;
35 : struct mqstat;
36 : struct audit_watch;
37 : struct audit_tree;
38 : struct sk_buff;
39 :
40 : struct audit_krule {
41 : u32 pflags;
42 : u32 flags;
43 : u32 listnr;
44 : u32 action;
45 : u32 mask[AUDIT_BITMASK_SIZE];
46 : u32 buflen; /* for data alloc on list rules */
47 : u32 field_count;
48 : char *filterkey; /* ties events to rules */
49 : struct audit_field *fields;
50 : struct audit_field *arch_f; /* quick access to arch field */
51 : struct audit_field *inode_f; /* quick access to an inode field */
52 : struct audit_watch *watch; /* associated watch */
53 : struct audit_tree *tree; /* associated watched tree */
54 : struct audit_fsnotify_mark *exe;
55 : struct list_head rlist; /* entry in audit_{watch,tree}.rules list */
56 : struct list_head list; /* for AUDIT_LIST* purposes only */
57 : u64 prio;
58 : };
59 :
60 : /* Flag to indicate legacy AUDIT_LOGINUID unset usage */
61 : #define AUDIT_LOGINUID_LEGACY 0x1
62 :
63 : struct audit_field {
64 : u32 type;
65 : union {
66 : u32 val;
67 : kuid_t uid;
68 : kgid_t gid;
69 : struct {
70 : char *lsm_str;
71 : void *lsm_rule;
72 : };
73 : };
74 : u32 op;
75 : };
76 :
77 : enum audit_ntp_type {
78 : AUDIT_NTP_OFFSET,
79 : AUDIT_NTP_FREQ,
80 : AUDIT_NTP_STATUS,
81 : AUDIT_NTP_TAI,
82 : AUDIT_NTP_TICK,
83 : AUDIT_NTP_ADJUST,
84 :
85 : AUDIT_NTP_NVALS /* count */
86 : };
87 :
88 : #ifdef CONFIG_AUDITSYSCALL
89 : struct audit_ntp_val {
90 : long long oldval, newval;
91 : };
92 :
93 : struct audit_ntp_data {
94 : struct audit_ntp_val vals[AUDIT_NTP_NVALS];
95 : };
96 : #else
97 : struct audit_ntp_data {};
98 : #endif
99 :
100 : enum audit_nfcfgop {
101 : AUDIT_XT_OP_REGISTER,
102 : AUDIT_XT_OP_REPLACE,
103 : AUDIT_XT_OP_UNREGISTER,
104 : AUDIT_NFT_OP_TABLE_REGISTER,
105 : AUDIT_NFT_OP_TABLE_UNREGISTER,
106 : AUDIT_NFT_OP_CHAIN_REGISTER,
107 : AUDIT_NFT_OP_CHAIN_UNREGISTER,
108 : AUDIT_NFT_OP_RULE_REGISTER,
109 : AUDIT_NFT_OP_RULE_UNREGISTER,
110 : AUDIT_NFT_OP_SET_REGISTER,
111 : AUDIT_NFT_OP_SET_UNREGISTER,
112 : AUDIT_NFT_OP_SETELEM_REGISTER,
113 : AUDIT_NFT_OP_SETELEM_UNREGISTER,
114 : AUDIT_NFT_OP_GEN_REGISTER,
115 : AUDIT_NFT_OP_OBJ_REGISTER,
116 : AUDIT_NFT_OP_OBJ_UNREGISTER,
117 : AUDIT_NFT_OP_OBJ_RESET,
118 : AUDIT_NFT_OP_FLOWTABLE_REGISTER,
119 : AUDIT_NFT_OP_FLOWTABLE_UNREGISTER,
120 : AUDIT_NFT_OP_INVALID,
121 : };
122 :
123 : extern int __init audit_register_class(int class, unsigned *list);
124 : extern int audit_classify_syscall(int abi, unsigned syscall);
125 : extern int audit_classify_arch(int arch);
126 : /* only for compat system calls */
127 : extern unsigned compat_write_class[];
128 : extern unsigned compat_read_class[];
129 : extern unsigned compat_dir_class[];
130 : extern unsigned compat_chattr_class[];
131 : extern unsigned compat_signal_class[];
132 :
133 : /* audit_names->type values */
134 : #define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */
135 : #define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */
136 : #define AUDIT_TYPE_PARENT 2 /* a parent audit record */
137 : #define AUDIT_TYPE_CHILD_DELETE 3 /* a child being deleted */
138 : #define AUDIT_TYPE_CHILD_CREATE 4 /* a child being created */
139 :
140 : /* maximized args number that audit_socketcall can process */
141 : #define AUDITSC_ARGS 6
142 :
143 : /* bit values for ->signal->audit_tty */
144 : #define AUDIT_TTY_ENABLE BIT(0)
145 : #define AUDIT_TTY_LOG_PASSWD BIT(1)
146 :
147 : struct filename;
148 :
149 : #define AUDIT_OFF 0
150 : #define AUDIT_ON 1
151 : #define AUDIT_LOCKED 2
152 : #ifdef CONFIG_AUDIT
153 : /* These are defined in audit.c */
154 : /* Public API */
155 : extern __printf(4, 5)
156 : void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
157 : const char *fmt, ...);
158 :
159 : extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type);
160 : extern __printf(2, 3)
161 : void audit_log_format(struct audit_buffer *ab, const char *fmt, ...);
162 : extern void audit_log_end(struct audit_buffer *ab);
163 : extern bool audit_string_contains_control(const char *string,
164 : size_t len);
165 : extern void audit_log_n_hex(struct audit_buffer *ab,
166 : const unsigned char *buf,
167 : size_t len);
168 : extern void audit_log_n_string(struct audit_buffer *ab,
169 : const char *buf,
170 : size_t n);
171 : extern void audit_log_n_untrustedstring(struct audit_buffer *ab,
172 : const char *string,
173 : size_t n);
174 : extern void audit_log_untrustedstring(struct audit_buffer *ab,
175 : const char *string);
176 : extern void audit_log_d_path(struct audit_buffer *ab,
177 : const char *prefix,
178 : const struct path *path);
179 : extern void audit_log_key(struct audit_buffer *ab,
180 : char *key);
181 : extern void audit_log_path_denied(int type,
182 : const char *operation);
183 : extern void audit_log_lost(const char *message);
184 :
185 : extern int audit_log_task_context(struct audit_buffer *ab);
186 : extern void audit_log_task_info(struct audit_buffer *ab);
187 :
188 : extern int audit_update_lsm_rules(void);
189 :
190 : /* Private API (for audit.c only) */
191 : extern int audit_rule_change(int type, int seq, void *data, size_t datasz);
192 : extern int audit_list_rules_send(struct sk_buff *request_skb, int seq);
193 :
194 : extern int audit_set_loginuid(kuid_t loginuid);
195 :
196 : static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
197 : {
198 : return tsk->loginuid;
199 : }
200 :
201 : static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
202 : {
203 : return tsk->sessionid;
204 : }
205 :
206 : extern u32 audit_enabled;
207 :
208 : extern int audit_signal_info(int sig, struct task_struct *t);
209 :
210 : #else /* CONFIG_AUDIT */
211 : static inline __printf(4, 5)
212 : void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
213 : const char *fmt, ...)
214 : { }
215 : static inline struct audit_buffer *audit_log_start(struct audit_context *ctx,
216 : gfp_t gfp_mask, int type)
217 : {
218 : return NULL;
219 : }
220 : static inline __printf(2, 3)
221 : void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
222 : { }
223 : static inline void audit_log_end(struct audit_buffer *ab)
224 : { }
225 : static inline void audit_log_n_hex(struct audit_buffer *ab,
226 : const unsigned char *buf, size_t len)
227 : { }
228 : static inline void audit_log_n_string(struct audit_buffer *ab,
229 : const char *buf, size_t n)
230 : { }
231 : static inline void audit_log_n_untrustedstring(struct audit_buffer *ab,
232 : const char *string, size_t n)
233 : { }
234 : static inline void audit_log_untrustedstring(struct audit_buffer *ab,
235 : const char *string)
236 : { }
237 : static inline void audit_log_d_path(struct audit_buffer *ab,
238 : const char *prefix,
239 : const struct path *path)
240 : { }
241 : static inline void audit_log_key(struct audit_buffer *ab, char *key)
242 : { }
243 : static inline void audit_log_path_denied(int type, const char *operation)
244 : { }
245 : static inline int audit_log_task_context(struct audit_buffer *ab)
246 : {
247 : return 0;
248 : }
249 : static inline void audit_log_task_info(struct audit_buffer *ab)
250 : { }
251 :
252 : static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
253 : {
254 : return INVALID_UID;
255 : }
256 :
257 : static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
258 : {
259 : return AUDIT_SID_UNSET;
260 : }
261 :
262 : #define audit_enabled AUDIT_OFF
263 :
264 : static inline int audit_signal_info(int sig, struct task_struct *t)
265 : {
266 : return 0;
267 : }
268 :
269 : #endif /* CONFIG_AUDIT */
270 :
271 : #ifdef CONFIG_AUDIT_COMPAT_GENERIC
272 : #define audit_is_compat(arch) (!((arch) & __AUDIT_ARCH_64BIT))
273 : #else
274 : #define audit_is_compat(arch) false
275 : #endif
276 :
277 : #define AUDIT_INODE_PARENT 1 /* dentry represents the parent */
278 : #define AUDIT_INODE_HIDDEN 2 /* audit record should be hidden */
279 : #define AUDIT_INODE_NOEVAL 4 /* audit record incomplete */
280 :
281 : #ifdef CONFIG_AUDITSYSCALL
282 : #include <asm/syscall.h> /* for syscall_get_arch() */
283 :
284 : /* These are defined in auditsc.c */
285 : /* Public API */
286 : extern int audit_alloc(struct task_struct *task);
287 : extern void __audit_free(struct task_struct *task);
288 : extern void __audit_uring_entry(u8 op);
289 : extern void __audit_uring_exit(int success, long code);
290 : extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1,
291 : unsigned long a2, unsigned long a3);
292 : extern void __audit_syscall_exit(int ret_success, long ret_value);
293 : extern struct filename *__audit_reusename(const __user char *uptr);
294 : extern void __audit_getname(struct filename *name);
295 : extern void __audit_inode(struct filename *name, const struct dentry *dentry,
296 : unsigned int flags);
297 : extern void __audit_file(const struct file *);
298 : extern void __audit_inode_child(struct inode *parent,
299 : const struct dentry *dentry,
300 : const unsigned char type);
301 : extern void audit_seccomp(unsigned long syscall, long signr, int code);
302 : extern void audit_seccomp_actions_logged(const char *names,
303 : const char *old_names, int res);
304 : extern void __audit_ptrace(struct task_struct *t);
305 :
306 : static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
307 : {
308 : task->audit_context = ctx;
309 : }
310 :
311 : static inline struct audit_context *audit_context(void)
312 : {
313 : return current->audit_context;
314 : }
315 :
316 : static inline bool audit_dummy_context(void)
317 : {
318 : void *p = audit_context();
319 : return !p || *(int *)p;
320 : }
321 : static inline void audit_free(struct task_struct *task)
322 : {
323 : if (unlikely(task->audit_context))
324 : __audit_free(task);
325 : }
326 : static inline void audit_uring_entry(u8 op)
327 : {
328 : /*
329 : * We intentionally check audit_context() before audit_enabled as most
330 : * Linux systems (as of ~2021) rely on systemd which forces audit to
331 : * be enabled regardless of the user's audit configuration.
332 : */
333 : if (unlikely(audit_context() && audit_enabled))
334 : __audit_uring_entry(op);
335 : }
336 : static inline void audit_uring_exit(int success, long code)
337 : {
338 : if (unlikely(audit_context()))
339 : __audit_uring_exit(success, code);
340 : }
341 : static inline void audit_syscall_entry(int major, unsigned long a0,
342 : unsigned long a1, unsigned long a2,
343 : unsigned long a3)
344 : {
345 : if (unlikely(audit_context()))
346 : __audit_syscall_entry(major, a0, a1, a2, a3);
347 : }
348 : static inline void audit_syscall_exit(void *pt_regs)
349 : {
350 : if (unlikely(audit_context())) {
351 : int success = is_syscall_success(pt_regs);
352 : long return_code = regs_return_value(pt_regs);
353 :
354 : __audit_syscall_exit(success, return_code);
355 : }
356 : }
357 : static inline struct filename *audit_reusename(const __user char *name)
358 : {
359 : if (unlikely(!audit_dummy_context()))
360 : return __audit_reusename(name);
361 : return NULL;
362 : }
363 : static inline void audit_getname(struct filename *name)
364 : {
365 : if (unlikely(!audit_dummy_context()))
366 : __audit_getname(name);
367 : }
368 : static inline void audit_inode(struct filename *name,
369 : const struct dentry *dentry,
370 : unsigned int aflags) {
371 : if (unlikely(!audit_dummy_context()))
372 : __audit_inode(name, dentry, aflags);
373 : }
374 : static inline void audit_file(struct file *file)
375 : {
376 : if (unlikely(!audit_dummy_context()))
377 : __audit_file(file);
378 : }
379 : static inline void audit_inode_parent_hidden(struct filename *name,
380 : const struct dentry *dentry)
381 : {
382 : if (unlikely(!audit_dummy_context()))
383 : __audit_inode(name, dentry,
384 : AUDIT_INODE_PARENT | AUDIT_INODE_HIDDEN);
385 : }
386 : static inline void audit_inode_child(struct inode *parent,
387 : const struct dentry *dentry,
388 : const unsigned char type) {
389 : if (unlikely(!audit_dummy_context()))
390 : __audit_inode_child(parent, dentry, type);
391 : }
392 : void audit_core_dumps(long signr);
393 :
394 : static inline void audit_ptrace(struct task_struct *t)
395 : {
396 : if (unlikely(!audit_dummy_context()))
397 : __audit_ptrace(t);
398 : }
399 :
400 : /* Private API (for audit.c only) */
401 : extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
402 : extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
403 : extern void __audit_bprm(struct linux_binprm *bprm);
404 : extern int __audit_socketcall(int nargs, unsigned long *args);
405 : extern int __audit_sockaddr(int len, void *addr);
406 : extern void __audit_fd_pair(int fd1, int fd2);
407 : extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
408 : extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout);
409 : extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification);
410 : extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
411 : extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
412 : const struct cred *new,
413 : const struct cred *old);
414 : extern void __audit_log_capset(const struct cred *new, const struct cred *old);
415 : extern void __audit_mmap_fd(int fd, int flags);
416 : extern void __audit_openat2_how(struct open_how *how);
417 : extern void __audit_log_kern_module(char *name);
418 : extern void __audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar);
419 : extern void __audit_tk_injoffset(struct timespec64 offset);
420 : extern void __audit_ntp_log(const struct audit_ntp_data *ad);
421 : extern void __audit_log_nfcfg(const char *name, u8 af, unsigned int nentries,
422 : enum audit_nfcfgop op, gfp_t gfp);
423 :
424 : static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
425 : {
426 : if (unlikely(!audit_dummy_context()))
427 : __audit_ipc_obj(ipcp);
428 : }
429 : static inline void audit_fd_pair(int fd1, int fd2)
430 : {
431 : if (unlikely(!audit_dummy_context()))
432 : __audit_fd_pair(fd1, fd2);
433 : }
434 : static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode)
435 : {
436 : if (unlikely(!audit_dummy_context()))
437 : __audit_ipc_set_perm(qbytes, uid, gid, mode);
438 : }
439 : static inline void audit_bprm(struct linux_binprm *bprm)
440 : {
441 : if (unlikely(!audit_dummy_context()))
442 : __audit_bprm(bprm);
443 : }
444 : static inline int audit_socketcall(int nargs, unsigned long *args)
445 : {
446 : if (unlikely(!audit_dummy_context()))
447 : return __audit_socketcall(nargs, args);
448 : return 0;
449 : }
450 :
451 : static inline int audit_socketcall_compat(int nargs, u32 *args)
452 : {
453 : unsigned long a[AUDITSC_ARGS];
454 : int i;
455 :
456 : if (audit_dummy_context())
457 : return 0;
458 :
459 : for (i = 0; i < nargs; i++)
460 : a[i] = (unsigned long)args[i];
461 : return __audit_socketcall(nargs, a);
462 : }
463 :
464 : static inline int audit_sockaddr(int len, void *addr)
465 : {
466 : if (unlikely(!audit_dummy_context()))
467 : return __audit_sockaddr(len, addr);
468 : return 0;
469 : }
470 : static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
471 : {
472 : if (unlikely(!audit_dummy_context()))
473 : __audit_mq_open(oflag, mode, attr);
474 : }
475 : static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout)
476 : {
477 : if (unlikely(!audit_dummy_context()))
478 : __audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout);
479 : }
480 : static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
481 : {
482 : if (unlikely(!audit_dummy_context()))
483 : __audit_mq_notify(mqdes, notification);
484 : }
485 : static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
486 : {
487 : if (unlikely(!audit_dummy_context()))
488 : __audit_mq_getsetattr(mqdes, mqstat);
489 : }
490 :
491 : static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
492 : const struct cred *new,
493 : const struct cred *old)
494 : {
495 : if (unlikely(!audit_dummy_context()))
496 : return __audit_log_bprm_fcaps(bprm, new, old);
497 : return 0;
498 : }
499 :
500 : static inline void audit_log_capset(const struct cred *new,
501 : const struct cred *old)
502 : {
503 : if (unlikely(!audit_dummy_context()))
504 : __audit_log_capset(new, old);
505 : }
506 :
507 : static inline void audit_mmap_fd(int fd, int flags)
508 : {
509 : if (unlikely(!audit_dummy_context()))
510 : __audit_mmap_fd(fd, flags);
511 : }
512 :
513 : static inline void audit_openat2_how(struct open_how *how)
514 : {
515 : if (unlikely(!audit_dummy_context()))
516 : __audit_openat2_how(how);
517 : }
518 :
519 : static inline void audit_log_kern_module(char *name)
520 : {
521 : if (!audit_dummy_context())
522 : __audit_log_kern_module(name);
523 : }
524 :
525 : static inline void audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar)
526 : {
527 : if (!audit_dummy_context())
528 : __audit_fanotify(response, friar);
529 : }
530 :
531 : static inline void audit_tk_injoffset(struct timespec64 offset)
532 : {
533 : /* ignore no-op events */
534 : if (offset.tv_sec == 0 && offset.tv_nsec == 0)
535 : return;
536 :
537 : if (!audit_dummy_context())
538 : __audit_tk_injoffset(offset);
539 : }
540 :
541 : static inline void audit_ntp_init(struct audit_ntp_data *ad)
542 : {
543 : memset(ad, 0, sizeof(*ad));
544 : }
545 :
546 : static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
547 : enum audit_ntp_type type, long long val)
548 : {
549 : ad->vals[type].oldval = val;
550 : }
551 :
552 : static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
553 : enum audit_ntp_type type, long long val)
554 : {
555 : ad->vals[type].newval = val;
556 : }
557 :
558 : static inline void audit_ntp_log(const struct audit_ntp_data *ad)
559 : {
560 : if (!audit_dummy_context())
561 : __audit_ntp_log(ad);
562 : }
563 :
564 : static inline void audit_log_nfcfg(const char *name, u8 af,
565 : unsigned int nentries,
566 : enum audit_nfcfgop op, gfp_t gfp)
567 : {
568 : if (audit_enabled)
569 : __audit_log_nfcfg(name, af, nentries, op, gfp);
570 : }
571 :
572 : extern int audit_n_rules;
573 : extern int audit_signals;
574 : #else /* CONFIG_AUDITSYSCALL */
575 : static inline int audit_alloc(struct task_struct *task)
576 : {
577 : return 0;
578 : }
579 : static inline void audit_free(struct task_struct *task)
580 : { }
581 : static inline void audit_uring_entry(u8 op)
582 : { }
583 : static inline void audit_uring_exit(int success, long code)
584 : { }
585 : static inline void audit_syscall_entry(int major, unsigned long a0,
586 : unsigned long a1, unsigned long a2,
587 : unsigned long a3)
588 : { }
589 : static inline void audit_syscall_exit(void *pt_regs)
590 : { }
591 : static inline bool audit_dummy_context(void)
592 : {
593 : return true;
594 : }
595 : static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
596 : { }
597 : static inline struct audit_context *audit_context(void)
598 : {
599 : return NULL;
600 : }
601 : static inline struct filename *audit_reusename(const __user char *name)
602 : {
603 : return NULL;
604 : }
605 : static inline void audit_getname(struct filename *name)
606 : { }
607 : static inline void audit_inode(struct filename *name,
608 : const struct dentry *dentry,
609 : unsigned int aflags)
610 565428834 : { }
611 : static inline void audit_file(struct file *file)
612 : {
613 : }
614 : static inline void audit_inode_parent_hidden(struct filename *name,
615 : const struct dentry *dentry)
616 : { }
617 : static inline void audit_inode_child(struct inode *parent,
618 : const struct dentry *dentry,
619 : const unsigned char type)
620 : { }
621 : static inline void audit_core_dumps(long signr)
622 : { }
623 : static inline void audit_seccomp(unsigned long syscall, long signr, int code)
624 : { }
625 : static inline void audit_seccomp_actions_logged(const char *names,
626 : const char *old_names, int res)
627 : { }
628 : static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
629 : { }
630 : static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
631 : gid_t gid, umode_t mode)
632 : { }
633 : static inline void audit_bprm(struct linux_binprm *bprm)
634 : { }
635 : static inline int audit_socketcall(int nargs, unsigned long *args)
636 : {
637 : return 0;
638 : }
639 :
640 : static inline int audit_socketcall_compat(int nargs, u32 *args)
641 : {
642 : return 0;
643 : }
644 :
645 : static inline void audit_fd_pair(int fd1, int fd2)
646 : { }
647 : static inline int audit_sockaddr(int len, void *addr)
648 : {
649 : return 0;
650 : }
651 : static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
652 : { }
653 : static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len,
654 : unsigned int msg_prio,
655 : const struct timespec64 *abs_timeout)
656 : { }
657 : static inline void audit_mq_notify(mqd_t mqdes,
658 : const struct sigevent *notification)
659 : { }
660 : static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
661 : { }
662 : static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
663 : const struct cred *new,
664 : const struct cred *old)
665 : {
666 : return 0;
667 : }
668 : static inline void audit_log_capset(const struct cred *new,
669 : const struct cred *old)
670 : { }
671 : static inline void audit_mmap_fd(int fd, int flags)
672 : { }
673 :
674 : static inline void audit_openat2_how(struct open_how *how)
675 : { }
676 :
677 : static inline void audit_log_kern_module(char *name)
678 : {
679 : }
680 :
681 : static inline void audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar)
682 : { }
683 :
684 : static inline void audit_tk_injoffset(struct timespec64 offset)
685 : { }
686 :
687 : static inline void audit_ntp_init(struct audit_ntp_data *ad)
688 : { }
689 :
690 : static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
691 : enum audit_ntp_type type, long long val)
692 : { }
693 :
694 : static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
695 : enum audit_ntp_type type, long long val)
696 : { }
697 :
698 : static inline void audit_ntp_log(const struct audit_ntp_data *ad)
699 : { }
700 :
701 : static inline void audit_ptrace(struct task_struct *t)
702 : { }
703 :
704 : static inline void audit_log_nfcfg(const char *name, u8 af,
705 : unsigned int nentries,
706 : enum audit_nfcfgop op, gfp_t gfp)
707 : { }
708 :
709 : #define audit_n_rules 0
710 : #define audit_signals 0
711 : #endif /* CONFIG_AUDITSYSCALL */
712 :
713 : static inline bool audit_loginuid_set(struct task_struct *tsk)
714 : {
715 : return uid_valid(audit_get_loginuid(tsk));
716 : }
717 :
718 : #endif
|