From patchwork Thu May 24 20:11:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 10425405 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 016266053B for ; Thu, 24 May 2018 20:12:24 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EF8B329723 for ; Thu, 24 May 2018 20:12:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id EB98429649; Thu, 24 May 2018 20:12:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00, MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DE95B29870 for ; Thu, 24 May 2018 20:11:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S968745AbeEXULP (ORCPT ); Thu, 24 May 2018 16:11:15 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:59934 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S967788AbeEXULN (ORCPT ); Thu, 24 May 2018 16:11:13 -0400 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w4OK4Dpt036005 for ; Thu, 24 May 2018 16:11:13 -0400 Received: from e18.ny.us.ibm.com (e18.ny.us.ibm.com [129.33.205.208]) by mx0a-001b2d01.pphosted.com with ESMTP id 2j61cnff16-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 24 May 2018 16:11:13 -0400 Received: from localhost by e18.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 24 May 2018 16:11:12 -0400 Received: from b01cxnp22035.gho.pok.ibm.com (9.57.198.25) by e18.ny.us.ibm.com (146.89.104.205) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 24 May 2018 16:11:10 -0400 Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w4OKB9HF8716816 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 24 May 2018 20:11:09 GMT Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B47B5AC0E7; Thu, 24 May 2018 16:12:38 -0400 (EDT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP id 9DF4CAC0E6; Thu, 24 May 2018 16:12:38 -0400 (EDT) From: Stefan Berger To: zohar@linux.vnet.ibm.com, sgrubb@redhat.com Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-audit@redhat.com, Stefan Berger Subject: [PATCH 3/8] audit: Implement audit_log_tty() Date: Thu, 24 May 2018 16:11:00 -0400 X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180524201105.3179904-1-stefanb@linux.vnet.ibm.com> References: <20180524201105.3179904-1-stefanb@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 18052420-0044-0000-0000-0000041A804B X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00009065; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000261; SDB=6.01036001; UDB=6.00529949; IPR=6.00815130; MB=3.00021234; MTD=3.00000008; XFM=3.00000015; UTC=2018-05-24 20:11:11 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18052420-0045-0000-0000-0000084C9D6D Message-Id: <20180524201105.3179904-4-stefanb@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-05-24_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1805240228 Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Implement audit_log_tty() so that IMA can add tty= to its audit records. Signed-off-by: Stefan Berger --- include/linux/audit.h | 5 +++++ kernel/audit.c | 8 ++++++++ 2 files changed, 13 insertions(+) diff --git a/include/linux/audit.h b/include/linux/audit.h index 90aa63ddc9be..2deb76c74d10 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -154,6 +154,7 @@ extern void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk); extern int audit_update_lsm_rules(void); +extern void audit_log_tty(struct audit_buffer *ab, struct task_struct *tsk); /* Private API (for audit.c only) */ extern int audit_rule_change(int type, int seq, void *data, size_t datasz); @@ -202,6 +203,10 @@ static inline int audit_log_task_context(struct audit_buffer *ab) static inline void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk) { } + +static inline void audit_log_tty(struct audit_buffer *ab, + struct task_struct *tsk) +{ } #define audit_enabled 0 #endif /* CONFIG_AUDIT */ diff --git a/kernel/audit.c b/kernel/audit.c index 670665c6e2a6..fa54695962b4 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -2305,6 +2305,14 @@ void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk) } EXPORT_SYMBOL(audit_log_task_info); +void audit_log_tty(struct audit_buffer *ab, struct task_struct *tsk) +{ + struct tty_struct *tty = audit_get_tty(tsk); + + audit_log_format(ab, " tty=%s", tty ? tty_name(tty) : "(none)"); + audit_put_tty(tty); +} + /** * audit_log_link_denied - report a link restriction denial * @operation: specific link operation