From a73b8cf29e6f6bd4d32da5856f482790624b4724 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 2 Aug 2010 11:25:24 +0200 Subject: Implement AUDIT_CRYPTO_STORAGE_KEY --- include/linux/audit.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include') diff --git a/include/linux/audit.h b/include/linux/audit.h index 3c7a358241a..35fa4e9c34a 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -122,6 +122,8 @@ #define AUDIT_MAC_UNLBL_STCADD 1416 /* NetLabel: add a static label */ #define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label */ +#define AUDIT_CRYPTO_STORAGE_KEY 1600 /* Key storage key configured */ + #define AUDIT_FIRST_KERN_ANOM_MSG 1700 #define AUDIT_LAST_KERN_ANOM_MSG 1799 #define AUDIT_ANOM_PROMISCUOUS 1700 /* Device changed promiscuous mode */ -- cgit From 71cf9b0659c55ad0e695e98190c742ae39bcee23 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 2 Aug 2010 18:11:53 +0200 Subject: Implement AUDIT_CRYPTO_USERSPACE_OP --- include/linux/audit.h | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'include') diff --git a/include/linux/audit.h b/include/linux/audit.h index 35fa4e9c34a..54cb007e340 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -123,6 +123,7 @@ #define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label */ #define AUDIT_CRYPTO_STORAGE_KEY 1600 /* Key storage key configured */ +#define AUDIT_CRYPTO_USERSPACE_OP 1601 /* User-space crypto operation */ #define AUDIT_FIRST_KERN_ANOM_MSG 1700 #define AUDIT_LAST_KERN_ANOM_MSG 1799 @@ -209,6 +210,7 @@ #define AUDIT_OBJ_TYPE 21 #define AUDIT_OBJ_LEV_LOW 22 #define AUDIT_OBJ_LEV_HIGH 23 +#define AUDIT_CRYPTO_OP 24 /* These are ONLY useful when checking * at syscall exit time (AUDIT_AT_EXIT). */ @@ -316,6 +318,20 @@ enum { #define AUDIT_PERM_READ 4 #define AUDIT_PERM_ATTR 8 +#define AUDIT_CRYPTO_OP_CONTEXT_NEW 1 +#define AUDIT_CRYPTO_OP_CONTEXT_DEL 2 +#define AUDIT_CRYPTO_OP_SESSION_INIT 3 +#define AUDIT_CRYPTO_OP_SESSION_OP 4 +#define AUDIT_CRYPTO_OP_SESSION_FINAL 5 +#define AUDIT_CRYPTO_OP_KEY_IMPORT 6 +#define AUDIT_CRYPTO_OP_KEY_EXPORT 7 +#define AUDIT_CRYPTO_OP_KEY_WRAP 8 +#define AUDIT_CRYPTO_OP_KEY_UNWRAP 9 +#define AUDIT_CRYPTO_OP_KEY_GEN 10 +#define AUDIT_CRYPTO_OP_KEY_DERIVE 11 +#define AUDIT_CRYPTO_OP_KEY_ZEROIZE 12 +#define AUDIT_CRYPTO_OP_KEY_GET_INFO 13 + struct audit_status { __u32 mask; /* Bit mask for valid entries */ __u32 enabled; /* 1 = enabled, 0 = disabled */ @@ -481,6 +497,10 @@ extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm, const struct cred *new, const struct cred *old); extern void __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old); +extern int __audit_log_crypto_op(int op, int context, int session, + const char *operation, const char *algorithm, + int key1, void *key1_id, size_t key1_id_size, + int key2, void *key2_id, size_t key2_id_size); static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) { @@ -534,6 +554,20 @@ static inline void audit_log_capset(pid_t pid, const struct cred *new, __audit_log_capset(pid, new, old); } +static inline int audit_log_crypto_op(int op, int context, int session, + const char *operation, + const char *algorithm, int key1, + void *key1_id, size_t key1_id_size, + int key2, void *key2_id, + size_t key2_id_size) +{ + if (likely(audit_dummy_context())) + return 0; + return __audit_log_crypto_op(op, context, session, operation, algorithm, + key1, key1_id, key1_id_size, key2, key2_id, + key2_id_size); +} + extern int audit_n_rules; extern int audit_signals; #else @@ -567,6 +601,7 @@ extern int audit_signals; #define audit_mq_getsetattr(d,s) ((void)0) #define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; }) #define audit_log_capset(pid, ncr, ocr) ((void)0) +#define audit_log_crypto_op(op, ctx, sess, k1, id1, size1, k2, id2, size2) (0) #define audit_ptrace(t) ((void)0) #define audit_n_rules 0 #define audit_signals 0 -- cgit From 9cf934e1a057a8dc4f36a1ad8d2822fb116374dd Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Tue, 31 Aug 2010 00:19:06 +0200 Subject: Implement AUDIT_CRYPTO_KEY_VALUE --- include/linux/audit.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'include') diff --git a/include/linux/audit.h b/include/linux/audit.h index 54cb007e340..cfb33639566 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -124,6 +124,8 @@ #define AUDIT_CRYPTO_STORAGE_KEY 1600 /* Key storage key configured */ #define AUDIT_CRYPTO_USERSPACE_OP 1601 /* User-space crypto operation */ +#define AUDIT_CRYPTO_KEY_VALUE 1602 /* Public values of a key, immediatelly + follows USERSPACE_OP. */ #define AUDIT_FIRST_KERN_ANOM_MSG 1700 #define AUDIT_LAST_KERN_ANOM_MSG 1799 @@ -422,6 +424,12 @@ struct audit_field { void *lsm_rule; }; +struct audit_crypto_value { + char name; + void *value; + size_t value_size; +}; + #define AUDITSC_INVALID 0 #define AUDITSC_SUCCESS 1 #define AUDITSC_FAILURE 2 @@ -501,6 +509,8 @@ extern int __audit_log_crypto_op(int op, int context, int session, const char *operation, const char *algorithm, int key1, void *key1_id, size_t key1_id_size, int key2, void *key2_id, size_t key2_id_size); +extern void __audit_log_crypto_values(const struct audit_crypto_value *values, + size_t num_values); static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) { @@ -568,6 +578,13 @@ static inline int audit_log_crypto_op(int op, int context, int session, key2_id_size); } +static inline void audit_log_crypto_values(const struct audit_crypto_value *a, + size_t num_values) +{ + if (unlikely(!audit_dummy_context())) + __audit_log_crypto_values(a, num_values); +} + extern int audit_n_rules; extern int audit_signals; #else @@ -602,6 +619,7 @@ extern int audit_signals; #define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; }) #define audit_log_capset(pid, ncr, ocr) ((void)0) #define audit_log_crypto_op(op, ctx, sess, k1, id1, size1, k2, id2, size2) (0) +#define audit_log_crypto_values(a, values, num_values) ((void)0) #define audit_ptrace(t) ((void)0) #define audit_n_rules 0 #define audit_signals 0 -- cgit