diff options
-rw-r--r-- | drivers/char/tty_audit.c | 78 | ||||
-rw-r--r-- | drivers/char/tty_io.c | 1 | ||||
-rw-r--r-- | include/linux/tty.h | 4 |
3 files changed, 66 insertions, 17 deletions
diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c index d961fa9612c4..34ab6d798f81 100644 --- a/drivers/char/tty_audit.c +++ b/drivers/char/tty_audit.c @@ -67,37 +67,45 @@ static void tty_audit_buf_put(struct tty_audit_buf *buf) tty_audit_buf_free(buf); } -/** - * tty_audit_buf_push - Push buffered data out - * - * Generate an audit message from the contents of @buf, which is owned by - * @tsk with @loginuid. @buf->mutex must be locked. - */ -static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid, - unsigned int sessionid, - struct tty_audit_buf *buf) +static void tty_audit_log(const char *description, struct task_struct *tsk, + uid_t loginuid, unsigned sessionid, int major, + int minor, unsigned char *data, size_t size) { struct audit_buffer *ab; - if (buf->valid == 0) - return; - if (audit_enabled == 0) - return; ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY); if (ab) { char name[sizeof(tsk->comm)]; uid_t uid = task_uid(tsk); - audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u " - "major=%d minor=%d comm=", + audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u " + "major=%d minor=%d comm=", description, tsk->pid, uid, loginuid, sessionid, - buf->major, buf->minor); + major, minor); get_task_comm(name, tsk); audit_log_untrustedstring(ab, name); audit_log_format(ab, " data="); - audit_log_n_hex(ab, buf->data, buf->valid); + audit_log_n_hex(ab, data, size); audit_log_end(ab); } +} + +/** + * tty_audit_buf_push - Push buffered data out + * + * Generate an audit message from the contents of @buf, which is owned by + * @tsk with @loginuid. @buf->mutex must be locked. + */ +static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid, + unsigned int sessionid, + struct tty_audit_buf *buf) +{ + if (buf->valid == 0) + return; + if (audit_enabled == 0) + return; + tty_audit_log("tty", tsk, loginuid, sessionid, buf->major, buf->minor, + buf->data, buf->valid); buf->valid = 0; } @@ -152,6 +160,42 @@ void tty_audit_fork(struct signal_struct *sig) } /** + * tty_audit_tiocsti - Log TIOCSTI + */ +void tty_audit_tiocsti(struct tty_struct *tty, char ch) +{ + struct tty_audit_buf *buf; + int major, minor, should_audit; + + spin_lock_irq(¤t->sighand->siglock); + should_audit = current->signal->audit_tty; + buf = current->signal->tty_audit_buf; + if (buf) + atomic_inc(&buf->count); + spin_unlock_irq(¤t->sighand->siglock); + + major = tty->driver->major; + minor = tty->driver->minor_start + tty->index; + if (buf) { + mutex_lock(&buf->mutex); + if (buf->major == major && buf->minor == minor) + tty_audit_buf_push_current(buf); + mutex_unlock(&buf->mutex); + tty_audit_buf_put(buf); + } + + if (should_audit && audit_enabled) { + uid_t auid; + unsigned int sessionid; + + auid = audit_get_loginuid(current); + sessionid = audit_get_sessionid(current); + tty_audit_log("ioctl=TIOCSTI", current, auid, sessionid, major, + minor, &ch, 1); + } +} + +/** * tty_audit_push_task - Flush task's pending audit data */ void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c index 1412a8d1e58d..db15f9ba7c0b 100644 --- a/drivers/char/tty_io.c +++ b/drivers/char/tty_io.c @@ -2018,6 +2018,7 @@ static int tiocsti(struct tty_struct *tty, char __user *p) return -EPERM; if (get_user(ch, p)) return -EFAULT; + tty_audit_tiocsti(tty, ch); ld = tty_ldisc_ref_wait(tty); ld->ops->receive_buf(tty, &ch, &mbz, 1); tty_ldisc_deref(ld); diff --git a/include/linux/tty.h b/include/linux/tty.h index 3b8121d4e36f..580700f20a1c 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -442,6 +442,7 @@ extern void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, size_t size); extern void tty_audit_exit(void); extern void tty_audit_fork(struct signal_struct *sig); +extern void tty_audit_tiocsti(struct tty_struct *tty, char ch); extern void tty_audit_push(struct tty_struct *tty); extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid); @@ -450,6 +451,9 @@ static inline void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, size_t size) { } +static inline void tty_audit_tiocsti(struct tty_struct *tty, char ch) +{ +} static inline void tty_audit_exit(void) { } |