Home
last modified time | relevance | path

Searched refs:ab (Results 1 – 23 of 23) sorted by relevance

/security/
Dlsm_audit.c184 static inline void print_ipv6_addr(struct audit_buffer *ab, in print_ipv6_addr() argument
189 audit_log_format(ab, " %s=%pI6c", name1, addr); in print_ipv6_addr()
191 audit_log_format(ab, " %s=%d", name2, ntohs(port)); in print_ipv6_addr()
194 static inline void print_ipv4_addr(struct audit_buffer *ab, __be32 addr, in print_ipv4_addr() argument
198 audit_log_format(ab, " %s=%pI4", name1, &addr); in print_ipv4_addr()
200 audit_log_format(ab, " %s=%d", name2, ntohs(port)); in print_ipv4_addr()
208 static void dump_common_audit_data(struct audit_buffer *ab, in dump_common_audit_data() argument
220 audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current)); in dump_common_audit_data()
221 audit_log_untrustedstring(ab, memcpy(comm, current->comm, sizeof(comm))); in dump_common_audit_data()
227 audit_log_format(ab, " key=%d ", a->u.ipc_id); in dump_common_audit_data()
[all …]
/security/apparmor/
Dipc.c26 static void audit_ptrace_mask(struct audit_buffer *ab, u32 mask) in audit_ptrace_mask() argument
30 audit_log_string(ab, "read"); in audit_ptrace_mask()
33 audit_log_string(ab, "trace"); in audit_ptrace_mask()
36 audit_log_string(ab, "readby"); in audit_ptrace_mask()
39 audit_log_string(ab, "tracedby"); in audit_ptrace_mask()
45 static void audit_ptrace_cb(struct audit_buffer *ab, void *va) in audit_ptrace_cb() argument
50 audit_log_format(ab, " requested_mask="); in audit_ptrace_cb()
51 audit_ptrace_mask(ab, aad(sa)->request); in audit_ptrace_cb()
54 audit_log_format(ab, " denied_mask="); in audit_ptrace_cb()
55 audit_ptrace_mask(ab, aad(sa)->denied); in audit_ptrace_cb()
[all …]
Daudit.c55 static void audit_pre(struct audit_buffer *ab, void *ca) in audit_pre() argument
60 audit_log_format(ab, "apparmor="); in audit_pre()
61 audit_log_string(ab, aa_audit_type[aad(sa)->type]); in audit_pre()
65 audit_log_format(ab, " operation="); in audit_pre()
66 audit_log_string(ab, aad(sa)->op); in audit_pre()
70 audit_log_format(ab, " info="); in audit_pre()
71 audit_log_string(ab, aad(sa)->info); in audit_pre()
73 audit_log_format(ab, " error=%d", aad(sa)->error); in audit_pre()
83 audit_log_format(ab, " namespace="); in audit_pre()
84 audit_log_untrustedstring(ab, in audit_pre()
[all …]
Dmount.c27 static void audit_mnt_flags(struct audit_buffer *ab, unsigned long flags) in audit_mnt_flags() argument
30 audit_log_format(ab, "ro"); in audit_mnt_flags()
32 audit_log_format(ab, "rw"); in audit_mnt_flags()
34 audit_log_format(ab, ", nosuid"); in audit_mnt_flags()
36 audit_log_format(ab, ", nodev"); in audit_mnt_flags()
38 audit_log_format(ab, ", noexec"); in audit_mnt_flags()
40 audit_log_format(ab, ", sync"); in audit_mnt_flags()
42 audit_log_format(ab, ", remount"); in audit_mnt_flags()
44 audit_log_format(ab, ", mand"); in audit_mnt_flags()
46 audit_log_format(ab, ", dirsync"); in audit_mnt_flags()
[all …]
Dnet.c71 void audit_net_cb(struct audit_buffer *ab, void *va) in audit_net_cb() argument
75 audit_log_format(ab, " family="); in audit_net_cb()
77 audit_log_string(ab, address_family_names[sa->u.net->family]); in audit_net_cb()
79 audit_log_format(ab, "\"unknown(%d)\"", sa->u.net->family); in audit_net_cb()
80 audit_log_format(ab, " sock_type="); in audit_net_cb()
82 audit_log_string(ab, sock_type_names[aad(sa)->net.type]); in audit_net_cb()
84 audit_log_format(ab, "\"unknown(%d)\"", aad(sa)->net.type); in audit_net_cb()
85 audit_log_format(ab, " protocol=%d", aad(sa)->net.protocol); in audit_net_cb()
88 audit_log_format(ab, " requested_mask="); in audit_net_cb()
89 aa_audit_perm_mask(ab, aad(sa)->request, NULL, 0, in audit_net_cb()
[all …]
Dlib.c221 void aa_audit_perm_names(struct audit_buffer *ab, const char * const *names, in aa_audit_perm_names() argument
230 audit_log_format(ab, fmt, names[i]); in aa_audit_perm_names()
239 void aa_audit_perm_mask(struct audit_buffer *ab, u32 mask, const char *chrs, in aa_audit_perm_mask() argument
244 audit_log_format(ab, "\""); in aa_audit_perm_mask()
248 audit_log_format(ab, "%s", str); in aa_audit_perm_mask()
250 audit_log_format(ab, " "); in aa_audit_perm_mask()
253 aa_audit_perm_names(ab, names, mask & namesmask); in aa_audit_perm_mask()
254 audit_log_format(ab, "\""); in aa_audit_perm_mask()
262 static void aa_audit_perms_cb(struct audit_buffer *ab, void *va) in aa_audit_perms_cb() argument
267 audit_log_format(ab, " requested_mask="); in aa_audit_perms_cb()
[all …]
Dfile.c42 static void audit_file_mask(struct audit_buffer *ab, u32 mask) in audit_file_mask() argument
48 audit_log_string(ab, str); in audit_file_mask()
56 static void file_audit_cb(struct audit_buffer *ab, void *va) in file_audit_cb() argument
62 audit_log_format(ab, " requested_mask="); in file_audit_cb()
63 audit_file_mask(ab, aad(sa)->request); in file_audit_cb()
66 audit_log_format(ab, " denied_mask="); in file_audit_cb()
67 audit_file_mask(ab, aad(sa)->denied); in file_audit_cb()
70 audit_log_format(ab, " fsuid=%d", in file_audit_cb()
72 audit_log_format(ab, " ouid=%d", in file_audit_cb()
77 audit_log_format(ab, " target="); in file_audit_cb()
[all …]
Dresource.c30 static void audit_cb(struct audit_buffer *ab, void *va) in audit_cb() argument
34 audit_log_format(ab, " rlimit=%s value=%lu", in audit_cb()
37 audit_log_format(ab, " peer="); in audit_cb()
38 aa_label_xaudit(ab, labels_ns(aad(sa)->label), aad(sa)->peer, in audit_cb()
Dcapability.c44 static void audit_cb(struct audit_buffer *ab, void *va) in audit_cb() argument
48 audit_log_format(ab, " capname="); in audit_cb()
49 audit_log_untrustedstring(ab, capability_names[sa->u.cap]); in audit_cb()
Dpolicy_unpack.c77 static void audit_cb(struct audit_buffer *ab, void *va) in audit_cb() argument
82 audit_log_format(ab, " ns="); in audit_cb()
83 audit_log_untrustedstring(ab, aad(sa)->iface.ns); in audit_cb()
86 audit_log_format(ab, " name="); in audit_cb()
87 audit_log_untrustedstring(ab, aad(sa)->name); in audit_cb()
90 audit_log_format(ab, " offset=%ld", aad(sa)->iface.pos); in audit_cb()
Dlabel.c1707 void aa_label_xaudit(struct audit_buffer *ab, struct aa_ns *ns, in aa_label_xaudit() argument
1714 AA_BUG(!ab); in aa_label_xaudit()
1730 audit_log_n_hex(ab, str, len); in aa_label_xaudit()
1732 audit_log_n_string(ab, str, len); in aa_label_xaudit()
1784 void aa_label_audit(struct audit_buffer *ab, struct aa_label *label, gfp_t gfp) in aa_label_audit() argument
1788 aa_label_xaudit(ab, ns, label, FLAG_VIEW_SUBNS, gfp); in aa_label_audit()
Dpolicy.c596 static void audit_cb(struct audit_buffer *ab, void *va) in audit_cb() argument
601 audit_log_format(ab, " ns="); in audit_cb()
602 audit_log_untrustedstring(ab, aad(sa)->iface.ns); in audit_cb()
/security/integrity/
Dintegrity_audit.c32 struct audit_buffer *ab; in integrity_audit_msg() local
38 ab = audit_log_start(audit_context(), GFP_KERNEL, audit_msgno); in integrity_audit_msg()
39 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u", in integrity_audit_msg()
44 audit_log_task_context(ab); in integrity_audit_msg()
45 audit_log_format(ab, " op=%s cause=%s comm=", op, cause); in integrity_audit_msg()
46 audit_log_untrustedstring(ab, get_task_comm(name, current)); in integrity_audit_msg()
48 audit_log_format(ab, " name="); in integrity_audit_msg()
49 audit_log_untrustedstring(ab, fname); in integrity_audit_msg()
52 audit_log_format(ab, " dev="); in integrity_audit_msg()
53 audit_log_untrustedstring(ab, inode->i_sb->s_id); in integrity_audit_msg()
[all …]
/security/integrity/evm/
Devm_secfs.c179 struct audit_buffer *ab; in evm_write_xattrs() local
192 ab = audit_log_start(audit_context(), GFP_KERNEL, in evm_write_xattrs()
194 if (!ab) in evm_write_xattrs()
215 audit_log_format(ab, "xattr="); in evm_write_xattrs()
216 audit_log_untrustedstring(ab, xattr->name); in evm_write_xattrs()
249 audit_log_format(ab, " res=0"); in evm_write_xattrs()
250 audit_log_end(ab); in evm_write_xattrs()
253 audit_log_format(ab, " res=%d", err); in evm_write_xattrs()
254 audit_log_end(ab); in evm_write_xattrs()
/security/integrity/ima/
Dima_policy.c832 static void ima_log_string_op(struct audit_buffer *ab, char *key, char *value, in ima_log_string_op() argument
835 if (!ab) in ima_log_string_op()
839 audit_log_format(ab, "%s>", key); in ima_log_string_op()
841 audit_log_format(ab, "%s<", key); in ima_log_string_op()
843 audit_log_format(ab, "%s=", key); in ima_log_string_op()
844 audit_log_format(ab, "%s ", value); in ima_log_string_op()
846 static void ima_log_string(struct audit_buffer *ab, char *key, char *value) in ima_log_string() argument
848 ima_log_string_op(ab, key, value, NULL); in ima_log_string()
885 struct audit_buffer *ab; in ima_parse_rule() local
892 ab = integrity_audit_log_start(audit_context(), GFP_KERNEL, in ima_parse_rule()
[all …]
Dima_api.c340 struct audit_buffer *ab; in ima_audit_measurement() local
356 ab = audit_log_start(audit_context(), GFP_KERNEL, in ima_audit_measurement()
358 if (!ab) in ima_audit_measurement()
361 audit_log_format(ab, "file="); in ima_audit_measurement()
362 audit_log_untrustedstring(ab, filename); in ima_audit_measurement()
363 audit_log_format(ab, " hash=\"%s:%s\"", algo_name, hash); in ima_audit_measurement()
365 audit_log_task_info(ab); in ima_audit_measurement()
366 audit_log_end(ab); in ima_audit_measurement()
/security/smack/
Dsmack_access.c312 static void smack_log_callback(struct audit_buffer *ab, void *a) in smack_log_callback() argument
316 audit_log_format(ab, "lsm=SMACK fn=%s action=%s", in smack_log_callback()
319 audit_log_format(ab, " subject="); in smack_log_callback()
320 audit_log_untrustedstring(ab, sad->subject); in smack_log_callback()
321 audit_log_format(ab, " object="); in smack_log_callback()
322 audit_log_untrustedstring(ab, sad->object); in smack_log_callback()
324 audit_log_format(ab, " labels_differ"); in smack_log_callback()
326 audit_log_format(ab, " requested=%s", sad->request); in smack_log_callback()
/security/selinux/
Davc.c663 static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) in avc_audit_pre_callback() argument
671 audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted"); in avc_audit_pre_callback()
674 audit_log_format(ab, " null"); in avc_audit_pre_callback()
680 audit_log_format(ab, " {"); in avc_audit_pre_callback()
685 audit_log_format(ab, " %s", perms[i]); in avc_audit_pre_callback()
693 audit_log_format(ab, " 0x%x", av); in avc_audit_pre_callback()
695 audit_log_format(ab, " } for "); in avc_audit_pre_callback()
704 static void avc_audit_post_callback(struct audit_buffer *ab, void *a) in avc_audit_post_callback() argument
715 audit_log_format(ab, " ssid=%d", sad->ssid); in avc_audit_post_callback()
717 audit_log_format(ab, " scontext=%s", scontext); in avc_audit_post_callback()
[all …]
Dhooks.c3172 struct audit_buffer *ab; in selinux_inode_setxattr() local
3187 ab = audit_log_start(audit_context(), in selinux_inode_setxattr()
3189 audit_log_format(ab, "op=setxattr invalid_context="); in selinux_inode_setxattr()
3190 audit_log_n_untrustedstring(ab, value, audit_size); in selinux_inode_setxattr()
3191 audit_log_end(ab); in selinux_inode_setxattr()
6362 struct audit_buffer *ab; in selinux_setprocattr() local
6371 ab = audit_log_start(audit_context(), in selinux_setprocattr()
6374 audit_log_format(ab, "op=fscreate invalid_context="); in selinux_setprocattr()
6375 audit_log_n_untrustedstring(ab, value, audit_size); in selinux_setprocattr()
6376 audit_log_end(ab); in selinux_setprocattr()
/security/apparmor/include/
Dperms.h138 void aa_audit_perm_names(struct audit_buffer *ab, const char * const *names,
140 void aa_audit_perm_mask(struct audit_buffer *ab, u32 mask, const char *chrs,
Dnet.h91 void audit_net_cb(struct audit_buffer *ab, void *va);
Dlabel.h316 void aa_label_xaudit(struct audit_buffer *ab, struct aa_ns *ns,
322 void aa_label_audit(struct audit_buffer *ab, struct aa_label *label, gfp_t gfp);
/security/selinux/ss/
Dservices.c462 struct audit_buffer *ab; in security_dump_masked_av() local
498 ab = audit_log_start(audit_context(), in security_dump_masked_av()
500 if (!ab) in security_dump_masked_av()
503 audit_log_format(ab, "op=security_compute_av reason=%s " in security_dump_masked_av()
513 audit_log_format(ab, "%s%s", in security_dump_masked_av()
519 audit_log_end(ab); in security_dump_masked_av()
1632 struct audit_buffer *ab; in compute_sid_handle_invalid_context() local
1640 ab = audit_log_start(audit_context(), GFP_ATOMIC, AUDIT_SELINUX_ERR); in compute_sid_handle_invalid_context()
1641 audit_log_format(ab, in compute_sid_handle_invalid_context()
1644 audit_log_n_untrustedstring(ab, n, nlen - 1); in compute_sid_handle_invalid_context()
[all …]