diff options
author | AKASHI Takahiro <takahiro.akashi@linaro.org> | 2014-03-15 09:48:00 +0400 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2014-03-20 18:11:35 +0400 |
commit | 4b58841149dcaa500ceba1d5378ae70622fe4899 (patch) | |
tree | 0be5b9be6b140e6250a416acff517067fb6d5efd /lib/compat_audit.c | |
parent | 7a017721283d3fd011a41884fd8e99beae8fe831 (diff) | |
download | linux-4b58841149dcaa500ceba1d5378ae70622fe4899.tar.xz |
audit: Add generic compat syscall support
lib/audit.c provides a generic function for auditing system calls.
This patch extends it for compat syscall support on bi-architectures
(32/64-bit) by adding lib/compat_audit.c.
What is required to support this feature are:
* add asm/unistd32.h for compat system call names
* select CONFIG_AUDIT_ARCH_COMPAT_GENERIC
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Acked-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'lib/compat_audit.c')
-rw-r--r-- | lib/compat_audit.c | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/lib/compat_audit.c b/lib/compat_audit.c new file mode 100644 index 000000000000..873f75b640ab --- /dev/null +++ b/lib/compat_audit.c @@ -0,0 +1,50 @@ +#include <linux/init.h> +#include <linux/types.h> +#include <asm/unistd32.h> + +unsigned compat_dir_class[] = { +#include <asm-generic/audit_dir_write.h> +~0U +}; + +unsigned compat_read_class[] = { +#include <asm-generic/audit_read.h> +~0U +}; + +unsigned compat_write_class[] = { +#include <asm-generic/audit_write.h> +~0U +}; + +unsigned compat_chattr_class[] = { +#include <asm-generic/audit_change_attr.h> +~0U +}; + +unsigned compat_signal_class[] = { +#include <asm-generic/audit_signal.h> +~0U +}; + +int audit_classify_compat_syscall(int abi, unsigned syscall) +{ + switch (syscall) { +#ifdef __NR_open + case __NR_open: + return 2; +#endif +#ifdef __NR_openat + case __NR_openat: + return 3; +#endif +#ifdef __NR_socketcall + case __NR_socketcall: + return 4; +#endif + case __NR_execve: + return 5; + default: + return 1; + } +} |