Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\lsm_audit.c Create Date:2022-07-28 19:31:06
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:dump_common_audit_data - helper to dump common audit data*@a : common audit data

Proto:static void dump_common_audit_data(struct audit_buffer *ab, struct common_audit_data *a)

Type:void

Parameter:

TypeParameterName
struct audit_buffer *ab
struct common_audit_data *a
218  BUILD_BUG_ON - break compile if a condition is true( size of u > size of * * 2)
220  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
221  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
224  Case type == LSM_AUDIT_DATA_NONE
225  Return
226  Case type == LSM_AUDIT_DATA_IPC
227  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
228  Break
229  Case type == LSM_AUDIT_DATA_CAP
230  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
231  Break
232  Case type == LSM_AUDIT_DATA_PATH
235  This is a helper-function to print the escaped d_path
237  inode = d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper
238  If inode Then
239  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
240  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
241  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
243  Break
245  Case type == LSM_AUDIT_DATA_FILE
248  This is a helper-function to print the escaped d_path
250  inode = file_inode(file)
251  If inode Then
252  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
253  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
254  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
256  Break
258  Case type == LSM_AUDIT_DATA_IOCTL_OP
261  This is a helper-function to print the escaped d_path
263  inode = Where the name belongs to - NULL is * negative
264  If inode Then
265  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
266  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
267  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
270  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
271  Break
273  Case type == LSM_AUDIT_DATA_DENTRY
276  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
277  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
279  inode = d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper
280  If inode Then
281  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
282  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
283  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
285  Break
287  Case type == LSM_AUDIT_DATA_INODE
291  inode = inode
292  dentry = grab a hashed alias of inode
293  If dentry Then
294  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
295  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
297  dput(dentry)
299  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
300  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
301  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
302  Break
304  Case type == LSM_AUDIT_DATA_TASK
305  tsk = tsk
306  If tsk Then
307  pid = task_tgid_nr(tsk)
308  If pid Then
315  Break
317  Case type == LSM_AUDIT_DATA_NET
318  If sk Then
319  sk = sk
322  len = 0
323  char * p = NULL
326  Case sk_family == Internet IP Protocol
327  inet = inet_sk(sk)
329  print_ipv4_addr(ab, inet_rcv_saddr, inet_sport, "laddr", "lport")
332  print_ipv4_addr(ab, inet_daddr, inet_dport, "faddr", "fport")
335  Break
338  Case sk_family == IP version 6
339  inet = inet_sk(sk)
341  print_ipv6_addr(ab, & sk_v6_rcv_saddr, inet_sport, "laddr", "lport")
344  print_ipv6_addr(ab, & sk_v6_daddr, inet_dport, "faddr", "fport")
347  Break
350  Case sk_family == Unix domain sockets
351  u = unix_sk(sk)
352  addr = smp_load_acquire( & addr)
353  If Not addr Then Break
355  If dentry Then
356  This is a helper-function to print the escaped d_path
357  Break
359  len = len - sizeof(short)
360  p = pathname [0]
361  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
362  If p Then audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
364  Else audit_log_n_hex - convert a buffer to hex and append it to the audit skb*@ab: the audit_buffer*@buf: buffer to convert to hex*@len: length of @buf to be converted* No return value; failure to expand is silently ignored
366  Break
371  Case family == Internet IP Protocol
372  print_ipv4_addr(ab, saddr, sport, "saddr", "src")
375  print_ipv4_addr(ab, daddr, dport, "daddr", "dest")
378  Break
379  Case family == IP version 6
380  print_ipv6_addr(ab, & saddr, sport, "saddr", "src")
383  print_ipv6_addr(ab, & daddr, dport, "daddr", "dest")
386  Break
388  If netif > 0 Then
392  dev = find a device by its ifindex
393  If dev Then
398  Break
400  Case type == LSM_AUDIT_DATA_KEY
401  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
402  If key_desc Then
403  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
404  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
406  Break
408  Case type == LSM_AUDIT_DATA_KMOD
409  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
410  audit_log_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@string: string to be logged* Same as audit_log_n_untrustedstring(), except that strlen is used to* determine string length.
411  Break
412  Case type == LSM_AUDIT_DATA_IBPKEY
415  memset( & s6_addr, 0, size of s6_addr )
417  memcpy( & s6_addr, & subnet_prefix, size of subnet_prefix )
419  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
421  Break
423  Case type == LSM_AUDIT_DATA_IBENDPORT
424  audit_log_format - format a message into the audit buffer.*@ab: audit_buffer*@fmt: format string*@...: optional parameters matching @fmt string* All the work is done in audit_log_vformat.
427  Break
Caller
NameDescribe
common_lsm_auditmmon_lsm_audit - generic LSM auditing function*@a: auxiliary audit data*@pre_audit: lsm-specific pre-audit callback*@post_audit: lsm-specific post-audit callback* setup the audit buffer for common security information* uses callback to print LSM specific