231 static void __ad_net_init(struct common_audit_data *ad,
235 	ad->type = LSM_AUDIT_DATA_NET;
236 	ad->u.net = net;
242 static void ad_net_init_from_sk(struct common_audit_data *ad,
246 	__ad_net_init(ad, net, 0, sk, 0);
249 static void ad_net_init_from_iif(struct common_audit_data *ad,
253 	__ad_net_init(ad, net, ifindex, NULL, family);
1622 	struct common_audit_data ad;
1629 	ad.type = LSM_AUDIT_DATA_CAP;
1630 	ad.u.cap = cap;
1647 		int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad);
1682 	struct common_audit_data ad;
1684 	ad.type = LSM_AUDIT_DATA_DENTRY;
1685 	ad.u.dentry = dentry;
1687 	return inode_has_perm(cred, inode, av, &ad);
1698 	struct common_audit_data ad;
1700 	ad.type = LSM_AUDIT_DATA_PATH;
1701 	ad.u.path = *path;
1703 	return inode_has_perm(cred, inode, av, &ad);
1711 	struct common_audit_data ad;
1713 	ad.type = LSM_AUDIT_DATA_FILE;
1714 	ad.u.file = file;
1715 	return inode_has_perm(cred, file_inode(file), av, &ad);
1736 	struct common_audit_data ad;
1740 	ad.type = LSM_AUDIT_DATA_FILE;
1741 	ad.u.file = file;
1747 				  &ad);
1761 		rc = inode_has_perm(cred, inode, av, &ad);
1804 	struct common_audit_data ad;
1812 	ad.type = LSM_AUDIT_DATA_DENTRY;
1813 	ad.u.dentry = dentry;
1817 			  &ad);
1826 	rc = avc_has_perm(sid, newsid, tclass, FILE__CREATE, &ad);
1832 			    FILESYSTEM__ASSOCIATE, &ad);
1846 	struct common_audit_data ad;
1854 	ad.type = LSM_AUDIT_DATA_DENTRY;
1855 	ad.u.dentry = dentry;
1859 	rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, av, &ad);
1879 	rc = avc_has_perm(sid, isec->sid, isec->sclass, av, &ad);
1889 	struct common_audit_data ad;
1900 	ad.type = LSM_AUDIT_DATA_DENTRY;
1902 	ad.u.dentry = old_dentry;
1904 			  DIR__REMOVE_NAME | DIR__SEARCH, &ad);
1908 			  old_isec->sclass, FILE__RENAME, &ad);
1913 				  old_isec->sclass, DIR__REPARENT, &ad);
1918 	ad.u.dentry = new_dentry;
1922 	rc = avc_has_perm(sid, new_dsec->sid, SECCLASS_DIR, av, &ad);
1930 				  (new_is_dir ? DIR__RMDIR : FILE__UNLINK), &ad);
1942 			       struct common_audit_data *ad)
1948 	return avc_has_perm(sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad);
2061 	struct common_audit_data ad;
2064 	ad.type = LSM_AUDIT_DATA_PATH;
2065 	ad.u.path = file->f_path;
2071 				  &ad);
2087 			    &ad);
2298 	struct common_audit_data ad;
2357 	ad.type = LSM_AUDIT_DATA_FILE;
2358 	ad.u.file = bprm->file;
2362 				  SECCLASS_FILE, FILE__EXECUTE_NO_TRANS, &ad);
2368 				  SECCLASS_PROCESS, PROCESS__TRANSITION, &ad);
2373 				  SECCLASS_FILE, FILE__ENTRYPOINT, &ad);
2740 	struct common_audit_data ad;
2742 	ad.type = LSM_AUDIT_DATA_DENTRY;
2743 	ad.u.dentry = sb->s_root;
2744 	return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);
2750 	struct common_audit_data ad;
2752 	ad.type = LSM_AUDIT_DATA_DENTRY;
2753 	ad.u.dentry = dentry->d_sb->s_root;
2754 	return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);
2965 	struct common_audit_data ad;
3005 	ad.type = LSM_AUDIT_DATA_ANONINODE;
3006 	ad.u.anonclass = name ? (const char *)name->name : "?";
3012 			    &ad);
3066 	struct common_audit_data ad;
3070 	ad.type = LSM_AUDIT_DATA_DENTRY;
3071 	ad.u.dentry = dentry;
3076 	return avc_has_perm(sid, isec->sid, isec->sclass, FILE__READ, &ad);
3083 	struct common_audit_data ad;
3086 	ad.type = LSM_AUDIT_DATA_INODE;
3087 	ad.u.inode = inode;
3090 			    audited, denied, result, &ad);
3187 	struct common_audit_data ad;
3211 	ad.type = LSM_AUDIT_DATA_DENTRY;
3212 	ad.u.dentry = dentry;
3216 			  FILE__RELABELFROM, &ad);
3256 			  FILE__RELABELTO, &ad);
3269 			    &ad);
3372 	struct common_audit_data ad;
3374 	ad.type = LSM_AUDIT_DATA_PATH;
3375 	ad.u.path = *path;
3388 						FILESYSTEM__WATCH, &ad);
3659 	struct common_audit_data ad;
3669 	ad.type = LSM_AUDIT_DATA_IOCTL_OP;
3670 	ad.u.op = &ioctl;
3671 	ad.u.op->cmd = cmd;
3672 	ad.u.op->path = file->f_path;
3678 				&ad);
3688 				    requested, driver, xperm, &ad);
3824 	struct common_audit_data ad;
3828 		ad.type = LSM_AUDIT_DATA_FILE;
3829 		ad.u.file = file;
3831 				    FILE__MAP, &ad);
4070 	struct common_audit_data ad;
4072 	ad.type = LSM_AUDIT_DATA_KMOD;
4073 	ad.u.kmod_name = kmod_name;
4076 			    SYSTEM__MODULE_REQUEST, &ad);
4081 	struct common_audit_data ad;
4094 	ad.type = LSM_AUDIT_DATA_FILE;
4095 	ad.u.file = file;
4099 		rc = avc_has_perm(sid, fsec->sid, SECCLASS_FD, FD__USE, &ad);
4106 				SYSTEM__MODULE_LOAD, &ad);
4276 			struct common_audit_data *ad, u8 *proto)
4290 	ad->u.net->v4info.saddr = ih->saddr;
4291 	ad->u.net->v4info.daddr = ih->daddr;
4309 		ad->u.net->sport = th->source;
4310 		ad->u.net->dport = th->dest;
4325 		ad->u.net->sport = uh->source;
4326 		ad->u.net->dport = uh->dest;
4341 		ad->u.net->sport = dh->dccph_sport;
4342 		ad->u.net->dport = dh->dccph_dport;
4358 		ad->u.net->sport = sh->source;
4359 		ad->u.net->dport = sh->dest;
4374 			struct common_audit_data *ad, u8 *proto)
4386 	ad->u.net->v6info.saddr = ip6->saddr;
4387 	ad->u.net->v6info.daddr = ip6->daddr;
4407 		ad->u.net->sport = th->source;
4408 		ad->u.net->dport = th->dest;
4419 		ad->u.net->sport = uh->source;
4420 		ad->u.net->dport = uh->dest;
4431 		ad->u.net->sport = dh->dccph_sport;
4432 		ad->u.net->dport = dh->dccph_dport;
4444 		ad->u.net->sport = sh->source;
4445 		ad->u.net->dport = sh->dest;
4459 static int selinux_parse_skb(struct sk_buff *skb, struct common_audit_data *ad,
4465 	switch (ad->u.net->family) {
4467 		ret = selinux_parse_skb_ipv4(skb, ad, proto);
4470 		addrp = (char *)(src ? &ad->u.net->v4info.saddr :
4471 				       &ad->u.net->v4info.daddr);
4476 		ret = selinux_parse_skb_ipv6(skb, ad, proto);
4479 		addrp = (char *)(src ? &ad->u.net->v6info.saddr :
4480 				       &ad->u.net->v6info.daddr);
4583 	struct common_audit_data ad;
4604 	ad_net_init_from_sk(&ad, &net, sk);
4607 			    &ad);
4694 		struct common_audit_data ad;
4746 		ad.type = LSM_AUDIT_DATA_NET;
4747 		ad.u.net = &net;
4748 		ad.u.net->sport = htons(snum);
4749 		ad.u.net->family = family_sa;
4764 						   SOCKET__NAME_BIND, &ad);
4797 			ad.u.net->v4info.saddr = addr4->sin_addr.s_addr;
4799 			ad.u.net->v6info.saddr = addr6->sin6_addr;
4802 				   sksec->sclass, node_perm, &ad);
4844 		struct common_audit_data ad;
4895 		ad.type = LSM_AUDIT_DATA_NET;
4896 		ad.u.net = &net;
4897 		ad.u.net->dport = htons(snum);
4898 		ad.u.net->family = address->sa_family;
4899 		err = avc_has_perm(sksec->sid, sid, sksec->sclass, perm, &ad);
5003 	struct common_audit_data ad;
5007 	ad_net_init_from_sk(&ad, &net, other);
5011 			   UNIX_STREAM_SOCKET__CONNECTTO, &ad);
5033 	struct common_audit_data ad;
5036 	ad_net_init_from_sk(&ad, &net, other->sk);
5039 			    &ad);
5044 				    struct common_audit_data *ad)
5054 			   SECCLASS_NETIF, NETIF__INGRESS, ad);
5062 			    SECCLASS_NODE, NODE__RECVFROM, ad);
5071 	struct common_audit_data ad;
5075 	ad_net_init_from_iif(&ad, &net, skb->skb_iif, family);
5076 	err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL);
5082 				   PACKET__RECV, &ad);
5087 	err = selinux_netlbl_sock_rcv_skb(sksec, skb, family, &ad);
5090 	err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad);
5101 	struct common_audit_data ad;
5124 	ad_net_init_from_iif(&ad, &net, skb->skb_iif, family);
5125 	err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL);
5136 					       addrp, family, peer_sid, &ad);
5142 				   PEER__RECV, &ad);
5151 				   PACKET__RECV, &ad);
5295 	struct common_audit_data ad;
5332 		ad_net_init_from_sk(&ad, &net, asoc->base.sk);
5335 				   &ad);
5670 	struct common_audit_data ad;
5687 	ad_net_init_from_iif(&ad, &net, ifindex, family);
5688 	if (selinux_parse_skb(skb, &ad, &addrp, 1, NULL) != 0)
5695 					       addrp, family, peer_sid, &ad);
5704 				 SECCLASS_PACKET, PACKET__FORWARD_IN, &ad))
5766 	struct common_audit_data ad;
5775 	ad_net_init_from_iif(&ad, &net, state->out->ifindex, state->pf);
5776 	if (selinux_parse_skb(skb, &ad, NULL, 0, &proto))
5781 				 SECCLASS_PACKET, PACKET__SEND, &ad))
5784 	if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto))
5799 	struct common_audit_data ad;
5897 	ad_net_init_from_iif(&ad, &net, ifindex, family);
5898 	if (selinux_parse_skb(skb, &ad, &addrp, 0, NULL))
5903 				 SECCLASS_PACKET, secmark_perm, &ad))
5913 				 SECCLASS_NETIF, NETIF__EGRESS, &ad))
5919 				 SECCLASS_NODE, NODE__SENDTO, &ad))
5995 	struct common_audit_data ad;
6000 	ad.type = LSM_AUDIT_DATA_IPC;
6001 	ad.u.ipc_id = ipc_perms->key;
6003 	return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad);
6020 	struct common_audit_data ad;
6026 	ad.type = LSM_AUDIT_DATA_IPC;
6027 	ad.u.ipc_id = msq->key;
6030 			    MSGQ__CREATE, &ad);
6036 	struct common_audit_data ad;
6041 	ad.type = LSM_AUDIT_DATA_IPC;
6042 	ad.u.ipc_id = msq->key;
6045 			    MSGQ__ASSOCIATE, &ad);
6080 	struct common_audit_data ad;
6101 	ad.type = LSM_AUDIT_DATA_IPC;
6102 	ad.u.ipc_id = msq->key;
6106 			  MSGQ__WRITE, &ad);
6110 				  MSG__SEND, &ad);
6114 				  MSGQ__ENQUEUE, &ad);
6125 	struct common_audit_data ad;
6132 	ad.type = LSM_AUDIT_DATA_IPC;
6133 	ad.u.ipc_id = msq->key;
6136 			  SECCLASS_MSGQ, MSGQ__READ, &ad);
6139 				  SECCLASS_MSG, MSG__RECEIVE, &ad);
6147 	struct common_audit_data ad;
6153 	ad.type = LSM_AUDIT_DATA_IPC;
6154 	ad.u.ipc_id = shp->key;
6157 			    SHM__CREATE, &ad);
6163 	struct common_audit_data ad;
6168 	ad.type = LSM_AUDIT_DATA_IPC;
6169 	ad.u.ipc_id = shp->key;
6172 			    SHM__ASSOCIATE, &ad);
6225 	struct common_audit_data ad;
6231 	ad.type = LSM_AUDIT_DATA_IPC;
6232 	ad.u.ipc_id = sma->key;
6235 			    SEM__CREATE, &ad);
6241 	struct common_audit_data ad;
6246 	ad.type = LSM_AUDIT_DATA_IPC;
6247 	ad.u.ipc_id = sma->key;
6250 			    SEM__ASSOCIATE, &ad);
6766 	struct common_audit_data ad;
6776 	ad.type = LSM_AUDIT_DATA_IBPKEY;
6779 	ad.u.ibpkey = &ibpkey;
6782 			    INFINIBAND_PKEY__ACCESS, &ad);
6788 	struct common_audit_data ad;
6800 	ad.type = LSM_AUDIT_DATA_IBENDPORT;
6803 	ad.u.ibendport = &ibendport;
6806 			    INFINIBAND_ENDPORT__MANAGE_SUBNET, &ad);
7098 	struct common_audit_data ad;
7100 	ad.type = LSM_AUDIT_DATA_FILE;
7101 	ad.u.file = file;
7104 			    SECCLASS_IO_URING, IO_URING__CMD, &ad);

Indexes created Mon May 20 13:24:45 MDT 2024