err.no Git - linux-2.6/blob - drivers/char/tty_audit.c

   1 /*
   2  * Creating audit events from TTY input.
   3  *
   4  * Copyright (C) 2007 Red Hat, Inc.  All rights reserved.  This copyrighted
   5  * material is made available to anyone wishing to use, modify, copy, or
   6  * redistribute it subject to the terms and conditions of the GNU General
   7  * Public License v.2.
   8  *
   9  * Authors: Miloslav Trmac <mitr@redhat.com>
  10  */
  11
  12 #include <linux/audit.h>
  13 #include <linux/file.h>
  14 #include <linux/tty.h>
  15
  16 struct tty_audit_buf {
  17         atomic_t count;
  18         struct mutex mutex;     /* Protects all data below */
  19         int major, minor;       /* The TTY which the data is from */
  20         unsigned icanon:1;
  21         size_t valid;
  22         unsigned char *data;    /* Allocated size N_TTY_BUF_SIZE */
  23 };
  24
  25 static struct tty_audit_buf *tty_audit_buf_alloc(int major, int minor,
  26                                                  int icanon)
  27 {
  28         struct tty_audit_buf *buf;
  29
  30         buf = kmalloc(sizeof(*buf), GFP_KERNEL);
  31         if (!buf)
  32                 goto err;
  33         if (PAGE_SIZE != N_TTY_BUF_SIZE)
  34                 buf->data = kmalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
  35         else
  36                 buf->data = (unsigned char *)__get_free_page(GFP_KERNEL);
  37         if (!buf->data)
  38                 goto err_buf;
  39         atomic_set(&buf->count, 1);
  40         mutex_init(&buf->mutex);
  41         buf->major = major;
  42         buf->minor = minor;
  43         buf->icanon = icanon;
  44         buf->valid = 0;
  45         return buf;
  46
  47 err_buf:
  48         kfree(buf);
  49 err:
  50         return NULL;
  51 }
  52
  53 static void tty_audit_buf_free(struct tty_audit_buf *buf)
  54 {
  55         WARN_ON(buf->valid != 0);
  56         if (PAGE_SIZE != N_TTY_BUF_SIZE)
  57                 kfree(buf->data);
  58         else
  59                 free_page((unsigned long)buf->data);
  60         kfree(buf);
  61 }
  62
  63 static void tty_audit_buf_put(struct tty_audit_buf *buf)
  64 {
  65         if (atomic_dec_and_test(&buf->count))
  66                 tty_audit_buf_free(buf);
  67 }
  68
  69 /**
  70  *      tty_audit_buf_push      -       Push buffered data out
  71  *
  72  *      Generate an audit message from the contents of @buf, which is owned by
  73  *      @tsk with @loginuid.  @buf->mutex must be locked.
  74  */
  75 static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
  76                                unsigned int sessionid,
  77                                struct tty_audit_buf *buf)
  78 {
  79         struct audit_buffer *ab;
  80
  81         if (buf->valid == 0)
  82                 return;
  83         if (audit_enabled == 0)
  84                 return;
  85         ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY);
  86         if (ab) {
  87                 char name[sizeof(tsk->comm)];
  88
  89                 audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u "
  90                                  "major=%d minor=%d comm=", tsk->pid, tsk->uid,
  91                                  loginuid, sessionid, buf->major, buf->minor);
  92                 get_task_comm(name, tsk);
  93                 audit_log_untrustedstring(ab, name);
  94                 audit_log_format(ab, " data=");
  95                 audit_log_n_untrustedstring(ab, buf->valid, buf->data);
  96                 audit_log_end(ab);
  97         }
  98         buf->valid = 0;
  99 }
 100
 101 /**
 102  *      tty_audit_buf_push_current      -       Push buffered data out
 103  *
 104  *      Generate an audit message from the contents of @buf, which is owned by
 105  *      the current task.  @buf->mutex must be locked.
 106  */
 107 static void tty_audit_buf_push_current(struct tty_audit_buf *buf)
 108 {
 109         uid_t auid = audit_get_loginuid(current);
 110         unsigned int sessionid = audit_get_sessionid(current);
 111         tty_audit_buf_push(current, auid, sessionid, buf);
 112 }
 113
 114 /**
 115  *      tty_audit_exit  -       Handle a task exit
 116  *
 117  *      Make sure all buffered data is written out and deallocate the buffer.
 118  *      Only needs to be called if current->signal->tty_audit_buf != %NULL.
 119  */
 120 void tty_audit_exit(void)
 121 {
 122         struct tty_audit_buf *buf;
 123
 124         spin_lock_irq(&current->sighand->siglock);
 125         buf = current->signal->tty_audit_buf;
 126         current->signal->tty_audit_buf = NULL;
 127         spin_unlock_irq(&current->sighand->siglock);
 128         if (!buf)
 129                 return;
 130
 131         mutex_lock(&buf->mutex);
 132         tty_audit_buf_push_current(buf);
 133         mutex_unlock(&buf->mutex);
 134
 135         tty_audit_buf_put(buf);
 136 }
 137
 138 /**
 139  *      tty_audit_fork  -       Copy TTY audit state for a new task
 140  *
 141  *      Set up TTY audit state in @sig from current.  @sig needs no locking.
 142  */
 143 void tty_audit_fork(struct signal_struct *sig)
 144 {
 145         spin_lock_irq(&current->sighand->siglock);
 146         sig->audit_tty = current->signal->audit_tty;
 147         spin_unlock_irq(&current->sighand->siglock);
 148         sig->tty_audit_buf = NULL;
 149 }
 150
 151 /**
 152  *      tty_audit_push_task     -       Flush task's pending audit data
 153  */
 154 void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)
 155 {
 156         struct tty_audit_buf *buf;
 157         /* FIXME I think this is correct.  Check against netlink once that is
 158          * I really need to read this code more closely.  But that's for
 159          * another patch.
 160          */
 161         unsigned int sessionid = audit_get_sessionid(tsk);
 162
 163         spin_lock_irq(&tsk->sighand->siglock);
 164         buf = tsk->signal->tty_audit_buf;
 165         if (buf)
 166                 atomic_inc(&buf->count);
 167         spin_unlock_irq(&tsk->sighand->siglock);
 168         if (!buf)
 169                 return;
 170
 171         mutex_lock(&buf->mutex);
 172         tty_audit_buf_push(tsk, loginuid, sessionid, buf);
 173         mutex_unlock(&buf->mutex);
 174
 175         tty_audit_buf_put(buf);
 176 }
 177
 178 /**
 179  *      tty_audit_buf_get       -       Get an audit buffer.
 180  *
 181  *      Get an audit buffer for @tty, allocate it if necessary.  Return %NULL
 182  *      if TTY auditing is disabled or out of memory.  Otherwise, return a new
 183  *      reference to the buffer.
 184  */
 185 static struct tty_audit_buf *tty_audit_buf_get(struct tty_struct *tty)
 186 {
 187         struct tty_audit_buf *buf, *buf2;
 188
 189         buf = NULL;
 190         buf2 = NULL;
 191         spin_lock_irq(&current->sighand->siglock);
 192         if (likely(!current->signal->audit_tty))
 193                 goto out;
 194         buf = current->signal->tty_audit_buf;
 195         if (buf) {
 196                 atomic_inc(&buf->count);
 197                 goto out;
 198         }
 199         spin_unlock_irq(&current->sighand->siglock);
 200
 201         buf2 = tty_audit_buf_alloc(tty->driver->major,
 202                                    tty->driver->minor_start + tty->index,
 203                                    tty->icanon);
 204         if (buf2 == NULL) {
 205                 audit_log_lost("out of memory in TTY auditing");
 206                 return NULL;
 207         }
 208
 209         spin_lock_irq(&current->sighand->siglock);
 210         if (!current->signal->audit_tty)
 211                 goto out;
 212         buf = current->signal->tty_audit_buf;
 213         if (!buf) {
 214                 current->signal->tty_audit_buf = buf2;
 215                 buf = buf2;
 216                 buf2 = NULL;
 217         }
 218         atomic_inc(&buf->count);
 219         /* Fall through */
 220  out:
 221         spin_unlock_irq(&current->sighand->siglock);
 222         if (buf2)
 223                 tty_audit_buf_free(buf2);
 224         return buf;
 225 }
 226
 227 /**
 228  *      tty_audit_add_data      -       Add data for TTY auditing.
 229  *
 230  *      Audit @data of @size from @tty, if necessary.
 231  */
 232 void tty_audit_add_data(struct tty_struct *tty, unsigned char *data,
 233                         size_t size)
 234 {
 235         struct tty_audit_buf *buf;
 236         int major, minor;
 237
 238         if (unlikely(size == 0))
 239                 return;
 240
 241         buf = tty_audit_buf_get(tty);
 242         if (!buf)
 243                 return;
 244
 245         mutex_lock(&buf->mutex);
 246         major = tty->driver->major;
 247         minor = tty->driver->minor_start + tty->index;
 248         if (buf->major != major || buf->minor != minor
 249             || buf->icanon != tty->icanon) {
 250                 tty_audit_buf_push_current(buf);
 251                 buf->major = major;
 252                 buf->minor = minor;
 253                 buf->icanon = tty->icanon;
 254         }
 255         do {
 256                 size_t run;
 257
 258                 run = N_TTY_BUF_SIZE - buf->valid;
 259                 if (run > size)
 260                         run = size;
 261                 memcpy(buf->data + buf->valid, data, run);
 262                 buf->valid += run;
 263                 data += run;
 264                 size -= run;
 265                 if (buf->valid == N_TTY_BUF_SIZE)
 266                         tty_audit_buf_push_current(buf);
 267         } while (size != 0);
 268         mutex_unlock(&buf->mutex);
 269         tty_audit_buf_put(buf);
 270 }
 271
 272 /**
 273  *      tty_audit_push  -       Push buffered data out
 274  *
 275  *      Make sure no audit data is pending for @tty on the current process.
 276  */
 277 void tty_audit_push(struct tty_struct *tty)
 278 {
 279         struct tty_audit_buf *buf;
 280
 281         spin_lock_irq(&current->sighand->siglock);
 282         if (likely(!current->signal->audit_tty)) {
 283                 spin_unlock_irq(&current->sighand->siglock);
 284                 return;
 285         }
 286         buf = current->signal->tty_audit_buf;
 287         if (buf)
 288                 atomic_inc(&buf->count);
 289         spin_unlock_irq(&current->sighand->siglock);
 290
 291         if (buf) {
 292                 int major, minor;
 293
 294                 major = tty->driver->major;
 295                 minor = tty->driver->minor_start + tty->index;
 296                 mutex_lock(&buf->mutex);
 297                 if (buf->major == major && buf->minor == minor)
 298                         tty_audit_buf_push_current(buf);
 299                 mutex_unlock(&buf->mutex);
 300                 tty_audit_buf_put(buf);
 301         }
 302 }
 303
 304 /**
 305  *      tty_audit_opening       -       A TTY is being opened.
 306  *
 307  *      As a special hack, tasks that close all their TTYs and open new ones
 308  *      are assumed to be system daemons (e.g. getty) and auditing is
 309  *      automatically disabled for them.
 310  */
 311 void tty_audit_opening(void)
 312 {
 313         int disable;
 314
 315         disable = 1;
 316         spin_lock_irq(&current->sighand->siglock);
 317         if (current->signal->audit_tty == 0)
 318                 disable = 0;
 319         spin_unlock_irq(&current->sighand->siglock);
 320         if (!disable)
 321                 return;
 322
 323         task_lock(current);
 324         if (current->files) {
 325                 struct fdtable *fdt;
 326                 unsigned i;
 327
 328                 /*
 329                  * We don't take a ref to the file, so we must hold ->file_lock
 330                  * instead.
 331                  */
 332                 spin_lock(&current->files->file_lock);
 333                 fdt = files_fdtable(current->files);
 334                 for (i = 0; i < fdt->max_fds; i++) {
 335                         struct file *filp;
 336
 337                         filp = fcheck_files(current->files, i);
 338                         if (filp && is_tty(filp)) {
 339                                 disable = 0;
 340                                 break;
 341                         }
 342                 }
 343                 spin_unlock(&current->files->file_lock);
 344         }
 345         task_unlock(current);
 346         if (!disable)
 347                 return;
 348
 349         spin_lock_irq(&current->sighand->siglock);
 350         current->signal->audit_tty = 0;
 351         spin_unlock_irq(&current->sighand->siglock);
 352 }