Lines Matching refs:ctx
151 static int audit_match_perm(struct audit_context *ctx, int mask) in audit_match_perm() argument
155 if (unlikely(!ctx)) in audit_match_perm()
157 n = ctx->major; in audit_match_perm()
159 switch (audit_classify_syscall(ctx->arch, n)) { in audit_match_perm()
183 return mask & ACC_MODE(ctx->argv[1]); in audit_match_perm()
185 return mask & ACC_MODE(ctx->argv[2]); in audit_match_perm()
187 return ((mask & AUDIT_PERM_WRITE) && ctx->argv[0] == SYS_BIND); in audit_match_perm()
191 return mask & ACC_MODE((u32)ctx->openat2.flags); in audit_match_perm()
197 static int audit_match_filetype(struct audit_context *ctx, int val) in audit_match_filetype() argument
202 if (unlikely(!ctx)) in audit_match_filetype()
205 list_for_each_entry(n, &ctx->names_list, list) { in audit_match_filetype()
224 static void audit_set_auditable(struct audit_context *ctx) in audit_set_auditable() argument
226 if (!ctx->prio) { in audit_set_auditable()
227 ctx->prio = 1; in audit_set_auditable()
228 ctx->current_state = AUDIT_STATE_RECORD; in audit_set_auditable()
232 static int put_tree_ref(struct audit_context *ctx, struct audit_chunk *chunk) in put_tree_ref() argument
234 struct audit_tree_refs *p = ctx->trees; in put_tree_ref()
235 int left = ctx->tree_count; in put_tree_ref()
239 ctx->tree_count = left; in put_tree_ref()
247 ctx->trees = p; in put_tree_ref()
248 ctx->tree_count = 30; in put_tree_ref()
254 static int grow_tree_refs(struct audit_context *ctx) in grow_tree_refs() argument
256 struct audit_tree_refs *p = ctx->trees; in grow_tree_refs()
258 ctx->trees = kzalloc(sizeof(struct audit_tree_refs), GFP_KERNEL); in grow_tree_refs()
259 if (!ctx->trees) { in grow_tree_refs()
260 ctx->trees = p; in grow_tree_refs()
264 p->next = ctx->trees; in grow_tree_refs()
266 ctx->first_trees = ctx->trees; in grow_tree_refs()
267 ctx->tree_count = 31; in grow_tree_refs()
271 static void unroll_tree_refs(struct audit_context *ctx, in unroll_tree_refs() argument
279 p = ctx->first_trees; in unroll_tree_refs()
286 for (q = p; q != ctx->trees; q = q->next, n = 31) { in unroll_tree_refs()
292 while (n-- > ctx->tree_count) { in unroll_tree_refs()
296 ctx->trees = p; in unroll_tree_refs()
297 ctx->tree_count = count; in unroll_tree_refs()
300 static void free_tree_refs(struct audit_context *ctx) in free_tree_refs() argument
304 for (p = ctx->first_trees; p; p = q) { in free_tree_refs()
310 static int match_tree_refs(struct audit_context *ctx, struct audit_tree *tree) in match_tree_refs() argument
318 for (p = ctx->first_trees; p != ctx->trees; p = p->next) { in match_tree_refs()
325 for (n = ctx->tree_count; n < 31; n++) in match_tree_refs()
335 struct audit_context *ctx) in audit_compare_uid() argument
346 if (ctx) { in audit_compare_uid()
347 list_for_each_entry(n, &ctx->names_list, list) { in audit_compare_uid()
359 struct audit_context *ctx) in audit_compare_gid() argument
370 if (ctx) { in audit_compare_gid()
371 list_for_each_entry(n, &ctx->names_list, list) { in audit_compare_gid()
383 struct audit_context *ctx, in audit_field_compare() argument
389 return audit_compare_uid(cred->uid, name, f, ctx); in audit_field_compare()
391 return audit_compare_gid(cred->gid, name, f, ctx); in audit_field_compare()
393 return audit_compare_uid(cred->euid, name, f, ctx); in audit_field_compare()
395 return audit_compare_gid(cred->egid, name, f, ctx); in audit_field_compare()
397 return audit_compare_uid(audit_get_loginuid(tsk), name, f, ctx); in audit_field_compare()
399 return audit_compare_uid(cred->suid, name, f, ctx); in audit_field_compare()
401 return audit_compare_gid(cred->sgid, name, f, ctx); in audit_field_compare()
403 return audit_compare_uid(cred->fsuid, name, f, ctx); in audit_field_compare()
405 return audit_compare_gid(cred->fsgid, name, f, ctx); in audit_field_compare()
466 struct audit_context *ctx, in audit_filter_rules() argument
476 if (ctx && rule->prio <= ctx->prio) in audit_filter_rules()
493 if (ctx) { in audit_filter_rules()
494 if (!ctx->ppid) in audit_filter_rules()
495 ctx->ppid = task_ppid_nr(tsk); in audit_filter_rules()
496 result = audit_comparator(ctx->ppid, f->op, f->val); in audit_filter_rules()
550 if (ctx) in audit_filter_rules()
551 result = audit_comparator(ctx->arch, f->op, f->val); in audit_filter_rules()
555 if (ctx && ctx->return_valid != AUDITSC_INVALID) in audit_filter_rules()
556 result = audit_comparator(ctx->return_code, f->op, f->val); in audit_filter_rules()
559 if (ctx && ctx->return_valid != AUDITSC_INVALID) { in audit_filter_rules()
561 result = audit_comparator(ctx->return_valid, f->op, AUDITSC_SUCCESS); in audit_filter_rules()
563 result = audit_comparator(ctx->return_valid, f->op, AUDITSC_FAILURE); in audit_filter_rules()
571 } else if (ctx) { in audit_filter_rules()
572 list_for_each_entry(n, &ctx->names_list, list) { in audit_filter_rules()
586 } else if (ctx) { in audit_filter_rules()
587 list_for_each_entry(n, &ctx->names_list, list) { in audit_filter_rules()
599 else if (ctx) { in audit_filter_rules()
600 list_for_each_entry(n, &ctx->names_list, list) { in audit_filter_rules()
611 } else if (ctx) { in audit_filter_rules()
612 list_for_each_entry(n, &ctx->names_list, list) { in audit_filter_rules()
623 } else if (ctx) { in audit_filter_rules()
624 list_for_each_entry(n, &ctx->names_list, list) { in audit_filter_rules()
642 if (ctx) { in audit_filter_rules()
643 result = match_tree_refs(ctx, rule->tree); in audit_filter_rules()
656 if (ctx && ctx->sockaddr) in audit_filter_rules()
657 result = audit_comparator(ctx->sockaddr->ss_family, in audit_filter_rules()
706 } else if (ctx) { in audit_filter_rules()
707 list_for_each_entry(n, &ctx->names_list, list) { in audit_filter_rules()
719 if (!ctx || ctx->type != AUDIT_IPC) in audit_filter_rules()
721 if (security_audit_rule_match(&ctx->ipc.oprop, in audit_filter_rules()
731 if (ctx) in audit_filter_rules()
732 result = audit_comparator(ctx->argv[f->type-AUDIT_ARG0], f->op, f->val); in audit_filter_rules()
739 result = audit_match_perm(ctx, f->val); in audit_filter_rules()
744 result = audit_match_filetype(ctx, f->val); in audit_filter_rules()
749 result = audit_field_compare(tsk, cred, f, ctx, name); in audit_filter_rules()
756 if (ctx) { in audit_filter_rules()
758 kfree(ctx->filterkey); in audit_filter_rules()
759 ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC); in audit_filter_rules()
761 ctx->prio = rule->prio; in audit_filter_rules()
828 struct audit_context *ctx, in __audit_filter_op() argument
838 audit_filter_rules(tsk, &e->rule, ctx, name, in __audit_filter_op()
840 ctx->current_state = state; in __audit_filter_op()
853 struct audit_context *ctx) in audit_filter_uring() argument
859 __audit_filter_op(tsk, ctx, &audit_filter_list[AUDIT_FILTER_URING_EXIT], in audit_filter_uring()
860 NULL, ctx->uring_op); in audit_filter_uring()
870 struct audit_context *ctx) in audit_filter_syscall() argument
876 __audit_filter_op(tsk, ctx, &audit_filter_list[AUDIT_FILTER_EXIT], in audit_filter_syscall()
877 NULL, ctx->major); in audit_filter_syscall()
887 struct audit_context *ctx) in audit_filter_inode_name() argument
892 return __audit_filter_op(tsk, ctx, list, n, ctx->major); in audit_filter_inode_name()
900 void audit_filter_inodes(struct task_struct *tsk, struct audit_context *ctx) in audit_filter_inodes() argument
909 list_for_each_entry(n, &ctx->names_list, list) { in audit_filter_inodes()
910 if (audit_filter_inode_name(tsk, n, ctx)) in audit_filter_inodes()
972 static void audit_reset_context(struct audit_context *ctx) in audit_reset_context() argument
974 if (!ctx) in audit_reset_context()
978 ctx->context = AUDIT_CTX_UNUSED; in audit_reset_context()
979 if (ctx->dummy) in audit_reset_context()
996 ctx->current_state = ctx->state; in audit_reset_context()
997 ctx->serial = 0; in audit_reset_context()
998 ctx->major = 0; in audit_reset_context()
999 ctx->uring_op = 0; in audit_reset_context()
1000 ctx->ctime = (struct timespec64){ .tv_sec = 0, .tv_nsec = 0 }; in audit_reset_context()
1001 memset(ctx->argv, 0, sizeof(ctx->argv)); in audit_reset_context()
1002 ctx->return_code = 0; in audit_reset_context()
1003 ctx->prio = (ctx->state == AUDIT_STATE_RECORD ? ~0ULL : 0); in audit_reset_context()
1004 ctx->return_valid = AUDITSC_INVALID; in audit_reset_context()
1005 audit_free_names(ctx); in audit_reset_context()
1006 if (ctx->state != AUDIT_STATE_RECORD) { in audit_reset_context()
1007 kfree(ctx->filterkey); in audit_reset_context()
1008 ctx->filterkey = NULL; in audit_reset_context()
1010 audit_free_aux(ctx); in audit_reset_context()
1011 kfree(ctx->sockaddr); in audit_reset_context()
1012 ctx->sockaddr = NULL; in audit_reset_context()
1013 ctx->sockaddr_len = 0; in audit_reset_context()
1014 ctx->ppid = 0; in audit_reset_context()
1015 ctx->uid = ctx->euid = ctx->suid = ctx->fsuid = KUIDT_INIT(0); in audit_reset_context()
1016 ctx->gid = ctx->egid = ctx->sgid = ctx->fsgid = KGIDT_INIT(0); in audit_reset_context()
1017 ctx->personality = 0; in audit_reset_context()
1018 ctx->arch = 0; in audit_reset_context()
1019 ctx->target_pid = 0; in audit_reset_context()
1020 ctx->target_auid = ctx->target_uid = KUIDT_INIT(0); in audit_reset_context()
1021 ctx->target_sessionid = 0; in audit_reset_context()
1022 lsmprop_init(&ctx->target_ref); in audit_reset_context()
1023 ctx->target_comm[0] = '\0'; in audit_reset_context()
1024 unroll_tree_refs(ctx, NULL, 0); in audit_reset_context()
1025 WARN_ON(!list_empty(&ctx->killed_trees)); in audit_reset_context()
1026 audit_free_module(ctx); in audit_reset_context()
1027 ctx->fds[0] = -1; in audit_reset_context()
1028 ctx->type = 0; /* reset last for audit_free_*() */ in audit_reset_context()
1101 struct lsm_context ctx; in audit_log_pid_context() local
1112 if (security_lsmprop_to_secctx(prop, &ctx) < 0) { in audit_log_pid_context()
1116 audit_log_format(ab, " obj=%s", ctx.context); in audit_log_pid_context()
1117 security_release_secctx(&ctx); in audit_log_pid_context()
1561 struct lsm_context ctx; in audit_log_name() local
1563 if (security_lsmprop_to_secctx(&n->oprop, &ctx) < 0) { in audit_log_name()
1567 audit_log_format(ab, " obj=%s", ctx.context); in audit_log_name()
1568 security_release_secctx(&ctx); in audit_log_name()
1640 static void audit_log_uring(struct audit_context *ctx) in audit_log_uring() argument
1645 ab = audit_log_start(ctx, GFP_ATOMIC, AUDIT_URINGOP); in audit_log_uring()
1649 audit_log_format(ab, "uring_op=%d", ctx->uring_op); in audit_log_uring()
1650 if (ctx->return_valid != AUDITSC_INVALID) in audit_log_uring()
1652 str_yes_no(ctx->return_valid == in audit_log_uring()
1654 ctx->return_code); in audit_log_uring()
1659 ctx->name_count, in audit_log_uring()
1670 audit_log_key(ab, ctx->filterkey); in audit_log_uring()
1869 static void audit_return_fixup(struct audit_context *ctx, in audit_return_fixup() argument
1882 ctx->return_code = -EINTR; in audit_return_fixup()
1884 ctx->return_code = code; in audit_return_fixup()
1885 ctx->return_valid = (success ? AUDITSC_SUCCESS : AUDITSC_FAILURE); in audit_return_fixup()
1899 struct audit_context *ctx = audit_context(); in __audit_uring_entry() local
1901 if (ctx->state == AUDIT_STATE_DISABLED) in __audit_uring_entry()
1910 ctx->uring_op = op; in __audit_uring_entry()
1911 if (ctx->context == AUDIT_CTX_SYSCALL) in __audit_uring_entry()
1914 ctx->dummy = !audit_n_rules; in __audit_uring_entry()
1915 if (!ctx->dummy && ctx->state == AUDIT_STATE_BUILD) in __audit_uring_entry()
1916 ctx->prio = 0; in __audit_uring_entry()
1918 ctx->context = AUDIT_CTX_URING; in __audit_uring_entry()
1919 ctx->current_state = ctx->state; in __audit_uring_entry()
1920 ktime_get_coarse_real_ts64(&ctx->ctime); in __audit_uring_entry()
1935 struct audit_context *ctx = audit_context(); in __audit_uring_exit() local
1937 if (ctx->dummy) { in __audit_uring_exit()
1938 if (ctx->context != AUDIT_CTX_URING) in __audit_uring_exit()
1943 audit_return_fixup(ctx, success, code); in __audit_uring_exit()
1944 if (ctx->context == AUDIT_CTX_SYSCALL) { in __audit_uring_exit()
1965 audit_filter_syscall(current, ctx); in __audit_uring_exit()
1966 if (ctx->current_state != AUDIT_STATE_RECORD) in __audit_uring_exit()
1967 audit_filter_uring(current, ctx); in __audit_uring_exit()
1968 audit_filter_inodes(current, ctx); in __audit_uring_exit()
1969 if (ctx->current_state != AUDIT_STATE_RECORD) in __audit_uring_exit()
1972 audit_log_uring(ctx); in __audit_uring_exit()
1977 if (!list_empty(&ctx->killed_trees)) in __audit_uring_exit()
1978 audit_kill_trees(ctx); in __audit_uring_exit()
1981 audit_filter_uring(current, ctx); in __audit_uring_exit()
1982 audit_filter_inodes(current, ctx); in __audit_uring_exit()
1983 if (ctx->current_state != AUDIT_STATE_RECORD) in __audit_uring_exit()
1988 audit_reset_context(ctx); in __audit_uring_exit()
2516 int auditsc_get_stamp(struct audit_context *ctx, in auditsc_get_stamp() argument
2519 if (ctx->context == AUDIT_CTX_UNUSED) in auditsc_get_stamp()
2521 if (!ctx->serial) in auditsc_get_stamp()
2522 ctx->serial = audit_serial(); in auditsc_get_stamp()
2523 t->tv_sec = ctx->ctime.tv_sec; in auditsc_get_stamp()
2524 t->tv_nsec = ctx->ctime.tv_nsec; in auditsc_get_stamp()
2525 *serial = ctx->serial; in auditsc_get_stamp()
2526 if (!ctx->prio) { in auditsc_get_stamp()
2527 ctx->prio = 1; in auditsc_get_stamp()
2528 ctx->current_state = AUDIT_STATE_RECORD; in auditsc_get_stamp()
2740 struct audit_context *ctx = audit_context(); in audit_signal_info_syscall() local
2748 if (!ctx->target_pid) { in audit_signal_info_syscall()
2749 ctx->target_pid = task_tgid_nr(t); in audit_signal_info_syscall()
2750 ctx->target_auid = audit_get_loginuid(t); in audit_signal_info_syscall()
2751 ctx->target_uid = t_uid; in audit_signal_info_syscall()
2752 ctx->target_sessionid = audit_get_sessionid(t); in audit_signal_info_syscall()
2753 strscpy(ctx->target_comm, t->comm); in audit_signal_info_syscall()
2754 security_task_getlsmprop_obj(t, &ctx->target_ref); in audit_signal_info_syscall()
2758 axp = (void *)ctx->aux_pids; in audit_signal_info_syscall()
2765 axp->d.next = ctx->aux_pids; in audit_signal_info_syscall()
2766 ctx->aux_pids = (void *)axp; in audit_signal_info_syscall()
3032 struct audit_context *ctx = audit_context(); in audit_killed_trees() local
3033 if (likely(!ctx || ctx->context == AUDIT_CTX_UNUSED)) in audit_killed_trees()
3035 return &ctx->killed_trees; in audit_killed_trees()