include/linux/audit.h at 15bfba1ad77fad8e45a37aae54b3c813b33fe27c

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / include / linux / audit.h
at 15bfba1ad77fad8e45a37aae54b3c813b33fe27c 733 lines 21 kB view raw
wrap content
  1/* SPDX-License-Identifier: GPL-2.0-or-later */
  2/* audit.h -- Auditing support
  3 *
  4 * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
  5 * All Rights Reserved.
  6 *
  7 * Written by Rickard E. (Rik) Faith <faith@redhat.com>
  8 */
  9#ifndef _LINUX_AUDIT_H_
 10#define _LINUX_AUDIT_H_
 11
 12#include <linux/sched.h>
 13#include <linux/ptrace.h>
 14#include <linux/audit_arch.h>
 15#include <uapi/linux/audit.h>
 16#include <uapi/linux/fanotify.h>
 17
 18#define AUDIT_INO_UNSET ((unsigned long)-1)
 19#define AUDIT_DEV_UNSET ((dev_t)-1)
 20
 21struct audit_sig_info {
 22	uid_t		uid;
 23	pid_t		pid;
 24	char		ctx[];
 25};
 26
 27struct audit_buffer;
 28struct audit_context;
 29struct inode;
 30struct netlink_skb_parms;
 31struct path;
 32struct linux_binprm;
 33struct mq_attr;
 34struct mqstat;
 35struct audit_watch;
 36struct audit_tree;
 37struct sk_buff;
 38struct kern_ipc_perm;
 39struct lsm_id;
 40struct lsm_prop;
 41
 42struct audit_krule {
 43	u32			pflags;
 44	u32			flags;
 45	u32			listnr;
 46	u32			action;
 47	u32			mask[AUDIT_BITMASK_SIZE];
 48	u32			buflen; /* for data alloc on list rules */
 49	u32			field_count;
 50	char			*filterkey; /* ties events to rules */
 51	struct audit_field	*fields;
 52	struct audit_field	*arch_f; /* quick access to arch field */
 53	struct audit_field	*inode_f; /* quick access to an inode field */
 54	struct audit_watch	*watch;	/* associated watch */
 55	struct audit_tree	*tree;	/* associated watched tree */
 56	struct audit_fsnotify_mark	*exe;
 57	struct list_head	rlist;	/* entry in audit_{watch,tree}.rules list */
 58	struct list_head	list;	/* for AUDIT_LIST* purposes only */
 59	u64			prio;
 60};
 61
 62/* Flag to indicate legacy AUDIT_LOGINUID unset usage */
 63#define AUDIT_LOGINUID_LEGACY		0x1
 64
 65struct audit_field {
 66	u32				type;
 67	union {
 68		u32			val;
 69		kuid_t			uid;
 70		kgid_t			gid;
 71		struct {
 72			char		*lsm_str;
 73			void		*lsm_rule;
 74		};
 75	};
 76	u32				op;
 77};
 78
 79enum audit_ntp_type {
 80	AUDIT_NTP_OFFSET,
 81	AUDIT_NTP_FREQ,
 82	AUDIT_NTP_STATUS,
 83	AUDIT_NTP_TAI,
 84	AUDIT_NTP_TICK,
 85	AUDIT_NTP_ADJUST,
 86
 87	AUDIT_NTP_NVALS /* count */
 88};
 89
 90#ifdef CONFIG_AUDITSYSCALL
 91struct audit_ntp_val {
 92	long long oldval, newval;
 93};
 94
 95struct audit_ntp_data {
 96	struct audit_ntp_val vals[AUDIT_NTP_NVALS];
 97};
 98#else
 99struct audit_ntp_data {};
100#endif
101
102enum audit_nfcfgop {
103	AUDIT_XT_OP_REGISTER,
104	AUDIT_XT_OP_REPLACE,
105	AUDIT_XT_OP_UNREGISTER,
106	AUDIT_NFT_OP_TABLE_REGISTER,
107	AUDIT_NFT_OP_TABLE_UNREGISTER,
108	AUDIT_NFT_OP_CHAIN_REGISTER,
109	AUDIT_NFT_OP_CHAIN_UNREGISTER,
110	AUDIT_NFT_OP_RULE_REGISTER,
111	AUDIT_NFT_OP_RULE_UNREGISTER,
112	AUDIT_NFT_OP_SET_REGISTER,
113	AUDIT_NFT_OP_SET_UNREGISTER,
114	AUDIT_NFT_OP_SETELEM_REGISTER,
115	AUDIT_NFT_OP_SETELEM_UNREGISTER,
116	AUDIT_NFT_OP_GEN_REGISTER,
117	AUDIT_NFT_OP_OBJ_REGISTER,
118	AUDIT_NFT_OP_OBJ_UNREGISTER,
119	AUDIT_NFT_OP_OBJ_RESET,
120	AUDIT_NFT_OP_FLOWTABLE_REGISTER,
121	AUDIT_NFT_OP_FLOWTABLE_UNREGISTER,
122	AUDIT_NFT_OP_SETELEM_RESET,
123	AUDIT_NFT_OP_RULE_RESET,
124	AUDIT_NFT_OP_INVALID,
125};
126
127extern int __init audit_register_class(int class, unsigned *list);
128extern int audit_classify_syscall(int abi, unsigned syscall);
129extern int audit_classify_arch(int arch);
130
131/* audit_names->type values */
132#define	AUDIT_TYPE_UNKNOWN	0	/* we don't know yet */
133#define	AUDIT_TYPE_NORMAL	1	/* a "normal" audit record */
134#define	AUDIT_TYPE_PARENT	2	/* a parent audit record */
135#define	AUDIT_TYPE_CHILD_DELETE 3	/* a child being deleted */
136#define	AUDIT_TYPE_CHILD_CREATE 4	/* a child being created */
137
138/* maximized args number that audit_socketcall can process */
139#define AUDITSC_ARGS		6
140
141/* bit values for ->signal->audit_tty */
142#define AUDIT_TTY_ENABLE	BIT(0)
143#define AUDIT_TTY_LOG_PASSWD	BIT(1)
144
145/* bit values for audit_cfg_lsm */
146#define AUDIT_CFG_LSM_SECCTX_SUBJECT	BIT(0)
147#define AUDIT_CFG_LSM_SECCTX_OBJECT	BIT(1)
148
149struct filename;
150
151#define AUDIT_OFF	0
152#define AUDIT_ON	1
153#define AUDIT_LOCKED	2
154#ifdef CONFIG_AUDIT
155/* These are defined in audit.c */
156				/* Public API */
157extern __printf(4, 5)
158void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
159	       const char *fmt, ...);
160
161extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type);
162extern __printf(2, 3)
163void audit_log_format(struct audit_buffer *ab, const char *fmt, ...);
164extern void		    audit_log_end(struct audit_buffer *ab);
165extern bool		    audit_string_contains_control(const char *string,
166							  size_t len);
167extern void		    audit_log_n_hex(struct audit_buffer *ab,
168					  const unsigned char *buf,
169					  size_t len);
170extern void		    audit_log_n_string(struct audit_buffer *ab,
171					       const char *buf,
172					       size_t n);
173extern void		    audit_log_n_untrustedstring(struct audit_buffer *ab,
174							const char *string,
175							size_t n);
176extern void		    audit_log_untrustedstring(struct audit_buffer *ab,
177						      const char *string);
178extern void		    audit_log_d_path(struct audit_buffer *ab,
179					     const char *prefix,
180					     const struct path *path);
181extern void		    audit_log_key(struct audit_buffer *ab,
182					  char *key);
183extern void		    audit_log_path_denied(int type,
184						  const char *operation);
185extern void		    audit_log_lost(const char *message);
186
187extern int audit_log_subj_ctx(struct audit_buffer *ab, struct lsm_prop *prop);
188extern int audit_log_obj_ctx(struct audit_buffer *ab, struct lsm_prop *prop);
189extern int audit_log_task_context(struct audit_buffer *ab);
190extern void audit_log_task_info(struct audit_buffer *ab);
191extern int audit_log_nf_skb(struct audit_buffer *ab,
192			    const struct sk_buff *skb, u8 nfproto);
193
194extern int		    audit_update_lsm_rules(void);
195
196				/* Private API (for audit.c only) */
197extern int audit_rule_change(int type, int seq, void *data, size_t datasz);
198extern int audit_list_rules_send(struct sk_buff *request_skb, int seq);
199
200extern int audit_set_loginuid(kuid_t loginuid);
201
202static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
203{
204	return tsk->loginuid;
205}
206
207static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
208{
209	return tsk->sessionid;
210}
211
212extern u32 audit_enabled;
213
214extern int audit_signal_info(int sig, struct task_struct *t);
215
216extern void audit_cfg_lsm(const struct lsm_id *lsmid, int flags);
217
218#else /* CONFIG_AUDIT */
219static inline __printf(4, 5)
220void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
221	       const char *fmt, ...)
222{ }
223static inline struct audit_buffer *audit_log_start(struct audit_context *ctx,
224						   gfp_t gfp_mask, int type)
225{
226	return NULL;
227}
228static inline __printf(2, 3)
229void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
230{ }
231static inline void audit_log_end(struct audit_buffer *ab)
232{ }
233static inline void audit_log_n_hex(struct audit_buffer *ab,
234				   const unsigned char *buf, size_t len)
235{ }
236static inline void audit_log_n_string(struct audit_buffer *ab,
237				      const char *buf, size_t n)
238{ }
239static inline void  audit_log_n_untrustedstring(struct audit_buffer *ab,
240						const char *string, size_t n)
241{ }
242static inline void audit_log_untrustedstring(struct audit_buffer *ab,
243					     const char *string)
244{ }
245static inline void audit_log_d_path(struct audit_buffer *ab,
246				    const char *prefix,
247				    const struct path *path)
248{ }
249static inline void audit_log_key(struct audit_buffer *ab, char *key)
250{ }
251static inline void audit_log_path_denied(int type, const char *operation)
252{ }
253static inline int audit_log_subj_ctx(struct audit_buffer *ab,
254				     struct lsm_prop *prop)
255{
256	return 0;
257}
258static inline int audit_log_obj_ctx(struct audit_buffer *ab,
259				    struct lsm_prop *prop)
260{
261	return 0;
262}
263static inline int audit_log_task_context(struct audit_buffer *ab)
264{
265	return 0;
266}
267static inline void audit_log_task_info(struct audit_buffer *ab)
268{ }
269
270static inline int audit_log_nf_skb(struct audit_buffer *ab,
271				   const struct sk_buff *skb, u8 nfproto)
272{
273	return 0;
274}
275
276static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
277{
278	return INVALID_UID;
279}
280
281static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
282{
283	return AUDIT_SID_UNSET;
284}
285
286#define audit_enabled AUDIT_OFF
287
288static inline int audit_signal_info(int sig, struct task_struct *t)
289{
290	return 0;
291}
292
293static inline void audit_cfg_lsm(const struct lsm_id *lsmid, int flags)
294{ }
295
296#endif /* CONFIG_AUDIT */
297
298#ifdef CONFIG_AUDIT_COMPAT_GENERIC
299#define audit_is_compat(arch)  (!((arch) & __AUDIT_ARCH_64BIT))
300#else
301#define audit_is_compat(arch)  false
302#endif
303
304#define AUDIT_INODE_PARENT	1	/* dentry represents the parent */
305#define AUDIT_INODE_HIDDEN	2	/* audit record should be hidden */
306#define AUDIT_INODE_NOEVAL	4	/* audit record incomplete */
307
308#ifdef CONFIG_AUDITSYSCALL
309#include <asm/syscall.h> /* for syscall_get_arch() */
310
311/* These are defined in auditsc.c */
312				/* Public API */
313extern int  audit_alloc(struct task_struct *task);
314extern void __audit_free(struct task_struct *task);
315extern void __audit_uring_entry(u8 op);
316extern void __audit_uring_exit(int success, long code);
317extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1,
318				  unsigned long a2, unsigned long a3);
319extern void __audit_syscall_exit(int ret_success, long ret_value);
320extern void __audit_getname(struct filename *name);
321extern void __audit_inode(struct filename *name, const struct dentry *dentry,
322				unsigned int flags);
323extern void __audit_file(const struct file *);
324extern void __audit_inode_child(struct inode *parent,
325				const struct dentry *dentry,
326				const unsigned char type);
327extern void audit_seccomp(unsigned long syscall, long signr, int code);
328extern void audit_seccomp_actions_logged(const char *names,
329					 const char *old_names, int res);
330extern void __audit_ptrace(struct task_struct *t);
331
332static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
333{
334	task->audit_context = ctx;
335}
336
337static inline struct audit_context *audit_context(void)
338{
339	return current->audit_context;
340}
341
342static inline bool audit_dummy_context(void)
343{
344	void *p = audit_context();
345	return !p || *(int *)p;
346}
347static inline void audit_free(struct task_struct *task)
348{
349	if (unlikely(task->audit_context))
350		__audit_free(task);
351}
352static inline void audit_uring_entry(u8 op)
353{
354	/*
355	 * We intentionally check audit_context() before audit_enabled as most
356	 * Linux systems (as of ~2021) rely on systemd which forces audit to
357	 * be enabled regardless of the user's audit configuration.
358	 */
359	if (unlikely(audit_context() && audit_enabled))
360		__audit_uring_entry(op);
361}
362static inline void audit_uring_exit(int success, long code)
363{
364	if (unlikely(audit_context()))
365		__audit_uring_exit(success, code);
366}
367static inline void audit_syscall_entry(int major, unsigned long a0,
368				       unsigned long a1, unsigned long a2,
369				       unsigned long a3)
370{
371	if (unlikely(audit_context()))
372		__audit_syscall_entry(major, a0, a1, a2, a3);
373}
374static inline void audit_syscall_exit(void *pt_regs)
375{
376	if (unlikely(audit_context())) {
377		int success = is_syscall_success(pt_regs);
378		long return_code = regs_return_value(pt_regs);
379
380		__audit_syscall_exit(success, return_code);
381	}
382}
383static inline void audit_getname(struct filename *name)
384{
385	if (unlikely(!audit_dummy_context()))
386		__audit_getname(name);
387}
388static inline void audit_inode(struct filename *name,
389				const struct dentry *dentry,
390				unsigned int aflags) {
391	if (unlikely(!audit_dummy_context()))
392		__audit_inode(name, dentry, aflags);
393}
394static inline void audit_file(struct file *file)
395{
396	if (unlikely(!audit_dummy_context()))
397		__audit_file(file);
398}
399static inline void audit_inode_parent_hidden(struct filename *name,
400						const struct dentry *dentry)
401{
402	if (unlikely(!audit_dummy_context()))
403		__audit_inode(name, dentry,
404				AUDIT_INODE_PARENT | AUDIT_INODE_HIDDEN);
405}
406static inline void audit_inode_child(struct inode *parent,
407				     const struct dentry *dentry,
408				     const unsigned char type) {
409	if (unlikely(!audit_dummy_context()))
410		__audit_inode_child(parent, dentry, type);
411}
412void audit_core_dumps(long signr);
413
414static inline void audit_ptrace(struct task_struct *t)
415{
416	if (unlikely(!audit_dummy_context()))
417		__audit_ptrace(t);
418}
419
420				/* Private API (for audit.c only) */
421extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
422extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
423extern void __audit_bprm(struct linux_binprm *bprm);
424extern int __audit_socketcall(int nargs, unsigned long *args);
425extern int __audit_sockaddr(int len, void *addr);
426extern void __audit_fd_pair(int fd1, int fd2);
427extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
428extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout);
429extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification);
430extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
431extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
432				  const struct cred *new,
433				  const struct cred *old);
434extern void __audit_log_capset(const struct cred *new, const struct cred *old);
435extern void __audit_mmap_fd(int fd, int flags);
436extern void __audit_openat2_how(struct open_how *how);
437extern void __audit_log_kern_module(const char *name);
438extern void __audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar);
439extern void __audit_tk_injoffset(struct timespec64 offset);
440extern void __audit_ntp_log(const struct audit_ntp_data *ad);
441extern void __audit_log_nfcfg(const char *name, u8 af, unsigned int nentries,
442			      enum audit_nfcfgop op, gfp_t gfp);
443
444static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
445{
446	if (unlikely(!audit_dummy_context()))
447		__audit_ipc_obj(ipcp);
448}
449static inline void audit_fd_pair(int fd1, int fd2)
450{
451	if (unlikely(!audit_dummy_context()))
452		__audit_fd_pair(fd1, fd2);
453}
454static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode)
455{
456	if (unlikely(!audit_dummy_context()))
457		__audit_ipc_set_perm(qbytes, uid, gid, mode);
458}
459static inline void audit_bprm(struct linux_binprm *bprm)
460{
461	if (unlikely(!audit_dummy_context()))
462		__audit_bprm(bprm);
463}
464static inline int audit_socketcall(int nargs, unsigned long *args)
465{
466	if (unlikely(!audit_dummy_context()))
467		return __audit_socketcall(nargs, args);
468	return 0;
469}
470
471static inline int audit_socketcall_compat(int nargs, u32 *args)
472{
473	unsigned long a[AUDITSC_ARGS];
474	int i;
475
476	if (audit_dummy_context())
477		return 0;
478
479	for (i = 0; i < nargs; i++)
480		a[i] = (unsigned long)args[i];
481	return __audit_socketcall(nargs, a);
482}
483
484static inline int audit_sockaddr(int len, void *addr)
485{
486	if (unlikely(!audit_dummy_context()))
487		return __audit_sockaddr(len, addr);
488	return 0;
489}
490static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
491{
492	if (unlikely(!audit_dummy_context()))
493		__audit_mq_open(oflag, mode, attr);
494}
495static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout)
496{
497	if (unlikely(!audit_dummy_context()))
498		__audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout);
499}
500static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
501{
502	if (unlikely(!audit_dummy_context()))
503		__audit_mq_notify(mqdes, notification);
504}
505static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
506{
507	if (unlikely(!audit_dummy_context()))
508		__audit_mq_getsetattr(mqdes, mqstat);
509}
510
511static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
512				       const struct cred *new,
513				       const struct cred *old)
514{
515	if (unlikely(!audit_dummy_context()))
516		return __audit_log_bprm_fcaps(bprm, new, old);
517	return 0;
518}
519
520static inline void audit_log_capset(const struct cred *new,
521				   const struct cred *old)
522{
523	if (unlikely(!audit_dummy_context()))
524		__audit_log_capset(new, old);
525}
526
527static inline void audit_mmap_fd(int fd, int flags)
528{
529	if (unlikely(!audit_dummy_context()))
530		__audit_mmap_fd(fd, flags);
531}
532
533static inline void audit_openat2_how(struct open_how *how)
534{
535	if (unlikely(!audit_dummy_context()))
536		__audit_openat2_how(how);
537}
538
539static inline void audit_log_kern_module(const char *name)
540{
541	if (!audit_dummy_context())
542		__audit_log_kern_module(name);
543}
544
545static inline void audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar)
546{
547	if (audit_enabled)
548		__audit_fanotify(response, friar);
549}
550
551static inline void audit_tk_injoffset(struct timespec64 offset)
552{
553	/* ignore no-op events */
554	if (offset.tv_sec == 0 && offset.tv_nsec == 0)
555		return;
556
557	if (!audit_dummy_context())
558		__audit_tk_injoffset(offset);
559}
560
561static inline void audit_ntp_init(struct audit_ntp_data *ad)
562{
563	memset(ad, 0, sizeof(*ad));
564}
565
566static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
567				     enum audit_ntp_type type, long long val)
568{
569	ad->vals[type].oldval = val;
570}
571
572static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
573				     enum audit_ntp_type type, long long val)
574{
575	ad->vals[type].newval = val;
576}
577
578static inline void audit_ntp_log(const struct audit_ntp_data *ad)
579{
580	if (!audit_dummy_context())
581		__audit_ntp_log(ad);
582}
583
584static inline void audit_log_nfcfg(const char *name, u8 af,
585				   unsigned int nentries,
586				   enum audit_nfcfgop op, gfp_t gfp)
587{
588	if (audit_enabled)
589		__audit_log_nfcfg(name, af, nentries, op, gfp);
590}
591
592extern int audit_n_rules;
593extern int audit_signals;
594#else /* CONFIG_AUDITSYSCALL */
595static inline int audit_alloc(struct task_struct *task)
596{
597	return 0;
598}
599static inline void audit_free(struct task_struct *task)
600{ }
601static inline void audit_uring_entry(u8 op)
602{ }
603static inline void audit_uring_exit(int success, long code)
604{ }
605static inline void audit_syscall_entry(int major, unsigned long a0,
606				       unsigned long a1, unsigned long a2,
607				       unsigned long a3)
608{ }
609static inline void audit_syscall_exit(void *pt_regs)
610{ }
611static inline bool audit_dummy_context(void)
612{
613	return true;
614}
615static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
616{ }
617static inline struct audit_context *audit_context(void)
618{
619	return NULL;
620}
621static inline void audit_getname(struct filename *name)
622{ }
623static inline void audit_inode(struct filename *name,
624				const struct dentry *dentry,
625				unsigned int aflags)
626{ }
627static inline void audit_file(struct file *file)
628{
629}
630static inline void audit_inode_parent_hidden(struct filename *name,
631				const struct dentry *dentry)
632{ }
633static inline void audit_inode_child(struct inode *parent,
634				     const struct dentry *dentry,
635				     const unsigned char type)
636{ }
637static inline void audit_core_dumps(long signr)
638{ }
639static inline void audit_seccomp(unsigned long syscall, long signr, int code)
640{ }
641static inline void audit_seccomp_actions_logged(const char *names,
642						const char *old_names, int res)
643{ }
644static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
645{ }
646static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
647					gid_t gid, umode_t mode)
648{ }
649static inline void audit_bprm(struct linux_binprm *bprm)
650{ }
651static inline int audit_socketcall(int nargs, unsigned long *args)
652{
653	return 0;
654}
655
656static inline int audit_socketcall_compat(int nargs, u32 *args)
657{
658	return 0;
659}
660
661static inline void audit_fd_pair(int fd1, int fd2)
662{ }
663static inline int audit_sockaddr(int len, void *addr)
664{
665	return 0;
666}
667static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
668{ }
669static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len,
670				     unsigned int msg_prio,
671				     const struct timespec64 *abs_timeout)
672{ }
673static inline void audit_mq_notify(mqd_t mqdes,
674				   const struct sigevent *notification)
675{ }
676static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
677{ }
678static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
679				       const struct cred *new,
680				       const struct cred *old)
681{
682	return 0;
683}
684static inline void audit_log_capset(const struct cred *new,
685				    const struct cred *old)
686{ }
687static inline void audit_mmap_fd(int fd, int flags)
688{ }
689
690static inline void audit_openat2_how(struct open_how *how)
691{ }
692
693static inline void audit_log_kern_module(const char *name)
694{ }
695
696static inline void audit_fanotify(u32 response, struct fanotify_response_info_audit_rule *friar)
697{ }
698
699static inline void audit_tk_injoffset(struct timespec64 offset)
700{ }
701
702static inline void audit_ntp_init(struct audit_ntp_data *ad)
703{ }
704
705static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
706				     enum audit_ntp_type type, long long val)
707{ }
708
709static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
710				     enum audit_ntp_type type, long long val)
711{ }
712
713static inline void audit_ntp_log(const struct audit_ntp_data *ad)
714{ }
715
716static inline void audit_ptrace(struct task_struct *t)
717{ }
718
719static inline void audit_log_nfcfg(const char *name, u8 af,
720				   unsigned int nentries,
721				   enum audit_nfcfgop op, gfp_t gfp)
722{ }
723
724#define audit_n_rules 0
725#define audit_signals 0
726#endif /* CONFIG_AUDITSYSCALL */
727
728static inline bool audit_loginuid_set(struct task_struct *tsk)
729{
730	return uid_valid(audit_get_loginuid(tsk));
731}
732
733#endif
Configure Feed

Configure Feed
