falconide: fix resources reservation (take 2)
[linux-2.6] / drivers / char / tty_audit.c
1 /*
2  * Creating audit events from TTY input.
3  *
4  * Copyright (C) 2007 Red Hat, Inc.  All rights reserved.  This copyrighted
5  * material is made available to anyone wishing to use, modify, copy, or
6  * redistribute it subject to the terms and conditions of the GNU General
7  * Public License v.2.
8  *
9  * Authors: Miloslav Trmac <mitr@redhat.com>
10  */
11
12 #include <linux/audit.h>
13 #include <linux/file.h>
14 #include <linux/tty.h>
15
16 struct tty_audit_buf {
17         atomic_t count;
18         struct mutex mutex;     /* Protects all data below */
19         int major, minor;       /* The TTY which the data is from */
20         unsigned icanon:1;
21         size_t valid;
22         unsigned char *data;    /* Allocated size N_TTY_BUF_SIZE */
23 };
24
25 static struct tty_audit_buf *tty_audit_buf_alloc(int major, int minor,
26                                                  int icanon)
27 {
28         struct tty_audit_buf *buf;
29
30         buf = kmalloc(sizeof(*buf), GFP_KERNEL);
31         if (!buf)
32                 goto err;
33         if (PAGE_SIZE != N_TTY_BUF_SIZE)
34                 buf->data = kmalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
35         else
36                 buf->data = (unsigned char *)__get_free_page(GFP_KERNEL);
37         if (!buf->data)
38                 goto err_buf;
39         atomic_set(&buf->count, 1);
40         mutex_init(&buf->mutex);
41         buf->major = major;
42         buf->minor = minor;
43         buf->icanon = icanon;
44         buf->valid = 0;
45         return buf;
46
47 err_buf:
48         kfree(buf);
49 err:
50         return NULL;
51 }
52
53 static void tty_audit_buf_free(struct tty_audit_buf *buf)
54 {
55         WARN_ON(buf->valid != 0);
56         if (PAGE_SIZE != N_TTY_BUF_SIZE)
57                 kfree(buf->data);
58         else
59                 free_page((unsigned long)buf->data);
60         kfree(buf);
61 }
62
63 static void tty_audit_buf_put(struct tty_audit_buf *buf)
64 {
65         if (atomic_dec_and_test(&buf->count))
66                 tty_audit_buf_free(buf);
67 }
68
69 /**
70  *      tty_audit_buf_push      -       Push buffered data out
71  *
72  *      Generate an audit message from the contents of @buf, which is owned by
73  *      @tsk with @loginuid.  @buf->mutex must be locked.
74  */
75 static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
76                                unsigned int sessionid,
77                                struct tty_audit_buf *buf)
78 {
79         struct audit_buffer *ab;
80
81         if (buf->valid == 0)
82                 return;
83         if (audit_enabled == 0)
84                 return;
85         ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY);
86         if (ab) {
87                 char name[sizeof(tsk->comm)];
88
89                 audit_log_format(ab, "tty pid=%u uid=%u auid=%u ses=%u "
90                                  "major=%d minor=%d comm=", tsk->pid, tsk->uid,
91                                  loginuid, sessionid, buf->major, buf->minor);
92                 get_task_comm(name, tsk);
93                 audit_log_untrustedstring(ab, name);
94                 audit_log_format(ab, " data=");
95                 audit_log_n_untrustedstring(ab, buf->valid, buf->data);
96                 audit_log_end(ab);
97         }
98         buf->valid = 0;
99 }
100
101 /**
102  *      tty_audit_buf_push_current      -       Push buffered data out
103  *
104  *      Generate an audit message from the contents of @buf, which is owned by
105  *      the current task.  @buf->mutex must be locked.
106  */
107 static void tty_audit_buf_push_current(struct tty_audit_buf *buf)
108 {
109         uid_t auid = audit_get_loginuid(current);
110         unsigned int sessionid = audit_get_sessionid(current);
111         tty_audit_buf_push(current, auid, sessionid, buf);
112 }
113
114 /**
115  *      tty_audit_exit  -       Handle a task exit
116  *
117  *      Make sure all buffered data is written out and deallocate the buffer.
118  *      Only needs to be called if current->signal->tty_audit_buf != %NULL.
119  */
120 void tty_audit_exit(void)
121 {
122         struct tty_audit_buf *buf;
123
124         spin_lock_irq(&current->sighand->siglock);
125         buf = current->signal->tty_audit_buf;
126         current->signal->tty_audit_buf = NULL;
127         spin_unlock_irq(&current->sighand->siglock);
128         if (!buf)
129                 return;
130
131         mutex_lock(&buf->mutex);
132         tty_audit_buf_push_current(buf);
133         mutex_unlock(&buf->mutex);
134
135         tty_audit_buf_put(buf);
136 }
137
138 /**
139  *      tty_audit_fork  -       Copy TTY audit state for a new task
140  *
141  *      Set up TTY audit state in @sig from current.  @sig needs no locking.
142  */
143 void tty_audit_fork(struct signal_struct *sig)
144 {
145         spin_lock_irq(&current->sighand->siglock);
146         sig->audit_tty = current->signal->audit_tty;
147         spin_unlock_irq(&current->sighand->siglock);
148         sig->tty_audit_buf = NULL;
149 }
150
151 /**
152  *      tty_audit_push_task     -       Flush task's pending audit data
153  */
154 void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid)
155 {
156         struct tty_audit_buf *buf;
157         /* FIXME I think this is correct.  Check against netlink once that is
158          * I really need to read this code more closely.  But that's for
159          * another patch.
160          */
161         unsigned int sessionid = audit_get_sessionid(tsk);
162
163         spin_lock_irq(&tsk->sighand->siglock);
164         buf = tsk->signal->tty_audit_buf;
165         if (buf)
166                 atomic_inc(&buf->count);
167         spin_unlock_irq(&tsk->sighand->siglock);
168         if (!buf)
169                 return;
170
171         mutex_lock(&buf->mutex);
172         tty_audit_buf_push(tsk, loginuid, sessionid, buf);
173         mutex_unlock(&buf->mutex);
174
175         tty_audit_buf_put(buf);
176 }
177
178 /**
179  *      tty_audit_buf_get       -       Get an audit buffer.
180  *
181  *      Get an audit buffer for @tty, allocate it if necessary.  Return %NULL
182  *      if TTY auditing is disabled or out of memory.  Otherwise, return a new
183  *      reference to the buffer.
184  */
185 static struct tty_audit_buf *tty_audit_buf_get(struct tty_struct *tty)
186 {
187         struct tty_audit_buf *buf, *buf2;
188
189         buf = NULL;
190         buf2 = NULL;
191         spin_lock_irq(&current->sighand->siglock);
192         if (likely(!current->signal->audit_tty))
193                 goto out;
194         buf = current->signal->tty_audit_buf;
195         if (buf) {
196                 atomic_inc(&buf->count);
197                 goto out;
198         }
199         spin_unlock_irq(&current->sighand->siglock);
200
201         buf2 = tty_audit_buf_alloc(tty->driver->major,
202                                    tty->driver->minor_start + tty->index,
203                                    tty->icanon);
204         if (buf2 == NULL) {
205                 audit_log_lost("out of memory in TTY auditing");
206                 return NULL;
207         }
208
209         spin_lock_irq(&current->sighand->siglock);
210         if (!current->signal->audit_tty)
211                 goto out;
212         buf = current->signal->tty_audit_buf;
213         if (!buf) {
214                 current->signal->tty_audit_buf = buf2;
215                 buf = buf2;
216                 buf2 = NULL;
217         }
218         atomic_inc(&buf->count);
219         /* Fall through */
220  out:
221         spin_unlock_irq(&current->sighand->siglock);
222         if (buf2)
223                 tty_audit_buf_free(buf2);
224         return buf;
225 }
226
227 /**
228  *      tty_audit_add_data      -       Add data for TTY auditing.
229  *
230  *      Audit @data of @size from @tty, if necessary.
231  */
232 void tty_audit_add_data(struct tty_struct *tty, unsigned char *data,
233                         size_t size)
234 {
235         struct tty_audit_buf *buf;
236         int major, minor;
237
238         if (unlikely(size == 0))
239                 return;
240
241         buf = tty_audit_buf_get(tty);
242         if (!buf)
243                 return;
244
245         mutex_lock(&buf->mutex);
246         major = tty->driver->major;
247         minor = tty->driver->minor_start + tty->index;
248         if (buf->major != major || buf->minor != minor
249             || buf->icanon != tty->icanon) {
250                 tty_audit_buf_push_current(buf);
251                 buf->major = major;
252                 buf->minor = minor;
253                 buf->icanon = tty->icanon;
254         }
255         do {
256                 size_t run;
257
258                 run = N_TTY_BUF_SIZE - buf->valid;
259                 if (run > size)
260                         run = size;
261                 memcpy(buf->data + buf->valid, data, run);
262                 buf->valid += run;
263                 data += run;
264                 size -= run;
265                 if (buf->valid == N_TTY_BUF_SIZE)
266                         tty_audit_buf_push_current(buf);
267         } while (size != 0);
268         mutex_unlock(&buf->mutex);
269         tty_audit_buf_put(buf);
270 }
271
272 /**
273  *      tty_audit_push  -       Push buffered data out
274  *
275  *      Make sure no audit data is pending for @tty on the current process.
276  */
277 void tty_audit_push(struct tty_struct *tty)
278 {
279         struct tty_audit_buf *buf;
280
281         spin_lock_irq(&current->sighand->siglock);
282         if (likely(!current->signal->audit_tty)) {
283                 spin_unlock_irq(&current->sighand->siglock);
284                 return;
285         }
286         buf = current->signal->tty_audit_buf;
287         if (buf)
288                 atomic_inc(&buf->count);
289         spin_unlock_irq(&current->sighand->siglock);
290
291         if (buf) {
292                 int major, minor;
293
294                 major = tty->driver->major;
295                 minor = tty->driver->minor_start + tty->index;
296                 mutex_lock(&buf->mutex);
297                 if (buf->major == major && buf->minor == minor)
298                         tty_audit_buf_push_current(buf);
299                 mutex_unlock(&buf->mutex);
300                 tty_audit_buf_put(buf);
301         }
302 }
303
304 /**
305  *      tty_audit_opening       -       A TTY is being opened.
306  *
307  *      As a special hack, tasks that close all their TTYs and open new ones
308  *      are assumed to be system daemons (e.g. getty) and auditing is
309  *      automatically disabled for them.
310  */
311 void tty_audit_opening(void)
312 {
313         int disable;
314
315         disable = 1;
316         spin_lock_irq(&current->sighand->siglock);
317         if (current->signal->audit_tty == 0)
318                 disable = 0;
319         spin_unlock_irq(&current->sighand->siglock);
320         if (!disable)
321                 return;
322
323         task_lock(current);
324         if (current->files) {
325                 struct fdtable *fdt;
326                 unsigned i;
327
328                 /*
329                  * We don't take a ref to the file, so we must hold ->file_lock
330                  * instead.
331                  */
332                 spin_lock(&current->files->file_lock);
333                 fdt = files_fdtable(current->files);
334                 for (i = 0; i < fdt->max_fds; i++) {
335                         struct file *filp;
336
337                         filp = fcheck_files(current->files, i);
338                         if (filp && is_tty(filp)) {
339                                 disable = 0;
340                                 break;
341                         }
342                 }
343                 spin_unlock(&current->files->file_lock);
344         }
345         task_unlock(current);
346         if (!disable)
347                 return;
348
349         spin_lock_irq(&current->sighand->siglock);
350         current->signal->audit_tty = 0;
351         spin_unlock_irq(&current->sighand->siglock);
352 }