2  * Copyright (C) 2008 IBM Corporation
 
   3  * Author: Mimi Zohar <zohar@us.ibm.com>
 
   5  * This program is free software; you can redistribute it and/or modify
 
   6  * it under the terms of the GNU General Public License as published by
 
   7  * the Free Software Foundation, version 2 of the License.
 
   9  * File: integrity_audit.c
 
  10  *      Audit calls for the integrity subsystem
 
  14 #include <linux/audit.h>
 
  19 #ifdef CONFIG_IMA_AUDIT
 
  21 /* ima_audit_setup - enable informational auditing messages */
 
  22 static int __init ima_audit_setup(char *str)
 
  28         rc = strict_strtoul(str, 0, &audit);
 
  30                 printk(KERN_INFO "ima: invalid ima_audit value\n");
 
  33         op = ima_audit ? "ima_audit_enabled" : "ima_audit_not_enabled";
 
  34         integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL, NULL, op, 0, 0);
 
  37 __setup("ima_audit=", ima_audit_setup);
 
  40 void integrity_audit_msg(int audit_msgno, struct inode *inode,
 
  41                          const unsigned char *fname, const char *op,
 
  42                          const char *cause, int result, int audit_info)
 
  44         struct audit_buffer *ab;
 
  46         if (!ima_audit && audit_info == 1) /* Skip informational messages */
 
  49         ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
 
  50         audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u",
 
  51                          current->pid, current->cred->uid,
 
  52                          audit_get_loginuid(current));
 
  53         audit_log_task_context(ab);
 
  54         switch (audit_msgno) {
 
  55         case AUDIT_INTEGRITY_DATA:
 
  56         case AUDIT_INTEGRITY_METADATA:
 
  57         case AUDIT_INTEGRITY_PCR:
 
  58                 audit_log_format(ab, " op=%s cause=%s", op, cause);
 
  60         case AUDIT_INTEGRITY_HASH:
 
  61                 audit_log_format(ab, " op=%s hash=%s", op, cause);
 
  63         case AUDIT_INTEGRITY_STATUS:
 
  65                 audit_log_format(ab, " op=%s", op);
 
  67         audit_log_format(ab, " comm=");
 
  68         audit_log_untrustedstring(ab, current->comm);
 
  70                 audit_log_format(ab, " name=");
 
  71                 audit_log_untrustedstring(ab, fname);
 
  74                 audit_log_format(ab, " dev=%s ino=%lu",
 
  75                                  inode->i_sb->s_id, inode->i_ino);
 
  76         audit_log_format(ab, " res=%d", result);