xref: /freebsd/sys/security/mac/mac_audit.c (revision f1e8bf6dd4ae5a1dc8ab028911da059811bd3a9c) 
1 /*-
2  * Copyright (c) 1999-2002 Robert N. M. Watson
3  * Copyright (c) 2001 Ilmar S. Habibulin
4  * Copyright (c) 2001-2004 Networks Associates Technology, Inc.
5  *
6  * This software was developed by Robert Watson and Ilmar Habibulin for the
7  * TrustedBSD Project.
8  *
9  * This software was developed for the FreeBSD Project in part by Network
10  * Associates Laboratories, the Security Research Division of Network
11  * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
12  * as part of the DARPA CHATS research program.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  *
35  * $FreeBSD$
36  */
37 
38 #include <sys/param.h>
39 #include <sys/module.h>
40 #include <sys/vnode.h>
41 
42 #include <security/audit/audit.h>
43 
44 #include <security/mac/mac_framework.h>
45 #include <security/mac/mac_internal.h>
46 #include <security/mac/mac_policy.h>
47 
48 int
49 mac_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai)
50 {
51 	int error;
52 
53 	MAC_CHECK(check_proc_setaudit, cred, ai);
54 
55 	return (error);
56 }
57 
58 int
59 mac_check_proc_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia)
60 {
61 	int error;
62 
63 	MAC_CHECK(check_proc_setaudit_addr, cred, aia);
64 
65 	return (error);
66 }
67 
68 int
69 mac_check_proc_setauid(struct ucred *cred, uid_t auid)
70 {
71 	int error;
72 
73 	MAC_CHECK(check_proc_setauid, cred, auid);
74 
75 	return (error);
76 }
77 
78 int
79 mac_check_system_audit(struct ucred *cred, void *record, int length)
80 {
81 	int error;
82 
83 	MAC_CHECK(check_system_audit, cred, record, length);
84 
85 	return (error);
86 }
87 
88 int
89 mac_check_system_auditctl(struct ucred *cred, struct vnode *vp)
90 {
91 	int error;
92 	struct label *vl;
93 
94 	ASSERT_VOP_LOCKED(vp, "mac_check_system_auditctl");
95 
96 	vl = (vp != NULL) ? vp->v_label : NULL;
97 
98 	MAC_CHECK(check_system_auditctl, cred, vp, vl);
99 
100 	return (error);
101 }
102 
103 int
104 mac_check_system_auditon(struct ucred *cred, int cmd)
105 {
106 	int error;
107 
108 	MAC_CHECK(check_system_auditon, cred, cmd);
109 
110 	return (error);
111 }
112