133e65b0dSMickaël Salaün /* SPDX-License-Identifier: GPL-2.0-only */ 233e65b0dSMickaël Salaün /* 333e65b0dSMickaël Salaün * Landlock - Audit helpers 433e65b0dSMickaël Salaün * 533e65b0dSMickaël Salaün * Copyright © 2023-2025 Microsoft Corporation 633e65b0dSMickaël Salaün */ 733e65b0dSMickaël Salaün 833e65b0dSMickaël Salaün #ifndef _SECURITY_LANDLOCK_AUDIT_H 933e65b0dSMickaël Salaün #define _SECURITY_LANDLOCK_AUDIT_H 1033e65b0dSMickaël Salaün 1133e65b0dSMickaël Salaün #include <linux/audit.h> 1233e65b0dSMickaël Salaün #include <linux/lsm_audit.h> 1333e65b0dSMickaël Salaün 142fc80c69SMickaël Salaün #include "access.h" 1533e65b0dSMickaël Salaün #include "cred.h" 1633e65b0dSMickaël Salaün 1733e65b0dSMickaël Salaün enum landlock_request_type { 1833e65b0dSMickaël Salaün LANDLOCK_REQUEST_PTRACE = 1, 19c56f6496SMickaël Salaün LANDLOCK_REQUEST_FS_CHANGE_TOPOLOGY, 202fc80c69SMickaël Salaün LANDLOCK_REQUEST_FS_ACCESS, 21*9f74411aSMickaël Salaün LANDLOCK_REQUEST_NET_ACCESS, 2233e65b0dSMickaël Salaün }; 2333e65b0dSMickaël Salaün 2433e65b0dSMickaël Salaün /* 2533e65b0dSMickaël Salaün * We should be careful to only use a variable of this type for 2633e65b0dSMickaël Salaün * landlock_log_denial(). This way, the compiler can remove it entirely if 2733e65b0dSMickaël Salaün * CONFIG_AUDIT is not set. 2833e65b0dSMickaël Salaün */ 2933e65b0dSMickaël Salaün struct landlock_request { 3033e65b0dSMickaël Salaün /* Mandatory fields. */ 3133e65b0dSMickaël Salaün enum landlock_request_type type; 3233e65b0dSMickaël Salaün struct common_audit_data audit; 3333e65b0dSMickaël Salaün 3433e65b0dSMickaël Salaün /** 3533e65b0dSMickaël Salaün * layer_plus_one: First layer level that denies the request + 1. The 3633e65b0dSMickaël Salaün * extra one is useful to detect uninitialized field. 3733e65b0dSMickaël Salaün */ 3833e65b0dSMickaël Salaün size_t layer_plus_one; 392fc80c69SMickaël Salaün 402fc80c69SMickaël Salaün /* Required field for configurable access control. */ 412fc80c69SMickaël Salaün access_mask_t access; 422fc80c69SMickaël Salaün 432fc80c69SMickaël Salaün /* Required fields for requests with layer masks. */ 442fc80c69SMickaël Salaün const layer_mask_t (*layer_masks)[]; 452fc80c69SMickaël Salaün size_t layer_masks_size; 4620fd2954SMickaël Salaün 4720fd2954SMickaël Salaün /* Required fields for requests with deny masks. */ 4820fd2954SMickaël Salaün const access_mask_t all_existing_optional_access; 4920fd2954SMickaël Salaün deny_masks_t deny_masks; 5033e65b0dSMickaël Salaün }; 5133e65b0dSMickaël Salaün 5233e65b0dSMickaël Salaün #ifdef CONFIG_AUDIT 5333e65b0dSMickaël Salaün 541d636984SMickaël Salaün void landlock_log_drop_domain(const struct landlock_hierarchy *const hierarchy); 551d636984SMickaël Salaün 5633e65b0dSMickaël Salaün void landlock_log_denial(const struct landlock_cred_security *const subject, 5733e65b0dSMickaël Salaün const struct landlock_request *const request); 5833e65b0dSMickaël Salaün 5933e65b0dSMickaël Salaün #else /* CONFIG_AUDIT */ 6033e65b0dSMickaël Salaün 6133e65b0dSMickaël Salaün static inline void 621d636984SMickaël Salaün landlock_log_drop_domain(const struct landlock_hierarchy *const hierarchy) 631d636984SMickaël Salaün { 641d636984SMickaël Salaün } 651d636984SMickaël Salaün 661d636984SMickaël Salaün static inline void 6733e65b0dSMickaël Salaün landlock_log_denial(const struct landlock_cred_security *const subject, 6833e65b0dSMickaël Salaün const struct landlock_request *const request) 6933e65b0dSMickaël Salaün { 7033e65b0dSMickaël Salaün } 7133e65b0dSMickaël Salaün 7233e65b0dSMickaël Salaün #endif /* CONFIG_AUDIT */ 7333e65b0dSMickaël Salaün 7433e65b0dSMickaël Salaün #endif /* _SECURITY_LANDLOCK_AUDIT_H */ 75