1 /* audit.h -- Auditing support
2  *
3  * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
4  * All Rights Reserved.
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 2 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
19  *
20  * Written by Rickard E. (Rik) Faith <faith@redhat.com>
21  *
22  */
23 #ifndef _LINUX_AUDIT_H_
24 #define _LINUX_AUDIT_H_
25 
26 #include <linux/sched.h>
27 #include <linux/ptrace.h>
28 #include <uapi/linux/audit.h>
29 
30 #define AUDIT_INO_UNSET ((unsigned long)-1)
31 #define AUDIT_DEV_UNSET ((dev_t)-1)
32 
33 struct audit_sig_info {
34 	uid_t		uid;
35 	pid_t		pid;
36 	char		ctx[0];
37 };
38 
39 struct audit_buffer;
40 struct audit_context;
41 struct inode;
42 struct netlink_skb_parms;
43 struct path;
44 struct linux_binprm;
45 struct mq_attr;
46 struct mqstat;
47 struct audit_watch;
48 struct audit_tree;
49 struct sk_buff;
50 
51 struct audit_krule {
52 	u32			pflags;
53 	u32			flags;
54 	u32			listnr;
55 	u32			action;
56 	u32			mask[AUDIT_BITMASK_SIZE];
57 	u32			buflen; /* for data alloc on list rules */
58 	u32			field_count;
59 	char			*filterkey; /* ties events to rules */
60 	struct audit_field	*fields;
61 	struct audit_field	*arch_f; /* quick access to arch field */
62 	struct audit_field	*inode_f; /* quick access to an inode field */
63 	struct audit_watch	*watch;	/* associated watch */
64 	struct audit_tree	*tree;	/* associated watched tree */
65 	struct audit_fsnotify_mark	*exe;
66 	struct list_head	rlist;	/* entry in audit_{watch,tree}.rules list */
67 	struct list_head	list;	/* for AUDIT_LIST* purposes only */
68 	u64			prio;
69 };
70 
71 /* Flag to indicate legacy AUDIT_LOGINUID unset usage */
72 #define AUDIT_LOGINUID_LEGACY		0x1
73 
74 struct audit_field {
75 	u32				type;
76 	union {
77 		u32			val;
78 		kuid_t			uid;
79 		kgid_t			gid;
80 		struct {
81 			char		*lsm_str;
82 			void		*lsm_rule;
83 		};
84 	};
85 	u32				op;
86 };
87 
88 extern int is_audit_feature_set(int which);
89 
90 extern int __init audit_register_class(int class, unsigned *list);
91 extern int audit_classify_syscall(int abi, unsigned syscall);
92 extern int audit_classify_arch(int arch);
93 /* only for compat system calls */
94 extern unsigned compat_write_class[];
95 extern unsigned compat_read_class[];
96 extern unsigned compat_dir_class[];
97 extern unsigned compat_chattr_class[];
98 extern unsigned compat_signal_class[];
99 
100 extern int audit_classify_compat_syscall(int abi, unsigned syscall);
101 
102 /* audit_names->type values */
103 #define	AUDIT_TYPE_UNKNOWN	0	/* we don't know yet */
104 #define	AUDIT_TYPE_NORMAL	1	/* a "normal" audit record */
105 #define	AUDIT_TYPE_PARENT	2	/* a parent audit record */
106 #define	AUDIT_TYPE_CHILD_DELETE 3	/* a child being deleted */
107 #define	AUDIT_TYPE_CHILD_CREATE 4	/* a child being created */
108 
109 /* maximized args number that audit_socketcall can process */
110 #define AUDITSC_ARGS		6
111 
112 /* bit values for ->signal->audit_tty */
113 #define AUDIT_TTY_ENABLE	BIT(0)
114 #define AUDIT_TTY_LOG_PASSWD	BIT(1)
115 
116 struct filename;
117 
118 extern void audit_log_session_info(struct audit_buffer *ab);
119 
120 #define AUDIT_OFF	0
121 #define AUDIT_ON	1
122 #define AUDIT_LOCKED	2
123 #ifdef CONFIG_AUDIT
124 /* These are defined in audit.c */
125 				/* Public API */
126 extern __printf(4, 5)
127 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
128 	       const char *fmt, ...);
129 
130 extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type);
131 extern __printf(2, 3)
132 void audit_log_format(struct audit_buffer *ab, const char *fmt, ...);
133 extern void		    audit_log_end(struct audit_buffer *ab);
134 extern bool		    audit_string_contains_control(const char *string,
135 							  size_t len);
136 extern void		    audit_log_n_hex(struct audit_buffer *ab,
137 					  const unsigned char *buf,
138 					  size_t len);
139 extern void		    audit_log_n_string(struct audit_buffer *ab,
140 					       const char *buf,
141 					       size_t n);
142 extern void		    audit_log_n_untrustedstring(struct audit_buffer *ab,
143 							const char *string,
144 							size_t n);
145 extern void		    audit_log_untrustedstring(struct audit_buffer *ab,
146 						      const char *string);
147 extern void		    audit_log_d_path(struct audit_buffer *ab,
148 					     const char *prefix,
149 					     const struct path *path);
150 extern void		    audit_log_key(struct audit_buffer *ab,
151 					  char *key);
152 extern void		    audit_log_link_denied(const char *operation);
153 extern void		    audit_log_lost(const char *message);
154 
155 extern int audit_log_task_context(struct audit_buffer *ab);
156 extern void audit_log_task_info(struct audit_buffer *ab,
157 				struct task_struct *tsk);
158 
159 extern int		    audit_update_lsm_rules(void);
160 
161 				/* Private API (for audit.c only) */
162 extern int audit_rule_change(int type, int seq, void *data, size_t datasz);
163 extern int audit_list_rules_send(struct sk_buff *request_skb, int seq);
164 
165 extern u32 audit_enabled;
166 #else /* CONFIG_AUDIT */
167 static inline __printf(4, 5)
audit_log(struct audit_context * ctx,gfp_t gfp_mask,int type,const char * fmt,...)168 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
169 	       const char *fmt, ...)
170 { }
audit_log_start(struct audit_context * ctx,gfp_t gfp_mask,int type)171 static inline struct audit_buffer *audit_log_start(struct audit_context *ctx,
172 						   gfp_t gfp_mask, int type)
173 {
174 	return NULL;
175 }
176 static inline __printf(2, 3)
audit_log_format(struct audit_buffer * ab,const char * fmt,...)177 void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
178 { }
audit_log_end(struct audit_buffer * ab)179 static inline void audit_log_end(struct audit_buffer *ab)
180 { }
audit_log_n_hex(struct audit_buffer * ab,const unsigned char * buf,size_t len)181 static inline void audit_log_n_hex(struct audit_buffer *ab,
182 				   const unsigned char *buf, size_t len)
183 { }
audit_log_n_string(struct audit_buffer * ab,const char * buf,size_t n)184 static inline void audit_log_n_string(struct audit_buffer *ab,
185 				      const char *buf, size_t n)
186 { }
audit_log_n_untrustedstring(struct audit_buffer * ab,const char * string,size_t n)187 static inline void  audit_log_n_untrustedstring(struct audit_buffer *ab,
188 						const char *string, size_t n)
189 { }
audit_log_untrustedstring(struct audit_buffer * ab,const char * string)190 static inline void audit_log_untrustedstring(struct audit_buffer *ab,
191 					     const char *string)
192 { }
audit_log_d_path(struct audit_buffer * ab,const char * prefix,const struct path * path)193 static inline void audit_log_d_path(struct audit_buffer *ab,
194 				    const char *prefix,
195 				    const struct path *path)
196 { }
audit_log_key(struct audit_buffer * ab,char * key)197 static inline void audit_log_key(struct audit_buffer *ab, char *key)
198 { }
audit_log_link_denied(const char * string)199 static inline void audit_log_link_denied(const char *string)
200 { }
audit_log_task_context(struct audit_buffer * ab)201 static inline int audit_log_task_context(struct audit_buffer *ab)
202 {
203 	return 0;
204 }
audit_log_task_info(struct audit_buffer * ab,struct task_struct * tsk)205 static inline void audit_log_task_info(struct audit_buffer *ab,
206 				       struct task_struct *tsk)
207 { }
208 #define audit_enabled AUDIT_OFF
209 #endif /* CONFIG_AUDIT */
210 
211 #ifdef CONFIG_AUDIT_COMPAT_GENERIC
212 #define audit_is_compat(arch)  (!((arch) & __AUDIT_ARCH_64BIT))
213 #else
214 #define audit_is_compat(arch)  false
215 #endif
216 
217 #ifdef CONFIG_AUDITSYSCALL
218 #include <asm/syscall.h> /* for syscall_get_arch() */
219 
220 /* These are defined in auditsc.c */
221 				/* Public API */
222 extern int  audit_alloc(struct task_struct *task);
223 extern void __audit_free(struct task_struct *task);
224 extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1,
225 				  unsigned long a2, unsigned long a3);
226 extern void __audit_syscall_exit(int ret_success, long ret_value);
227 extern struct filename *__audit_reusename(const __user char *uptr);
228 extern void __audit_getname(struct filename *name);
229 
230 #define AUDIT_INODE_PARENT	1	/* dentry represents the parent */
231 #define AUDIT_INODE_HIDDEN	2	/* audit record should be hidden */
232 extern void __audit_inode(struct filename *name, const struct dentry *dentry,
233 				unsigned int flags);
234 extern void __audit_file(const struct file *);
235 extern void __audit_inode_child(struct inode *parent,
236 				const struct dentry *dentry,
237 				const unsigned char type);
238 extern void audit_seccomp(unsigned long syscall, long signr, int code);
239 extern void audit_seccomp_actions_logged(const char *names,
240 					 const char *old_names, int res);
241 extern void __audit_ptrace(struct task_struct *t);
242 
audit_set_context(struct task_struct * task,struct audit_context * ctx)243 static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
244 {
245 	task->audit_context = ctx;
246 }
247 
audit_context(void)248 static inline struct audit_context *audit_context(void)
249 {
250 	return current->audit_context;
251 }
252 
audit_dummy_context(void)253 static inline bool audit_dummy_context(void)
254 {
255 	void *p = audit_context();
256 	return !p || *(int *)p;
257 }
audit_free(struct task_struct * task)258 static inline void audit_free(struct task_struct *task)
259 {
260 	if (unlikely(task->audit_context))
261 		__audit_free(task);
262 }
audit_syscall_entry(int major,unsigned long a0,unsigned long a1,unsigned long a2,unsigned long a3)263 static inline void audit_syscall_entry(int major, unsigned long a0,
264 				       unsigned long a1, unsigned long a2,
265 				       unsigned long a3)
266 {
267 	if (unlikely(audit_context()))
268 		__audit_syscall_entry(major, a0, a1, a2, a3);
269 }
audit_syscall_exit(void * pt_regs)270 static inline void audit_syscall_exit(void *pt_regs)
271 {
272 	if (unlikely(audit_context())) {
273 		int success = is_syscall_success(pt_regs);
274 		long return_code = regs_return_value(pt_regs);
275 
276 		__audit_syscall_exit(success, return_code);
277 	}
278 }
audit_reusename(const __user char * name)279 static inline struct filename *audit_reusename(const __user char *name)
280 {
281 	if (unlikely(!audit_dummy_context()))
282 		return __audit_reusename(name);
283 	return NULL;
284 }
audit_getname(struct filename * name)285 static inline void audit_getname(struct filename *name)
286 {
287 	if (unlikely(!audit_dummy_context()))
288 		__audit_getname(name);
289 }
audit_inode(struct filename * name,const struct dentry * dentry,unsigned int parent)290 static inline void audit_inode(struct filename *name,
291 				const struct dentry *dentry,
292 				unsigned int parent) {
293 	if (unlikely(!audit_dummy_context())) {
294 		unsigned int flags = 0;
295 		if (parent)
296 			flags |= AUDIT_INODE_PARENT;
297 		__audit_inode(name, dentry, flags);
298 	}
299 }
audit_file(struct file * file)300 static inline void audit_file(struct file *file)
301 {
302 	if (unlikely(!audit_dummy_context()))
303 		__audit_file(file);
304 }
audit_inode_parent_hidden(struct filename * name,const struct dentry * dentry)305 static inline void audit_inode_parent_hidden(struct filename *name,
306 						const struct dentry *dentry)
307 {
308 	if (unlikely(!audit_dummy_context()))
309 		__audit_inode(name, dentry,
310 				AUDIT_INODE_PARENT | AUDIT_INODE_HIDDEN);
311 }
audit_inode_child(struct inode * parent,const struct dentry * dentry,const unsigned char type)312 static inline void audit_inode_child(struct inode *parent,
313 				     const struct dentry *dentry,
314 				     const unsigned char type) {
315 	if (unlikely(!audit_dummy_context()))
316 		__audit_inode_child(parent, dentry, type);
317 }
318 void audit_core_dumps(long signr);
319 
audit_ptrace(struct task_struct * t)320 static inline void audit_ptrace(struct task_struct *t)
321 {
322 	if (unlikely(!audit_dummy_context()))
323 		__audit_ptrace(t);
324 }
325 
326 				/* Private API (for audit.c only) */
327 extern unsigned int audit_serial(void);
328 extern int auditsc_get_stamp(struct audit_context *ctx,
329 			      struct timespec64 *t, unsigned int *serial);
330 extern int audit_set_loginuid(kuid_t loginuid);
331 
audit_get_loginuid(struct task_struct * tsk)332 static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
333 {
334 	return tsk->loginuid;
335 }
336 
audit_get_sessionid(struct task_struct * tsk)337 static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
338 {
339 	return tsk->sessionid;
340 }
341 
342 extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
343 extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
344 extern void __audit_bprm(struct linux_binprm *bprm);
345 extern int __audit_socketcall(int nargs, unsigned long *args);
346 extern int __audit_sockaddr(int len, void *addr);
347 extern void __audit_fd_pair(int fd1, int fd2);
348 extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
349 extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout);
350 extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification);
351 extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
352 extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
353 				  const struct cred *new,
354 				  const struct cred *old);
355 extern void __audit_log_capset(const struct cred *new, const struct cred *old);
356 extern void __audit_mmap_fd(int fd, int flags);
357 extern void __audit_log_kern_module(char *name);
358 extern void __audit_fanotify(unsigned int response);
359 
audit_ipc_obj(struct kern_ipc_perm * ipcp)360 static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
361 {
362 	if (unlikely(!audit_dummy_context()))
363 		__audit_ipc_obj(ipcp);
364 }
audit_fd_pair(int fd1,int fd2)365 static inline void audit_fd_pair(int fd1, int fd2)
366 {
367 	if (unlikely(!audit_dummy_context()))
368 		__audit_fd_pair(fd1, fd2);
369 }
audit_ipc_set_perm(unsigned long qbytes,uid_t uid,gid_t gid,umode_t mode)370 static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode)
371 {
372 	if (unlikely(!audit_dummy_context()))
373 		__audit_ipc_set_perm(qbytes, uid, gid, mode);
374 }
audit_bprm(struct linux_binprm * bprm)375 static inline void audit_bprm(struct linux_binprm *bprm)
376 {
377 	if (unlikely(!audit_dummy_context()))
378 		__audit_bprm(bprm);
379 }
audit_socketcall(int nargs,unsigned long * args)380 static inline int audit_socketcall(int nargs, unsigned long *args)
381 {
382 	if (unlikely(!audit_dummy_context()))
383 		return __audit_socketcall(nargs, args);
384 	return 0;
385 }
386 
audit_socketcall_compat(int nargs,u32 * args)387 static inline int audit_socketcall_compat(int nargs, u32 *args)
388 {
389 	unsigned long a[AUDITSC_ARGS];
390 	int i;
391 
392 	if (audit_dummy_context())
393 		return 0;
394 
395 	for (i = 0; i < nargs; i++)
396 		a[i] = (unsigned long)args[i];
397 	return __audit_socketcall(nargs, a);
398 }
399 
audit_sockaddr(int len,void * addr)400 static inline int audit_sockaddr(int len, void *addr)
401 {
402 	if (unlikely(!audit_dummy_context()))
403 		return __audit_sockaddr(len, addr);
404 	return 0;
405 }
audit_mq_open(int oflag,umode_t mode,struct mq_attr * attr)406 static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
407 {
408 	if (unlikely(!audit_dummy_context()))
409 		__audit_mq_open(oflag, mode, attr);
410 }
audit_mq_sendrecv(mqd_t mqdes,size_t msg_len,unsigned int msg_prio,const struct timespec64 * abs_timeout)411 static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout)
412 {
413 	if (unlikely(!audit_dummy_context()))
414 		__audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout);
415 }
audit_mq_notify(mqd_t mqdes,const struct sigevent * notification)416 static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
417 {
418 	if (unlikely(!audit_dummy_context()))
419 		__audit_mq_notify(mqdes, notification);
420 }
audit_mq_getsetattr(mqd_t mqdes,struct mq_attr * mqstat)421 static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
422 {
423 	if (unlikely(!audit_dummy_context()))
424 		__audit_mq_getsetattr(mqdes, mqstat);
425 }
426 
audit_log_bprm_fcaps(struct linux_binprm * bprm,const struct cred * new,const struct cred * old)427 static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
428 				       const struct cred *new,
429 				       const struct cred *old)
430 {
431 	if (unlikely(!audit_dummy_context()))
432 		return __audit_log_bprm_fcaps(bprm, new, old);
433 	return 0;
434 }
435 
audit_log_capset(const struct cred * new,const struct cred * old)436 static inline void audit_log_capset(const struct cred *new,
437 				   const struct cred *old)
438 {
439 	if (unlikely(!audit_dummy_context()))
440 		__audit_log_capset(new, old);
441 }
442 
audit_mmap_fd(int fd,int flags)443 static inline void audit_mmap_fd(int fd, int flags)
444 {
445 	if (unlikely(!audit_dummy_context()))
446 		__audit_mmap_fd(fd, flags);
447 }
448 
audit_log_kern_module(char * name)449 static inline void audit_log_kern_module(char *name)
450 {
451 	if (!audit_dummy_context())
452 		__audit_log_kern_module(name);
453 }
454 
audit_fanotify(unsigned int response)455 static inline void audit_fanotify(unsigned int response)
456 {
457 	if (!audit_dummy_context())
458 		__audit_fanotify(response);
459 }
460 
461 extern int audit_n_rules;
462 extern int audit_signals;
463 #else /* CONFIG_AUDITSYSCALL */
audit_alloc(struct task_struct * task)464 static inline int audit_alloc(struct task_struct *task)
465 {
466 	return 0;
467 }
audit_free(struct task_struct * task)468 static inline void audit_free(struct task_struct *task)
469 { }
audit_syscall_entry(int major,unsigned long a0,unsigned long a1,unsigned long a2,unsigned long a3)470 static inline void audit_syscall_entry(int major, unsigned long a0,
471 				       unsigned long a1, unsigned long a2,
472 				       unsigned long a3)
473 { }
audit_syscall_exit(void * pt_regs)474 static inline void audit_syscall_exit(void *pt_regs)
475 { }
audit_dummy_context(void)476 static inline bool audit_dummy_context(void)
477 {
478 	return true;
479 }
audit_set_context(struct task_struct * task,struct audit_context * ctx)480 static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
481 { }
audit_context(void)482 static inline struct audit_context *audit_context(void)
483 {
484 	return NULL;
485 }
audit_reusename(const __user char * name)486 static inline struct filename *audit_reusename(const __user char *name)
487 {
488 	return NULL;
489 }
audit_getname(struct filename * name)490 static inline void audit_getname(struct filename *name)
491 { }
__audit_inode(struct filename * name,const struct dentry * dentry,unsigned int flags)492 static inline void __audit_inode(struct filename *name,
493 					const struct dentry *dentry,
494 					unsigned int flags)
495 { }
__audit_inode_child(struct inode * parent,const struct dentry * dentry,const unsigned char type)496 static inline void __audit_inode_child(struct inode *parent,
497 					const struct dentry *dentry,
498 					const unsigned char type)
499 { }
audit_inode(struct filename * name,const struct dentry * dentry,unsigned int parent)500 static inline void audit_inode(struct filename *name,
501 				const struct dentry *dentry,
502 				unsigned int parent)
503 { }
audit_file(struct file * file)504 static inline void audit_file(struct file *file)
505 {
506 }
audit_inode_parent_hidden(struct filename * name,const struct dentry * dentry)507 static inline void audit_inode_parent_hidden(struct filename *name,
508 				const struct dentry *dentry)
509 { }
audit_inode_child(struct inode * parent,const struct dentry * dentry,const unsigned char type)510 static inline void audit_inode_child(struct inode *parent,
511 				     const struct dentry *dentry,
512 				     const unsigned char type)
513 { }
audit_core_dumps(long signr)514 static inline void audit_core_dumps(long signr)
515 { }
audit_seccomp(unsigned long syscall,long signr,int code)516 static inline void audit_seccomp(unsigned long syscall, long signr, int code)
517 { }
audit_seccomp_actions_logged(const char * names,const char * old_names,int res)518 static inline void audit_seccomp_actions_logged(const char *names,
519 						const char *old_names, int res)
520 { }
auditsc_get_stamp(struct audit_context * ctx,struct timespec64 * t,unsigned int * serial)521 static inline int auditsc_get_stamp(struct audit_context *ctx,
522 			      struct timespec64 *t, unsigned int *serial)
523 {
524 	return 0;
525 }
audit_get_loginuid(struct task_struct * tsk)526 static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
527 {
528 	return INVALID_UID;
529 }
audit_get_sessionid(struct task_struct * tsk)530 static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
531 {
532 	return AUDIT_SID_UNSET;
533 }
audit_ipc_obj(struct kern_ipc_perm * ipcp)534 static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
535 { }
audit_ipc_set_perm(unsigned long qbytes,uid_t uid,gid_t gid,umode_t mode)536 static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
537 					gid_t gid, umode_t mode)
538 { }
audit_bprm(struct linux_binprm * bprm)539 static inline void audit_bprm(struct linux_binprm *bprm)
540 { }
audit_socketcall(int nargs,unsigned long * args)541 static inline int audit_socketcall(int nargs, unsigned long *args)
542 {
543 	return 0;
544 }
545 
audit_socketcall_compat(int nargs,u32 * args)546 static inline int audit_socketcall_compat(int nargs, u32 *args)
547 {
548 	return 0;
549 }
550 
audit_fd_pair(int fd1,int fd2)551 static inline void audit_fd_pair(int fd1, int fd2)
552 { }
audit_sockaddr(int len,void * addr)553 static inline int audit_sockaddr(int len, void *addr)
554 {
555 	return 0;
556 }
audit_mq_open(int oflag,umode_t mode,struct mq_attr * attr)557 static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
558 { }
audit_mq_sendrecv(mqd_t mqdes,size_t msg_len,unsigned int msg_prio,const struct timespec64 * abs_timeout)559 static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len,
560 				     unsigned int msg_prio,
561 				     const struct timespec64 *abs_timeout)
562 { }
audit_mq_notify(mqd_t mqdes,const struct sigevent * notification)563 static inline void audit_mq_notify(mqd_t mqdes,
564 				   const struct sigevent *notification)
565 { }
audit_mq_getsetattr(mqd_t mqdes,struct mq_attr * mqstat)566 static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
567 { }
audit_log_bprm_fcaps(struct linux_binprm * bprm,const struct cred * new,const struct cred * old)568 static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
569 				       const struct cred *new,
570 				       const struct cred *old)
571 {
572 	return 0;
573 }
audit_log_capset(const struct cred * new,const struct cred * old)574 static inline void audit_log_capset(const struct cred *new,
575 				    const struct cred *old)
576 { }
audit_mmap_fd(int fd,int flags)577 static inline void audit_mmap_fd(int fd, int flags)
578 { }
579 
audit_log_kern_module(char * name)580 static inline void audit_log_kern_module(char *name)
581 {
582 }
583 
audit_fanotify(unsigned int response)584 static inline void audit_fanotify(unsigned int response)
585 { }
586 
audit_ptrace(struct task_struct * t)587 static inline void audit_ptrace(struct task_struct *t)
588 { }
589 #define audit_n_rules 0
590 #define audit_signals 0
591 #endif /* CONFIG_AUDITSYSCALL */
592 
audit_loginuid_set(struct task_struct * tsk)593 static inline bool audit_loginuid_set(struct task_struct *tsk)
594 {
595 	return uid_valid(audit_get_loginuid(tsk));
596 }
597 
audit_log_string(struct audit_buffer * ab,const char * buf)598 static inline void audit_log_string(struct audit_buffer *ab, const char *buf)
599 {
600 	audit_log_n_string(ab, buf, strlen(buf));
601 }
602 
603 #endif
604