tty_audit.c 5.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * Creating audit events from TTY input.
  4. *
  5. * Copyright (C) 2007 Red Hat, Inc. All rights reserved.
  6. *
  7. * Authors: Miloslav Trmac <mitr@redhat.com>
  8. */
  9. #include <linux/audit.h>
  10. #include <linux/slab.h>
  11. #include <linux/tty.h>
  12. struct tty_audit_buf {
  13. struct mutex mutex; /* Protects all data below */
  14. dev_t dev; /* The TTY which the data is from */
  15. unsigned icanon:1;
  16. size_t valid;
  17. unsigned char *data; /* Allocated size N_TTY_BUF_SIZE */
  18. };
  19. static struct tty_audit_buf *tty_audit_buf_ref(void)
  20. {
  21. struct tty_audit_buf *buf;
  22. buf = current->signal->tty_audit_buf;
  23. WARN_ON(buf == ERR_PTR(-ESRCH));
  24. return buf;
  25. }
  26. static struct tty_audit_buf *tty_audit_buf_alloc(void)
  27. {
  28. struct tty_audit_buf *buf;
  29. buf = kmalloc(sizeof(*buf), GFP_KERNEL);
  30. if (!buf)
  31. goto err;
  32. buf->data = kmalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
  33. if (!buf->data)
  34. goto err_buf;
  35. mutex_init(&buf->mutex);
  36. buf->dev = MKDEV(0, 0);
  37. buf->icanon = 0;
  38. buf->valid = 0;
  39. return buf;
  40. err_buf:
  41. kfree(buf);
  42. err:
  43. return NULL;
  44. }
  45. static void tty_audit_buf_free(struct tty_audit_buf *buf)
  46. {
  47. WARN_ON(buf->valid != 0);
  48. kfree(buf->data);
  49. kfree(buf);
  50. }
  51. static void tty_audit_log(const char *description, dev_t dev,
  52. unsigned char *data, size_t size)
  53. {
  54. struct audit_buffer *ab;
  55. pid_t pid = task_pid_nr(current);
  56. uid_t uid = from_kuid(&init_user_ns, task_uid(current));
  57. uid_t loginuid = from_kuid(&init_user_ns, audit_get_loginuid(current));
  58. unsigned int sessionid = audit_get_sessionid(current);
  59. ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_TTY);
  60. if (ab) {
  61. char name[sizeof(current->comm)];
  62. audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u major=%d"
  63. " minor=%d comm=", description, pid, uid,
  64. loginuid, sessionid, MAJOR(dev), MINOR(dev));
  65. get_task_comm(name, current);
  66. audit_log_untrustedstring(ab, name);
  67. audit_log_format(ab, " data=");
  68. audit_log_n_hex(ab, data, size);
  69. audit_log_end(ab);
  70. }
  71. }
  72. /**
  73. * tty_audit_buf_push - Push buffered data out
  74. *
  75. * Generate an audit message from the contents of @buf, which is owned by
  76. * the current task. @buf->mutex must be locked.
  77. */
  78. static void tty_audit_buf_push(struct tty_audit_buf *buf)
  79. {
  80. if (buf->valid == 0)
  81. return;
  82. if (audit_enabled == AUDIT_OFF) {
  83. buf->valid = 0;
  84. return;
  85. }
  86. tty_audit_log("tty", buf->dev, buf->data, buf->valid);
  87. buf->valid = 0;
  88. }
  89. /**
  90. * tty_audit_exit - Handle a task exit
  91. *
  92. * Make sure all buffered data is written out and deallocate the buffer.
  93. * Only needs to be called if current->signal->tty_audit_buf != %NULL.
  94. *
  95. * The process is single-threaded at this point; no other threads share
  96. * current->signal.
  97. */
  98. void tty_audit_exit(void)
  99. {
  100. struct tty_audit_buf *buf;
  101. buf = xchg(&current->signal->tty_audit_buf, ERR_PTR(-ESRCH));
  102. if (!buf)
  103. return;
  104. tty_audit_buf_push(buf);
  105. tty_audit_buf_free(buf);
  106. }
  107. /**
  108. * tty_audit_fork - Copy TTY audit state for a new task
  109. *
  110. * Set up TTY audit state in @sig from current. @sig needs no locking.
  111. */
  112. void tty_audit_fork(struct signal_struct *sig)
  113. {
  114. sig->audit_tty = current->signal->audit_tty;
  115. }
  116. /**
  117. * tty_audit_tiocsti - Log TIOCSTI
  118. */
  119. void tty_audit_tiocsti(struct tty_struct *tty, char ch)
  120. {
  121. dev_t dev;
  122. dev = MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
  123. if (tty_audit_push())
  124. return;
  125. if (audit_enabled)
  126. tty_audit_log("ioctl=TIOCSTI", dev, &ch, 1);
  127. }
  128. /**
  129. * tty_audit_push - Flush current's pending audit data
  130. *
  131. * Returns 0 if success, -EPERM if tty audit is disabled
  132. */
  133. int tty_audit_push(void)
  134. {
  135. struct tty_audit_buf *buf;
  136. if (~current->signal->audit_tty & AUDIT_TTY_ENABLE)
  137. return -EPERM;
  138. buf = tty_audit_buf_ref();
  139. if (!IS_ERR_OR_NULL(buf)) {
  140. mutex_lock(&buf->mutex);
  141. tty_audit_buf_push(buf);
  142. mutex_unlock(&buf->mutex);
  143. }
  144. return 0;
  145. }
  146. /**
  147. * tty_audit_buf_get - Get an audit buffer.
  148. *
  149. * Get an audit buffer, allocate it if necessary. Return %NULL
  150. * if out of memory or ERR_PTR(-ESRCH) if tty_audit_exit() has already
  151. * occurred. Otherwise, return a new reference to the buffer.
  152. */
  153. static struct tty_audit_buf *tty_audit_buf_get(void)
  154. {
  155. struct tty_audit_buf *buf;
  156. buf = tty_audit_buf_ref();
  157. if (buf)
  158. return buf;
  159. buf = tty_audit_buf_alloc();
  160. if (buf == NULL) {
  161. audit_log_lost("out of memory in TTY auditing");
  162. return NULL;
  163. }
  164. /* Race to use this buffer, free it if another wins */
  165. if (cmpxchg(&current->signal->tty_audit_buf, NULL, buf) != NULL)
  166. tty_audit_buf_free(buf);
  167. return tty_audit_buf_ref();
  168. }
  169. /**
  170. * tty_audit_add_data - Add data for TTY auditing.
  171. *
  172. * Audit @data of @size from @tty, if necessary.
  173. */
  174. void tty_audit_add_data(struct tty_struct *tty, const void *data, size_t size)
  175. {
  176. struct tty_audit_buf *buf;
  177. unsigned int icanon = !!L_ICANON(tty);
  178. unsigned int audit_tty;
  179. dev_t dev;
  180. audit_tty = READ_ONCE(current->signal->audit_tty);
  181. if (~audit_tty & AUDIT_TTY_ENABLE)
  182. return;
  183. if (unlikely(size == 0))
  184. return;
  185. if (tty->driver->type == TTY_DRIVER_TYPE_PTY
  186. && tty->driver->subtype == PTY_TYPE_MASTER)
  187. return;
  188. if ((~audit_tty & AUDIT_TTY_LOG_PASSWD) && icanon && !L_ECHO(tty))
  189. return;
  190. buf = tty_audit_buf_get();
  191. if (IS_ERR_OR_NULL(buf))
  192. return;
  193. mutex_lock(&buf->mutex);
  194. dev = MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
  195. if (buf->dev != dev || buf->icanon != icanon) {
  196. tty_audit_buf_push(buf);
  197. buf->dev = dev;
  198. buf->icanon = icanon;
  199. }
  200. do {
  201. size_t run;
  202. run = N_TTY_BUF_SIZE - buf->valid;
  203. if (run > size)
  204. run = size;
  205. memcpy(buf->data + buf->valid, data, run);
  206. buf->valid += run;
  207. data += run;
  208. size -= run;
  209. if (buf->valid == N_TTY_BUF_SIZE)
  210. tty_audit_buf_push(buf);
  211. } while (size != 0);
  212. mutex_unlock(&buf->mutex);
  213. }