From: david.abdurachmanov@gmail.com (David Abdurachmanov) To: linux-riscv@lists.infradead.org Subject: [PATCH 2/2] riscv: audit: add audit hook in do_syscall_trace_enter/exit() Date: Mon, 29 Oct 2018 11:48:54 +0100 [thread overview] Message-ID: <20181029104854.17432-3-david.abdurachmanov@gmail.com> (raw) In-Reply-To: <20181029104854.17432-1-david.abdurachmanov@gmail.com> This patch adds auditing functions on entry to and exit from every system call invocation. Signed-off-by: David Abdurachmanov <david.abdurachmanov@gmail.com> --- arch/riscv/kernel/ptrace.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/riscv/kernel/ptrace.c b/arch/riscv/kernel/ptrace.c index 9f82a7e34c64..85b0c93f00c6 100644 --- a/arch/riscv/kernel/ptrace.c +++ b/arch/riscv/kernel/ptrace.c @@ -18,6 +18,7 @@ #include <asm/ptrace.h> #include <asm/syscall.h> #include <asm/thread_info.h> +#include <linux/audit.h> #include <linux/ptrace.h> #include <linux/elf.h> #include <linux/regset.h> @@ -111,10 +112,14 @@ void do_syscall_trace_enter(struct pt_regs *regs) if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) trace_sys_enter(regs, syscall_get_nr(current, regs)); #endif + + audit_syscall_entry(regs->a7, regs->a0, regs->a1, regs->a2, regs->a3); } void do_syscall_trace_exit(struct pt_regs *regs) { + audit_syscall_exit(regs); + if (test_thread_flag(TIF_SYSCALL_TRACE)) tracehook_report_syscall_exit(regs, 0); -- 2.17.2
WARNING: multiple messages have this Message-ID (diff)
From: David Abdurachmanov <david.abdurachmanov@gmail.com> To: palmer@sifive.com, aou@eecs.berkeley.edu, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, linux-audit@redhat.com Cc: David Abdurachmanov <david.abdurachmanov@gmail.com> Subject: [PATCH 2/2] riscv: audit: add audit hook in do_syscall_trace_enter/exit() Date: Mon, 29 Oct 2018 11:48:54 +0100 [thread overview] Message-ID: <20181029104854.17432-3-david.abdurachmanov@gmail.com> (raw) Message-ID: <20181029104854.s2Fbqwu53QQHhN20KEvRCPCx9P8GepvfniWIBIH5hn4@z> (raw) In-Reply-To: <20181029104854.17432-1-david.abdurachmanov@gmail.com> This patch adds auditing functions on entry to and exit from every system call invocation. Signed-off-by: David Abdurachmanov <david.abdurachmanov@gmail.com> --- arch/riscv/kernel/ptrace.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/riscv/kernel/ptrace.c b/arch/riscv/kernel/ptrace.c index 9f82a7e34c64..85b0c93f00c6 100644 --- a/arch/riscv/kernel/ptrace.c +++ b/arch/riscv/kernel/ptrace.c @@ -18,6 +18,7 @@ #include <asm/ptrace.h> #include <asm/syscall.h> #include <asm/thread_info.h> +#include <linux/audit.h> #include <linux/ptrace.h> #include <linux/elf.h> #include <linux/regset.h> @@ -111,10 +112,14 @@ void do_syscall_trace_enter(struct pt_regs *regs) if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) trace_sys_enter(regs, syscall_get_nr(current, regs)); #endif + + audit_syscall_entry(regs->a7, regs->a0, regs->a1, regs->a2, regs->a3); } void do_syscall_trace_exit(struct pt_regs *regs) { + audit_syscall_exit(regs); + if (test_thread_flag(TIF_SYSCALL_TRACE)) tracehook_report_syscall_exit(regs, 0); -- 2.17.2 _______________________________________________ linux-riscv mailing list linux-riscv@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2018-10-29 10:48 UTC|newest] Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-10-29 10:48 [PATCH 0/2] riscv: add audit support David Abdurachmanov 2018-10-29 10:48 ` David Abdurachmanov 2018-10-29 10:48 ` [PATCH 1/2] " David Abdurachmanov 2018-10-29 10:48 ` David Abdurachmanov 2018-11-13 1:52 ` Palmer Dabbelt 2018-11-13 1:52 ` Palmer Dabbelt 2018-11-13 23:34 ` Paul Moore 2018-11-13 23:34 ` Paul Moore 2018-11-14 23:40 ` Palmer Dabbelt 2018-11-14 23:40 ` Palmer Dabbelt 2018-10-29 10:48 ` David Abdurachmanov [this message] 2018-10-29 10:48 ` [PATCH 2/2] riscv: audit: add audit hook in do_syscall_trace_enter/exit() David Abdurachmanov 2018-10-29 22:57 ` [PATCH 0/2] riscv: add audit support Paul Moore 2018-10-29 22:57 ` Paul Moore 2018-11-06 20:06 ` Paul Moore 2018-11-06 20:06 ` Paul Moore 2018-11-06 21:25 ` David Abdurachmanov 2018-11-06 21:25 ` David Abdurachmanov 2018-11-07 10:45 ` David Abdurachmanov 2018-11-07 10:45 ` David Abdurachmanov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181029104854.17432-3-david.abdurachmanov@gmail.com \ --to=david.abdurachmanov@gmail.com \ --cc=linux-riscv@lists.infradead.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).