diff options
| author | Kees Cook <keescook@chromium.org> | 2019-10-02 16:41:58 -0700 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2019-10-03 13:59:29 -0400 |
| commit | 245d73698ed7abdc7e520dfa38048bb80ce89571 (patch) | |
| tree | fb75f332d9a6efdb29749b6c66b28bafa86f33b2 /include/uapi/linux/audit.h | |
| parent | 54ecb8f7028c5eb3d740bb82b0f1d90f2df63c5c (diff) | |
| download | lwn-245d73698ed7abdc7e520dfa38048bb80ce89571.tar.gz lwn-245d73698ed7abdc7e520dfa38048bb80ce89571.zip | |
audit: Report suspicious O_CREAT usage
This renames the very specific audit_log_link_denied() to
audit_log_path_denied() and adds the AUDIT_* type as an argument. This
allows for the creation of the new AUDIT_ANOM_CREAT that can be used to
report the fifo/regular file creation restrictions that were introduced
in commit 30aba6656f61 ("namei: allow restricted O_CREAT of FIFOs and
regular files").
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include/uapi/linux/audit.h')
| -rw-r--r-- | include/uapi/linux/audit.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h index c89c6495983d..3ad935527177 100644 --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@ -143,6 +143,7 @@ #define AUDIT_ANOM_PROMISCUOUS 1700 /* Device changed promiscuous mode */ #define AUDIT_ANOM_ABEND 1701 /* Process ended abnormally */ #define AUDIT_ANOM_LINK 1702 /* Suspicious use of file links */ +#define AUDIT_ANOM_CREAT 1703 /* Suspicious file creation */ #define AUDIT_INTEGRITY_DATA 1800 /* Data integrity verification */ #define AUDIT_INTEGRITY_METADATA 1801 /* Metadata integrity verification */ #define AUDIT_INTEGRITY_STATUS 1802 /* Integrity enable status */ |