lib/audit.c (kernel)

Thu Nov 14 05:45:51 UTC 2013

Hi

I'm working on audit/seccomp support for AArch64 as you see in
     [0/4] arm64: Add audit support
     https://www.redhat.com/archives/linux-audit/2013-November/msg00040.html
ARM sub-system maintainer asked me whether it would be possible
to re-work lib/audit.c to work with "compat" syscalls.

My question is, "Is this reasonable to think about?"
(I know all the existing architectures already have their own
implementations.)
I'd like to get any comments before going further.

One of possible solutions is
* Add lib/compat_audit.c, where
   #include "asm/unistd32.h" <= it seems somewhat arch-specific.

   static unsigned dir_class[] = {
   ...

   int audit_classify_compat_syscall() {
   ...

   static int __init audit_compat_classes_init() {
   ...
   __initcall(audit_compat_classes_init);

* In lib/audit.c,
   #include <asm/audit.h>
   #include <asm/unistd.h>
   ...

   int audit_classify_arch(arch) {
   #ifdef CONFIG_COMPAT
       if (audit_is_compat(arch))
           return 1;
   #endif

       return 0;
   }

   int audit_classify_syscall(abi, syscall) {
   #ifdef CONFIG_COMPAT
       if (audit_is_compat(arch))
           return audit_classify_compat_syscall(abi, syscall);
   #endif

    ...
   }

* In arch/*/include/asm/audit.h,
   #inlcude <linux/audit.h>
   ...
   #define audit_is_compat(arch) \
       ((arch == AUDIT_ARCH_x) || (arch == AUDIT_ARCH_y))

-Takahiro AKASHI