[AUDIT] break large execve argument logging into smaller messages

execve arguments can be quite large. There is no limit on the number of arguments and a 4G limit on the size of an argument. this patch prints those aruguments in bite sized pieces. a userspace size limitation of 8k was discovered so this keeps messages around 7.5k single arguments larger than 7.5k in length are split into multiple records and can be identified as aX[Y]= Signed-off-by: Eric Paris <eparis@redhat.com>
author: Eric Paris <eparis@redhat.com> 2008-01-07 14:31:58 -0500
committer: Al Viro <viro@zeniv.linux.org.uk> 2008-02-01 14:23:55 -0500
commit: de6bbd1d30e5912620d25dd15e3f180ac7f9fcef (patch)
tree: 3807b13f8e2e490c258c5bb37915c95fc1bcfe20 /include/linux/audit.h
parent: e445deb593d67c8ed13bd357c780a93d78bc84cf (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 4d1c2f2fcc1..97153027207 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -525,9 +525,11 @@ extern void		    audit_log_end(struct audit_buffer *ab);
 extern void		    audit_log_hex(struct audit_buffer *ab,
 					  const unsigned char *buf,
 					  size_t len);
-extern const char *	    audit_log_untrustedstring(struct audit_buffer *ab,
+extern int		    audit_string_contains_control(const char *string,
+							  size_t len);
+extern void		    audit_log_untrustedstring(struct audit_buffer *ab,
 						      const char *string);
-extern const char *	    audit_log_n_untrustedstring(struct audit_buffer *ab,
+extern void		    audit_log_n_untrustedstring(struct audit_buffer *ab,
 							size_t n,
 							const char *string);
 extern void		    audit_log_d_path(struct audit_buffer *ab,
author	Eric Paris <eparis@redhat.com>	2008-01-07 14:31:58 -0500
committer	Al Viro <viro@zeniv.linux.org.uk>	2008-02-01 14:23:55 -0500
commit	de6bbd1d30e5912620d25dd15e3f180ac7f9fcef (patch)
tree	3807b13f8e2e490c258c5bb37915c95fc1bcfe20 /include/linux/audit.h
parent	e445deb593d67c8ed13bd357c780a93d78bc84cf (diff)