From: i.metelytsia Date: Tue, 3 Apr 2018 13:35:52 +0000 (+0300) Subject: NO-TICKET AuditUtils added X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=5aaedd639a4781c9700eb66b59f1ae35b98bdfbc;p=platform%2Fcore%2Fsecurity%2Fsuspicious-activity-monitor.git NO-TICKET AuditUtils added --- diff --git a/device-agent/CMakeLists.txt b/device-agent/CMakeLists.txt index d0c17aa..4c04d4c 100644 --- a/device-agent/CMakeLists.txt +++ b/device-agent/CMakeLists.txt @@ -38,7 +38,7 @@ if (NOT DEFINED BIN_DIR) SET (BIN_DIR "/usr/apps/sam") endif (NOT DEFINED BIN_DIR) -pkg_check_modules(pkgs REQUIRED boost libcurl dpm dlog audit-trail) +pkg_check_modules(pkgs REQUIRED boost libcurl dpm dlog audit audit-trail) FOREACH(flag ${pkgs_CFLAGS}) SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") diff --git a/device-agent/daemon/CMakeLists.txt b/device-agent/daemon/CMakeLists.txt index 8b35e8b..270beb9 100644 --- a/device-agent/daemon/CMakeLists.txt +++ b/device-agent/daemon/CMakeLists.txt @@ -5,12 +5,15 @@ project(${DAEMON_APP_NAME} C CXX) include_directories( ../communication/inc dpm + audit ) +file(GLOB AUDIT_SOURCES audit/*.cpp) file(GLOB DPM_SOURCES dpm/*.cpp) file(GLOB SAM_SOURCES *.cpp) SET (SOURCES + ${AUDIT_SOURCES} ${DPM_SOURCES} ${SAM_SOURCES} ) @@ -24,6 +27,7 @@ target_link_libraries (${PROJECT_NAME} pthread dpm dlog + audit audit-trail jsoncpp boost_system diff --git a/device-agent/daemon/audit/audit_utils.cpp b/device-agent/daemon/audit/audit_utils.cpp new file mode 100644 index 0000000..bbd8669 --- /dev/null +++ b/device-agent/daemon/audit/audit_utils.cpp @@ -0,0 +1,48 @@ +/** + * Samsung Ukraine R&D Center (SRK under a contract between) + * LLC "Samsung Electronics Co", Ltd (Seoul, Republic of Korea) + * Copyright (C) 2018 Samsung Electronics Co., Ltd. All rights reserved. + */ +/** + * @file audit_utils.cpp + * @brief Audit helper + * @date Created Apr 03, 2018 + * @author Mail to: Iurii Metelytsia, i.metelytsia@samsung.com + */ + +#include + +#include "audit_utils.h" + +namespace audit +{ + +const char* AuditUtils::platformType() +{ + int pt = platform(); + return (pt != -1) ? audit_machine_to_name(pt) : nullptr; +} + +AuditUtils::SyscallList AuditUtils::syscallTable() +{ + SyscallList res; + + int pt = platform(); + if (pt != -1) { + for (int i = 0; i < 8192; ++i) { + const char* name = audit_syscall_to_name(i, pt); + if (name) { + res.push_back(std::make_pair(i,name)); + } + } + } + + return res; +} + +int AuditUtils::platform() +{ + return audit_detect_machine(); +} + +} // namespace audit diff --git a/device-agent/daemon/audit/audit_utils.h b/device-agent/daemon/audit/audit_utils.h new file mode 100644 index 0000000..51d6fd5 --- /dev/null +++ b/device-agent/daemon/audit/audit_utils.h @@ -0,0 +1,56 @@ +/** + * Samsung Ukraine R&D Center (SRK under a contract between) + * LLC "Samsung Electronics Co", Ltd (Seoul, Republic of Korea) + * Copyright (C) 2018 Samsung Electronics Co., Ltd. All rights reserved. + */ +/** + * @file audit_utils.h + * @brief Audit helper + * @date Created Apr 03, 2018 + * @author Mail to: Iurii Metelytsia, i.metelytsia@samsung.com + */ + +#ifndef AUDIT_UTILS_H +#define AUDIT_UTILS_H + +#include +#include +#include + +namespace audit +{ +/** + * @brief Audit helper class + */ +class AuditUtils +{ +public: + /** + * @typedef SyscallList + * @brief System call list + */ + using SyscallList = std::vector>; + + /** + * @brief Get supported system calls + * @return system call list + */ + static SyscallList syscallTable(); + + /** + * @brief Get the platform type + * @return platform string or nullptr + */ + static const char* platformType(); + +private: + /** + * @brief Get the platform type + * @return platform type or -1 in case of error + */ + static int platform(); +}; + +} // namespace audit + +#endif // AUDIT_UTILS_H diff --git a/device-agent/packaging/sam.spec b/device-agent/packaging/sam.spec index ccf097a..9eea7a2 100644 --- a/device-agent/packaging/sam.spec +++ b/device-agent/packaging/sam.spec @@ -15,6 +15,7 @@ BuildRequires: pkgconfig(dlog) BuildRequires: pkgconfig(boost) BuildRequires: pkgconfig(systemd) BuildRequires: pkgconfig(jsoncpp) +BuildRequires: pkgconfig(audit) BuildRequires: pkgconfig(audit-trail) BuildRequires: pkgconfig(libtzplatform-config) @@ -97,6 +98,7 @@ rm -rf %{buildroot} Summary: Suspicious Activity Monitor Provides: sam Requires: dpm +Requires: libaudit Requires: libaudit-trail %description sam Suspicious Activity Monitor daemon