audit: move loginuid and sessionid from CONFIG_AUDITSYSCALL to CONFIG_AUDIT

	.llseek		= default_llseek,

};

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDIT

#define TMPBUFLEN 11

static ssize_t proc_loginuid_read(struct file * file, char __user * buf,

				  size_t count, loff_t *ppos)

	ONE("oom_score",  S_IRUGO, proc_oom_score),

	REG("oom_adj",    S_IRUGO|S_IWUSR, proc_oom_adj_operations),

	REG("oom_score_adj", S_IRUGO|S_IWUSR, proc_oom_score_adj_operations),

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDIT

	REG("loginuid",   S_IWUSR|S_IRUGO, proc_loginuid_operations),

	REG("sessionid",  S_IRUGO, proc_sessionid_operations),

#endif

	ONE("oom_score", S_IRUGO, proc_oom_score),

	REG("oom_adj",   S_IRUGO|S_IWUSR, proc_oom_adj_operations),

	REG("oom_score_adj", S_IRUGO|S_IWUSR, proc_oom_score_adj_operations),

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDIT

	REG("loginuid",  S_IWUSR|S_IRUGO, proc_loginuid_operations),

	REG("sessionid",  S_IRUGO, proc_sessionid_operations),

#endif

extern int audit_rule_change(int type, int seq, void *data, size_t datasz);

extern int audit_list_rules_send(struct sk_buff *request_skb, int seq);

extern int audit_set_loginuid(kuid_t loginuid);

static inline kuid_t audit_get_loginuid(struct task_struct *tsk)

{

	return tsk->loginuid;

}

static inline unsigned int audit_get_sessionid(struct task_struct *tsk)

{

	return tsk->sessionid;

}

extern u32 audit_enabled;

#else /* CONFIG_AUDIT */

static inline __printf(4, 5)

}

static inline void audit_log_task_info(struct audit_buffer *ab)

{ }

static inline kuid_t audit_get_loginuid(struct task_struct *tsk)

{

	return INVALID_UID;

}

static inline unsigned int audit_get_sessionid(struct task_struct *tsk)

{

	return AUDIT_SID_UNSET;

}

#define audit_enabled AUDIT_OFF

#endif /* CONFIG_AUDIT */

extern unsigned int audit_serial(void);

extern int auditsc_get_stamp(struct audit_context *ctx,

			      struct timespec64 *t, unsigned int *serial);

extern int audit_set_loginuid(kuid_t loginuid);

static inline kuid_t audit_get_loginuid(struct task_struct *tsk)

{

	return tsk->loginuid;

}

static inline unsigned int audit_get_sessionid(struct task_struct *tsk)

{

	return tsk->sessionid;

}

extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);

extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);

{

	return 0;

}

static inline kuid_t audit_get_loginuid(struct task_struct *tsk)

{

	return INVALID_UID;

}

static inline unsigned int audit_get_sessionid(struct task_struct *tsk)

{

	return AUDIT_SID_UNSET;

}

static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)

{ }

static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,

	struct callback_head		*task_works;

	struct audit_context		*audit_context;

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDIT

	kuid_t				loginuid;

	unsigned int			sessionid;

#endif

	.thread_pid	= &init_struct_pid,

	.thread_group	= LIST_HEAD_INIT(init_task.thread_group),

	.thread_node	= LIST_HEAD_INIT(init_signals.thread_head),

#ifdef CONFIG_AUDITSYSCALL

#ifdef CONFIG_AUDIT

	.loginuid	= INVALID_UID,

	.sessionid	= AUDIT_SID_UNSET,

#endif

	audit_log_end(ab);

}

/* global counter which is incremented every time something logs in */

static atomic_t session_id = ATOMIC_INIT(0);

static int audit_set_loginuid_perm(kuid_t loginuid)

{

	/* if we are unset, we don't need privs */

	if (!audit_loginuid_set(current))

		return 0;

	/* if AUDIT_FEATURE_LOGINUID_IMMUTABLE means never ever allow a change*/

	if (is_audit_feature_set(AUDIT_FEATURE_LOGINUID_IMMUTABLE))

		return -EPERM;

	/* it is set, you need permission */

	if (!capable(CAP_AUDIT_CONTROL))

		return -EPERM;

	/* reject if this is not an unset and we don't allow that */

	if (is_audit_feature_set(AUDIT_FEATURE_ONLY_UNSET_LOGINUID)

				 && uid_valid(loginuid))

		return -EPERM;

	return 0;

}

static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,

				   unsigned int oldsessionid,

				   unsigned int sessionid, int rc)

{

	struct audit_buffer *ab;

	uid_t uid, oldloginuid, loginuid;

	struct tty_struct *tty;

	if (!audit_enabled)

		return;

	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);

	if (!ab)

		return;

	uid = from_kuid(&init_user_ns, task_uid(current));

	oldloginuid = from_kuid(&init_user_ns, koldloginuid);

	loginuid = from_kuid(&init_user_ns, kloginuid),

	tty = audit_get_tty();

	audit_log_format(ab, "pid=%d uid=%u", task_tgid_nr(current), uid);

	audit_log_task_context(ab);

	audit_log_format(ab, " old-auid=%u auid=%u tty=%s old-ses=%u ses=%u res=%d",

			 oldloginuid, loginuid, tty ? tty_name(tty) : "(none)",

			 oldsessionid, sessionid, !rc);

	audit_put_tty(tty);

	audit_log_end(ab);

}

/**

 * audit_set_loginuid - set current task's loginuid

 * @loginuid: loginuid value

 *

 * Returns 0.

 *

 * Called (set) from fs/proc/base.c::proc_loginuid_write().

 */

int audit_set_loginuid(kuid_t loginuid)

{

	unsigned int oldsessionid, sessionid = AUDIT_SID_UNSET;

	kuid_t oldloginuid;

	int rc;

	oldloginuid = audit_get_loginuid(current);

	oldsessionid = audit_get_sessionid(current);

	rc = audit_set_loginuid_perm(loginuid);

	if (rc)

		goto out;

	/* are we setting or clearing? */

	if (uid_valid(loginuid)) {

		sessionid = (unsigned int)atomic_inc_return(&session_id);

		if (unlikely(sessionid == AUDIT_SID_UNSET))

			sessionid = (unsigned int)atomic_inc_return(&session_id);

	}

	current->sessionid = sessionid;

	current->loginuid = loginuid;

out:

	audit_log_set_loginuid(oldloginuid, loginuid, oldsessionid, sessionid, rc);

	return rc;

}

/**

 * audit_log_end - end one audit record

 * @ab: the audit_buffer