seemp: enhance support for malware detection

Improves the ability of a malware protection program to detect anomalies in various activities. It records task activities in a log and rates the actions according to how a typical user would use the tools. Change-Id: I976bc97f57215f173b046326b5f905522d785288 Signed-off-by: Mona Hossain <mhossain@codeaurora.org> Signed-off-by: William Clark <wclark@codeaurora.org>
author: William Clark <wclark@codeaurora.org> 2015-05-18 22:30:15 -0700
committer: David Keitel <dkeitel@codeaurora.org> 2016-03-23 19:58:11 -0700
commit: 0990b375056e00fb1f8051e51a81079eeb9b72a3 (patch)
tree: b86ba0707f6a03a726132db85bf26b8a77816127 /net
parent: c7a777070bfd746db4bbdd50b8d4a04611e64d11 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/net/socket.c b/net/socket.c
index cdf6b9621f25..01866f7acad2 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -89,6 +89,8 @@
 #include <linux/magic.h>
 #include <linux/slab.h>
 #include <linux/xattr.h>
+#include <linux/seemp_api.h>
+#include <linux/seemp_instrumentation.h>
 
 #include <asm/uaccess.h>
 #include <asm/unistd.h>
@@ -1658,6 +1660,8 @@ SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
 	struct iovec iov;
 	int fput_needed;
 
+	seemp_logk_sendto(fd, buff, len, flags, addr, addr_len);
+
 	err = import_single_range(WRITE, buff, len, &iov, &msg.msg_iter);
 	if (unlikely(err))
 		return err;
@@ -1714,6 +1718,8 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
 	int err, err2;
 	int fput_needed;
 
+	seemp_logk_recvfrom(fd, ubuf, size, flags, addr, addr_len);
+
 	err = import_single_range(READ, ubuf, size, &iov, &msg.msg_iter);
 	if (unlikely(err))
 		return err;
author	William Clark <wclark@codeaurora.org>	2015-05-18 22:30:15 -0700
committer	David Keitel <dkeitel@codeaurora.org>	2016-03-23 19:58:11 -0700
commit	0990b375056e00fb1f8051e51a81079eeb9b72a3 (patch)
tree	b86ba0707f6a03a726132db85bf26b8a77816127 /net
parent	c7a777070bfd746db4bbdd50b8d4a04611e64d11 (diff)