diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/audit.h | 2 | ||||
| -rw-r--r-- | include/uapi/linux/audit.h | 16 |
2 files changed, 18 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 729a4d165bcc..7b31bec9bccb 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -73,6 +73,8 @@ struct audit_field { | |||
| 73 | void *lsm_rule; | 73 | void *lsm_rule; |
| 74 | }; | 74 | }; |
| 75 | 75 | ||
| 76 | extern int is_audit_feature_set(int which); | ||
| 77 | |||
| 76 | extern int __init audit_register_class(int class, unsigned *list); | 78 | extern int __init audit_register_class(int class, unsigned *list); |
| 77 | extern int audit_classify_syscall(int abi, unsigned syscall); | 79 | extern int audit_classify_syscall(int abi, unsigned syscall); |
| 78 | extern int audit_classify_arch(int arch); | 80 | extern int audit_classify_arch(int arch); |
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h index c1f0fced3ede..9eddf2ca614f 100644 --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h | |||
| @@ -68,6 +68,9 @@ | |||
| 68 | #define AUDIT_MAKE_EQUIV 1015 /* Append to watched tree */ | 68 | #define AUDIT_MAKE_EQUIV 1015 /* Append to watched tree */ |
| 69 | #define AUDIT_TTY_GET 1016 /* Get TTY auditing status */ | 69 | #define AUDIT_TTY_GET 1016 /* Get TTY auditing status */ |
| 70 | #define AUDIT_TTY_SET 1017 /* Set TTY auditing status */ | 70 | #define AUDIT_TTY_SET 1017 /* Set TTY auditing status */ |
| 71 | #define AUDIT_SET_FEATURE 1018 /* Turn an audit feature on or off */ | ||
| 72 | #define AUDIT_GET_FEATURE 1019 /* Get which features are enabled */ | ||
| 73 | #define AUDIT_FEATURE_CHANGE 1020 /* audit log listing feature changes */ | ||
| 71 | 74 | ||
| 72 | #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages mostly uninteresting to kernel */ | 75 | #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages mostly uninteresting to kernel */ |
| 73 | #define AUDIT_USER_AVC 1107 /* We filter this differently */ | 76 | #define AUDIT_USER_AVC 1107 /* We filter this differently */ |
| @@ -375,6 +378,19 @@ struct audit_status { | |||
| 375 | __u32 backlog; /* messages waiting in queue */ | 378 | __u32 backlog; /* messages waiting in queue */ |
| 376 | }; | 379 | }; |
| 377 | 380 | ||
| 381 | struct audit_features { | ||
| 382 | #define AUDIT_FEATURE_VERSION 1 | ||
| 383 | __u32 vers; | ||
| 384 | __u32 mask; /* which bits we are dealing with */ | ||
| 385 | __u32 features; /* which feature to enable/disable */ | ||
| 386 | __u32 lock; /* which features to lock */ | ||
| 387 | }; | ||
| 388 | |||
| 389 | #define AUDIT_LAST_FEATURE -1 | ||
| 390 | |||
| 391 | #define audit_feature_valid(x) ((x) >= 0 && (x) <= AUDIT_LAST_FEATURE) | ||
| 392 | #define AUDIT_FEATURE_TO_MASK(x) (1 << ((x) & 31)) /* mask for __u32 */ | ||
| 393 | |||
| 378 | struct audit_tty_status { | 394 | struct audit_tty_status { |
| 379 | __u32 enabled; /* 1 = enabled, 0 = disabled */ | 395 | __u32 enabled; /* 1 = enabled, 0 = disabled */ |
| 380 | __u32 log_passwd; /* 1 = enabled, 0 = disabled */ | 396 | __u32 log_passwd; /* 1 = enabled, 0 = disabled */ |