diff options
| author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-10-09 03:02:35 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-10-09 03:02:35 -0400 |
| commit | 1236d6bb6e19fc72ffc6bbcdeb1bfefe450e54ee (patch) | |
| tree | 47da3feee8e263e8c9352c85cf518e624be3c211 /security/apparmor/include/audit.h | |
| parent | 750b1a6894ecc9b178c6e3d0a1170122971b2036 (diff) | |
| parent | 8a5776a5f49812d29fe4b2d0a2d71675c3facf3f (diff) | |
Merge 4.14-rc4 into staging-next
We want the staging/iio fixes in here as well to handle merge issues.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security/apparmor/include/audit.h')
| -rw-r--r-- | security/apparmor/include/audit.h | 39 |
1 files changed, 30 insertions, 9 deletions
diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h index c68839a44351..ff4316e1068d 100644 --- a/security/apparmor/include/audit.h +++ b/security/apparmor/include/audit.h | |||
| @@ -71,6 +71,10 @@ enum audit_type { | |||
| 71 | #define OP_FMPROT "file_mprotect" | 71 | #define OP_FMPROT "file_mprotect" |
| 72 | #define OP_INHERIT "file_inherit" | 72 | #define OP_INHERIT "file_inherit" |
| 73 | 73 | ||
| 74 | #define OP_PIVOTROOT "pivotroot" | ||
| 75 | #define OP_MOUNT "mount" | ||
| 76 | #define OP_UMOUNT "umount" | ||
| 77 | |||
| 74 | #define OP_CREATE "create" | 78 | #define OP_CREATE "create" |
| 75 | #define OP_POST_CREATE "post_create" | 79 | #define OP_POST_CREATE "post_create" |
| 76 | #define OP_BIND "bind" | 80 | #define OP_BIND "bind" |
| @@ -86,6 +90,7 @@ enum audit_type { | |||
| 86 | #define OP_SHUTDOWN "socket_shutdown" | 90 | #define OP_SHUTDOWN "socket_shutdown" |
| 87 | 91 | ||
| 88 | #define OP_PTRACE "ptrace" | 92 | #define OP_PTRACE "ptrace" |
| 93 | #define OP_SIGNAL "signal" | ||
| 89 | 94 | ||
| 90 | #define OP_EXEC "exec" | 95 | #define OP_EXEC "exec" |
| 91 | 96 | ||
| @@ -116,20 +121,36 @@ struct apparmor_audit_data { | |||
| 116 | /* these entries require a custom callback fn */ | 121 | /* these entries require a custom callback fn */ |
| 117 | struct { | 122 | struct { |
| 118 | struct aa_label *peer; | 123 | struct aa_label *peer; |
| 119 | struct { | 124 | union { |
| 120 | const char *target; | 125 | struct { |
| 121 | kuid_t ouid; | 126 | kuid_t ouid; |
| 122 | } fs; | 127 | const char *target; |
| 128 | } fs; | ||
| 129 | struct { | ||
| 130 | int type, protocol; | ||
| 131 | struct sock *peer_sk; | ||
| 132 | void *addr; | ||
| 133 | int addrlen; | ||
| 134 | } net; | ||
| 135 | int signal; | ||
| 136 | struct { | ||
| 137 | int rlim; | ||
| 138 | unsigned long max; | ||
| 139 | } rlim; | ||
| 140 | }; | ||
| 123 | }; | 141 | }; |
| 124 | struct { | 142 | struct { |
| 125 | const char *name; | 143 | struct aa_profile *profile; |
| 126 | long pos; | ||
| 127 | const char *ns; | 144 | const char *ns; |
| 145 | long pos; | ||
| 128 | } iface; | 146 | } iface; |
| 129 | struct { | 147 | struct { |
| 130 | int rlim; | 148 | const char *src_name; |
| 131 | unsigned long max; | 149 | const char *type; |
| 132 | } rlim; | 150 | const char *trans; |
| 151 | const char *data; | ||
| 152 | unsigned long flags; | ||
| 153 | } mnt; | ||
| 133 | }; | 154 | }; |
| 134 | }; | 155 | }; |
| 135 | 156 | ||