diff options
| author | Ahmed S. Darwish <darwish.07@gmail.com> | 2008-04-18 19:59:43 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-04-18 19:59:43 -0400 |
| commit | 04305e4aff8b0533dc05f9f6f1a34d0796bd985f (patch) | |
| tree | 9938264917b4b9e6e147b883d88fca94c6788b76 /kernel/auditfilter.c | |
| parent | 9d57a7f9e23dc30783d245280fc9907cf2c87837 (diff) | |
Audit: Final renamings and cleanup
Rename the se_str and se_rule audit fields elements to
lsm_str and lsm_rule to avoid confusion.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/auditfilter.c')
| -rw-r--r-- | kernel/auditfilter.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 7c69cb5e44fb..28fef6bf8534 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -139,8 +139,8 @@ static inline void audit_free_rule(struct audit_entry *e) | |||
| 139 | if (e->rule.fields) | 139 | if (e->rule.fields) |
| 140 | for (i = 0; i < e->rule.field_count; i++) { | 140 | for (i = 0; i < e->rule.field_count; i++) { |
| 141 | struct audit_field *f = &e->rule.fields[i]; | 141 | struct audit_field *f = &e->rule.fields[i]; |
| 142 | kfree(f->se_str); | 142 | kfree(f->lsm_str); |
| 143 | security_audit_rule_free(f->se_rule); | 143 | security_audit_rule_free(f->lsm_rule); |
| 144 | } | 144 | } |
| 145 | kfree(e->rule.fields); | 145 | kfree(e->rule.fields); |
| 146 | kfree(e->rule.filterkey); | 146 | kfree(e->rule.filterkey); |
| @@ -554,8 +554,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, | |||
| 554 | f->op = data->fieldflags[i] & AUDIT_OPERATORS; | 554 | f->op = data->fieldflags[i] & AUDIT_OPERATORS; |
| 555 | f->type = data->fields[i]; | 555 | f->type = data->fields[i]; |
| 556 | f->val = data->values[i]; | 556 | f->val = data->values[i]; |
| 557 | f->se_str = NULL; | 557 | f->lsm_str = NULL; |
| 558 | f->se_rule = NULL; | 558 | f->lsm_rule = NULL; |
| 559 | switch(f->type) { | 559 | switch(f->type) { |
| 560 | case AUDIT_PID: | 560 | case AUDIT_PID: |
| 561 | case AUDIT_UID: | 561 | case AUDIT_UID: |
| @@ -598,7 +598,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, | |||
| 598 | entry->rule.buflen += f->val; | 598 | entry->rule.buflen += f->val; |
| 599 | 599 | ||
| 600 | err = security_audit_rule_init(f->type, f->op, str, | 600 | err = security_audit_rule_init(f->type, f->op, str, |
| 601 | (void **)&f->se_rule); | 601 | (void **)&f->lsm_rule); |
| 602 | /* Keep currently invalid fields around in case they | 602 | /* Keep currently invalid fields around in case they |
| 603 | * become valid after a policy reload. */ | 603 | * become valid after a policy reload. */ |
| 604 | if (err == -EINVAL) { | 604 | if (err == -EINVAL) { |
| @@ -610,7 +610,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, | |||
| 610 | kfree(str); | 610 | kfree(str); |
| 611 | goto exit_free; | 611 | goto exit_free; |
| 612 | } else | 612 | } else |
| 613 | f->se_str = str; | 613 | f->lsm_str = str; |
| 614 | break; | 614 | break; |
| 615 | case AUDIT_WATCH: | 615 | case AUDIT_WATCH: |
| 616 | str = audit_unpack_string(&bufp, &remain, f->val); | 616 | str = audit_unpack_string(&bufp, &remain, f->val); |
| @@ -754,7 +754,7 @@ static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule) | |||
| 754 | case AUDIT_OBJ_LEV_LOW: | 754 | case AUDIT_OBJ_LEV_LOW: |
| 755 | case AUDIT_OBJ_LEV_HIGH: | 755 | case AUDIT_OBJ_LEV_HIGH: |
| 756 | data->buflen += data->values[i] = | 756 | data->buflen += data->values[i] = |
| 757 | audit_pack_string(&bufp, f->se_str); | 757 | audit_pack_string(&bufp, f->lsm_str); |
| 758 | break; | 758 | break; |
| 759 | case AUDIT_WATCH: | 759 | case AUDIT_WATCH: |
| 760 | data->buflen += data->values[i] = | 760 | data->buflen += data->values[i] = |
| @@ -806,7 +806,7 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b) | |||
| 806 | case AUDIT_OBJ_TYPE: | 806 | case AUDIT_OBJ_TYPE: |
| 807 | case AUDIT_OBJ_LEV_LOW: | 807 | case AUDIT_OBJ_LEV_LOW: |
| 808 | case AUDIT_OBJ_LEV_HIGH: | 808 | case AUDIT_OBJ_LEV_HIGH: |
| 809 | if (strcmp(a->fields[i].se_str, b->fields[i].se_str)) | 809 | if (strcmp(a->fields[i].lsm_str, b->fields[i].lsm_str)) |
| 810 | return 1; | 810 | return 1; |
| 811 | break; | 811 | break; |
| 812 | case AUDIT_WATCH: | 812 | case AUDIT_WATCH: |
| @@ -862,28 +862,28 @@ out: | |||
| 862 | return new; | 862 | return new; |
| 863 | } | 863 | } |
| 864 | 864 | ||
| 865 | /* Duplicate LSM field information. The se_rule is opaque, so must be | 865 | /* Duplicate LSM field information. The lsm_rule is opaque, so must be |
| 866 | * re-initialized. */ | 866 | * re-initialized. */ |
| 867 | static inline int audit_dupe_lsm_field(struct audit_field *df, | 867 | static inline int audit_dupe_lsm_field(struct audit_field *df, |
| 868 | struct audit_field *sf) | 868 | struct audit_field *sf) |
| 869 | { | 869 | { |
| 870 | int ret = 0; | 870 | int ret = 0; |
| 871 | char *se_str; | 871 | char *lsm_str; |
| 872 | 872 | ||
| 873 | /* our own copy of se_str */ | 873 | /* our own copy of lsm_str */ |
| 874 | se_str = kstrdup(sf->se_str, GFP_KERNEL); | 874 | lsm_str = kstrdup(sf->lsm_str, GFP_KERNEL); |
| 875 | if (unlikely(!se_str)) | 875 | if (unlikely(!lsm_str)) |
| 876 | return -ENOMEM; | 876 | return -ENOMEM; |
| 877 | df->se_str = se_str; | 877 | df->lsm_str = lsm_str; |
| 878 | 878 | ||
| 879 | /* our own (refreshed) copy of se_rule */ | 879 | /* our own (refreshed) copy of lsm_rule */ |
| 880 | ret = security_audit_rule_init(df->type, df->op, df->se_str, | 880 | ret = security_audit_rule_init(df->type, df->op, df->lsm_str, |
| 881 | (void **)&df->se_rule); | 881 | (void **)&df->lsm_rule); |
| 882 | /* Keep currently invalid fields around in case they | 882 | /* Keep currently invalid fields around in case they |
| 883 | * become valid after a policy reload. */ | 883 | * become valid after a policy reload. */ |
| 884 | if (ret == -EINVAL) { | 884 | if (ret == -EINVAL) { |
| 885 | printk(KERN_WARNING "audit rule for LSM \'%s\' is " | 885 | printk(KERN_WARNING "audit rule for LSM \'%s\' is " |
| 886 | "invalid\n", df->se_str); | 886 | "invalid\n", df->lsm_str); |
| 887 | ret = 0; | 887 | ret = 0; |
| 888 | } | 888 | } |
| 889 | 889 | ||
| @@ -930,7 +930,7 @@ static struct audit_entry *audit_dupe_rule(struct audit_krule *old, | |||
| 930 | new->tree = old->tree; | 930 | new->tree = old->tree; |
| 931 | memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount); | 931 | memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount); |
| 932 | 932 | ||
| 933 | /* deep copy this information, updating the se_rule fields, because | 933 | /* deep copy this information, updating the lsm_rule fields, because |
| 934 | * the originals will all be freed when the old rule is freed. */ | 934 | * the originals will all be freed when the old rule is freed. */ |
| 935 | for (i = 0; i < fcount; i++) { | 935 | for (i = 0; i < fcount; i++) { |
| 936 | switch (new->fields[i].type) { | 936 | switch (new->fields[i].type) { |
| @@ -1762,7 +1762,7 @@ unlock_and_return: | |||
| 1762 | return result; | 1762 | return result; |
| 1763 | } | 1763 | } |
| 1764 | 1764 | ||
| 1765 | /* This function will re-initialize the se_rule field of all applicable rules. | 1765 | /* This function will re-initialize the lsm_rule field of all applicable rules. |
| 1766 | * It will traverse the filter lists serarching for rules that contain LSM | 1766 | * It will traverse the filter lists serarching for rules that contain LSM |
| 1767 | * specific filter fields. When such a rule is found, it is copied, the | 1767 | * specific filter fields. When such a rule is found, it is copied, the |
| 1768 | * LSM field is re-initialized, and the old rule is replaced with the | 1768 | * LSM field is re-initialized, and the old rule is replaced with the |