aboutsummaryrefslogtreecommitdiffstats
path: root/security/security.c
diff options
context:
space:
mode:
authorAhmed S. Darwish <darwish.07@gmail.com>2008-03-01 15:00:05 -0500
committerJames Morris <jmorris@namei.org>2008-04-18 19:52:36 -0400
commit03d37d25e0f91b28c4b6d002be6221f1af4b19d8 (patch)
treede56538f7b6e7623d7cee2b0fcdc8f9764957252 /security/security.c
parent6b89a74be0fbbc6cc639d5cf7dcf8e6ee0f120a7 (diff)
LSM/Audit: Introduce generic Audit LSM hooks
Introduce a generic Audit interface for security modules by adding the following new LSM hooks: audit_rule_init(field, op, rulestr, lsmrule) audit_rule_known(krule) audit_rule_match(secid, field, op, rule, actx) audit_rule_free(rule) Those hooks are only available if CONFIG_AUDIT is enabled. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
Diffstat (limited to 'security/security.c')
-rw-r--r--security/security.c25
1 files changed, 25 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c
index 290482bdbbb..2ef593ec70f 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1120,3 +1120,28 @@ int security_key_permission(key_ref_t key_ref,
1120} 1120}
1121 1121
1122#endif /* CONFIG_KEYS */ 1122#endif /* CONFIG_KEYS */
1123
1124#ifdef CONFIG_AUDIT
1125
1126int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
1127{
1128 return security_ops->audit_rule_init(field, op, rulestr, lsmrule);
1129}
1130
1131int security_audit_rule_known(struct audit_krule *krule)
1132{
1133 return security_ops->audit_rule_known(krule);
1134}
1135
1136void security_audit_rule_free(void *lsmrule)
1137{
1138 security_ops->audit_rule_free(lsmrule);
1139}
1140
1141int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
1142 struct audit_context *actx)
1143{
1144 return security_ops->audit_rule_match(secid, field, op, lsmrule, actx);
1145}
1146
1147#endif /* CONFIG_AUDIT */