diff options
author | Ahmed S. Darwish <darwish.07@gmail.com> | 2008-03-01 15:00:05 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-04-18 19:52:36 -0400 |
commit | 03d37d25e0f91b28c4b6d002be6221f1af4b19d8 (patch) | |
tree | de56538f7b6e7623d7cee2b0fcdc8f9764957252 /security/security.c | |
parent | 6b89a74be0fbbc6cc639d5cf7dcf8e6ee0f120a7 (diff) |
LSM/Audit: Introduce generic Audit LSM hooks
Introduce a generic Audit interface for security modules
by adding the following new LSM hooks:
audit_rule_init(field, op, rulestr, lsmrule)
audit_rule_known(krule)
audit_rule_match(secid, field, op, rule, actx)
audit_rule_free(rule)
Those hooks are only available if CONFIG_AUDIT is enabled.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Diffstat (limited to 'security/security.c')
-rw-r--r-- | security/security.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c index 290482bdbbb..2ef593ec70f 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -1120,3 +1120,28 @@ int security_key_permission(key_ref_t key_ref, | |||
1120 | } | 1120 | } |
1121 | 1121 | ||
1122 | #endif /* CONFIG_KEYS */ | 1122 | #endif /* CONFIG_KEYS */ |
1123 | |||
1124 | #ifdef CONFIG_AUDIT | ||
1125 | |||
1126 | int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule) | ||
1127 | { | ||
1128 | return security_ops->audit_rule_init(field, op, rulestr, lsmrule); | ||
1129 | } | ||
1130 | |||
1131 | int security_audit_rule_known(struct audit_krule *krule) | ||
1132 | { | ||
1133 | return security_ops->audit_rule_known(krule); | ||
1134 | } | ||
1135 | |||
1136 | void security_audit_rule_free(void *lsmrule) | ||
1137 | { | ||
1138 | security_ops->audit_rule_free(lsmrule); | ||
1139 | } | ||
1140 | |||
1141 | int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule, | ||
1142 | struct audit_context *actx) | ||
1143 | { | ||
1144 | return security_ops->audit_rule_match(secid, field, op, lsmrule, actx); | ||
1145 | } | ||
1146 | |||
1147 | #endif /* CONFIG_AUDIT */ | ||