[PATCH] support for context based audit filtering, part 2

This patch provides the ability to filter audit messages based on the
elements of the process' SELinux context (user, role, type, mls sensitivity,
and mls clearance).  It uses the new interfaces from selinux to opaquely
store information related to the selinux context and to filter based on that
information.  It also uses the callback mechanism provided by selinux to
refresh the information when a new policy is loaded.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

1 files changed, 7 insertions, 3 deletions

diff --git a/kernel/audit.h b/kernel/audit.h
index bc5392076e2..6f733920fd3 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -54,9 +54,11 @@ enum audit_state {
 
 /* Rule lists */
 struct audit_field {
-        u32                     type;
-        u32                     val;
-        u32                     op;
+        u32                             type;
+        u32                             val;
+        u32                             op;
+        char                            *se_str;
+        struct selinux_audit_rule       *se_rule;
 };
 
 struct audit_krule {
@@ -86,3 +88,5 @@ extern void		    audit_send_reply(int pid, int seq, int type,
 extern void                 audit_log_lost(const char *message);
 extern void                 audit_panic(const char *message);
 extern struct mutex audit_netlink_mutex;
+
+extern int selinux_audit_rule_update(void);