1 files changed, 25 insertions, 0 deletions
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index 005a91bcb20..1931370233d 100644
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -47,6 +47,31 @@ struct avc_cache_stats {
 };
 /*
+ * We only need this data after we have decided to send an audit message.
+ */
+struct selinux_late_audit_data {
+        u32 ssid;
+        u32 tsid;
+        u16 tclass;
+        u32 requested;
+        u32 audited;
+        u32 denied;
+        int result;
+};
+/*
+ * We collect this at the beginning or during an selinux security operation
+ */
+struct selinux_audit_data {
+        /*
+         * auditdeny is a bit tricky and unintuitive.  See the
+         * comments in avc.c for it's meaning and usage.
+         */
+        u32 auditdeny;
+        struct selinux_late_audit_data *slad;
+};
+/*
 * AVC operations
 */

diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 005a91bcb20..1931370233d 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h
@@ -47,6 +47,31 @@ struct avc_cache_stats {
47	};	47	};
48		48
49	/*	49	/*
		50	* We only need this data after we have decided to send an audit message.
		51	*/
		52	struct selinux_late_audit_data {
		53	u32 ssid;
		54	u32 tsid;
		55	u16 tclass;
		56	u32 requested;
		57	u32 audited;
		58	u32 denied;
		59	int result;
		60	};
		61
		62	/*
		63	* We collect this at the beginning or during an selinux security operation
		64	*/
		65	struct selinux_audit_data {
		66	/*
		67	* auditdeny is a bit tricky and unintuitive. See the
		68	* comments in avc.c for it's meaning and usage.
		69	*/
		70	u32 auditdeny;
		71	struct selinux_late_audit_data *slad;
		72	};
		73
		74	/*
50	* AVC operations	75	* AVC operations
51	*/	76	*/
52		77