diff options
| author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2009-02-11 11:12:28 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-02-11 17:40:14 -0500 |
| commit | 523979adfa0b79d4e3aa053220c37a9233294206 (patch) | |
| tree | 15ff42f935f9d443220edb118f3980432f924360 /include/linux/audit.h | |
| parent | ed850a52af971528b048812c4215cef298af0d3b (diff) | |
integrity: audit update
Based on discussions on linux-audit, as per Steve Grubb's request
http://lkml.org/lkml/2009/2/6/269, the following changes were made:
- forced audit result to be either 0 or 1.
- made template names const
- Added new stand-alone message type: AUDIT_INTEGRITY_RULE
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux/audit.h')
| -rw-r--r-- | include/linux/audit.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 930939abfbc6..4fa2810b675e 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -36,7 +36,8 @@ | |||
| 36 | * 1500 - 1599 kernel LSPP events | 36 | * 1500 - 1599 kernel LSPP events |
| 37 | * 1600 - 1699 kernel crypto events | 37 | * 1600 - 1699 kernel crypto events |
| 38 | * 1700 - 1799 kernel anomaly records | 38 | * 1700 - 1799 kernel anomaly records |
| 39 | * 1800 - 1999 future kernel use (maybe integrity labels and related events) | 39 | * 1800 - 1899 kernel integrity events |
| 40 | * 1900 - 1999 future kernel use | ||
| 40 | * 2000 is for otherwise unclassified kernel audit messages (legacy) | 41 | * 2000 is for otherwise unclassified kernel audit messages (legacy) |
| 41 | * 2001 - 2099 unused (kernel) | 42 | * 2001 - 2099 unused (kernel) |
| 42 | * 2100 - 2199 user space anomaly records | 43 | * 2100 - 2199 user space anomaly records |
| @@ -130,6 +131,7 @@ | |||
| 130 | #define AUDIT_INTEGRITY_STATUS 1802 /* Integrity enable status */ | 131 | #define AUDIT_INTEGRITY_STATUS 1802 /* Integrity enable status */ |
| 131 | #define AUDIT_INTEGRITY_HASH 1803 /* Integrity HASH type */ | 132 | #define AUDIT_INTEGRITY_HASH 1803 /* Integrity HASH type */ |
| 132 | #define AUDIT_INTEGRITY_PCR 1804 /* PCR invalidation msgs */ | 133 | #define AUDIT_INTEGRITY_PCR 1804 /* PCR invalidation msgs */ |
| 134 | #define AUDIT_INTEGRITY_RULE 1805 /* policy rule */ | ||
| 133 | 135 | ||
| 134 | #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ | 136 | #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ |
| 135 | 137 | ||