diff options
author | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-06-22 09:56:47 -0400 |
---|---|---|
committer | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-06-22 09:56:47 -0400 |
commit | 4a4cd633b575609b741a1de7837223a2d9e1c34c (patch) | |
tree | f4c3a6beb6a587598193053240f3e3f82885f1e3 /include/linux/audit.h | |
parent | f6a789d19858a951e7ff9e297a44b377c21b6c33 (diff) |
AUDIT: Optimise the audit-disabled case for discarding user messages
Also exempt USER_AVC message from being discarded to preserve
existing behaviour for SE Linux.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'include/linux/audit.h')
-rw-r--r-- | include/linux/audit.h | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 5d1a9dda5acb..77adef640537 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -51,7 +51,8 @@ | |||
51 | #define AUDIT_WATCH_LIST 1009 /* List all file/dir watches */ | 51 | #define AUDIT_WATCH_LIST 1009 /* List all file/dir watches */ |
52 | #define AUDIT_SIGNAL_INFO 1010 /* Get info about sender of signal to auditd */ | 52 | #define AUDIT_SIGNAL_INFO 1010 /* Get info about sender of signal to auditd */ |
53 | 53 | ||
54 | #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages uninteresting to kernel */ | 54 | #define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages mostly uninteresting to kernel */ |
55 | #define AUDIT_USER_AVC 1107 /* We filter this differently */ | ||
55 | #define AUDIT_LAST_USER_MSG 1199 | 56 | #define AUDIT_LAST_USER_MSG 1199 |
56 | 57 | ||
57 | #define AUDIT_DAEMON_START 1200 /* Daemon startup record */ | 58 | #define AUDIT_DAEMON_START 1200 /* Daemon startup record */ |
@@ -235,7 +236,7 @@ extern int audit_socketcall(int nargs, unsigned long *args); | |||
235 | extern int audit_sockaddr(int len, void *addr); | 236 | extern int audit_sockaddr(int len, void *addr); |
236 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); | 237 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); |
237 | extern void audit_signal_info(int sig, struct task_struct *t); | 238 | extern void audit_signal_info(int sig, struct task_struct *t); |
238 | extern int audit_filter_user(struct task_struct *tsk, int type); | 239 | extern int audit_filter_user(int pid, int type); |
239 | #else | 240 | #else |
240 | #define audit_alloc(t) ({ 0; }) | 241 | #define audit_alloc(t) ({ 0; }) |
241 | #define audit_free(t) do { ; } while (0) | 242 | #define audit_free(t) do { ; } while (0) |
@@ -252,7 +253,7 @@ extern int audit_filter_user(struct task_struct *tsk, int type); | |||
252 | #define audit_sockaddr(len, addr) ({ 0; }) | 253 | #define audit_sockaddr(len, addr) ({ 0; }) |
253 | #define audit_avc_path(dentry, mnt) ({ 0; }) | 254 | #define audit_avc_path(dentry, mnt) ({ 0; }) |
254 | #define audit_signal_info(s,t) do { ; } while (0) | 255 | #define audit_signal_info(s,t) do { ; } while (0) |
255 | #define audit_filter_user(struct ({ 1; }) | 256 | #define audit_filter_user(p,t) ({ 1; }) |
256 | #endif | 257 | #endif |
257 | 258 | ||
258 | #ifdef CONFIG_AUDIT | 259 | #ifdef CONFIG_AUDIT |