Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: security: fix up documentation for security_module_enable Security: Introduce security= boot parameter Audit: Final renamings and cleanup SELinux: use new audit hooks, remove redundant exports Audit: internally use the new LSM audit hooks LSM/Audit: Introduce generic Audit LSM hooks SELinux: remove redundant exports Netlink: Use generic LSM hook Audit: use new LSM hooks instead of SELinux exports SELinux: setup new inode/ipc getsecid hooks LSM: Introduce inode_getsecid and ipc_getsecid hooks
author: Linus Torvalds <torvalds@linux-foundation.org> 2008-04-18 21:18:30 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2008-04-18 21:18:30 -0400
commit: 3925e6fc1f774048404fdd910b0345b06c699eb4 (patch)
tree: c9a58417d9492f39f7fe81d4721d674c34dd8be2 /include/linux/audit.h
parent: 334d094504c2fe1c44211ecb49146ae6bca8c321 (diff)
parent: 7cea51be4e91edad05bd834f3235b45c57783f0d (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 2af9ec025015..4ccb048cae1d 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -353,6 +353,33 @@ struct netlink_skb_parms;
 struct linux_binprm;
 struct mq_attr;
 struct mqstat;
+struct audit_watch;
+struct audit_tree;
+struct audit_krule {
+        int                     vers_ops;
+        u32                     flags;
+        u32                     listnr;
+        u32                     action;
+        u32                     mask[AUDIT_BITMASK_SIZE];
+        u32                     buflen; /* for data alloc on list rules */
+        u32                     field_count;
+        char                    *filterkey; /* ties events to rules */
+        struct audit_field      *fields;
+        struct audit_field      *arch_f; /* quick access to arch field */
+        struct audit_field      *inode_f; /* quick access to an inode field */
+        struct audit_watch      *watch; /* associated watch */
+        struct audit_tree       *tree;  /* associated watched tree */
+        struct list_head        rlist;  /* entry in audit_{watch,tree}.rules list */
+};
+struct audit_field {
+        u32                             type;
+        u32                             val;
+        u32                             op;
+        char                            *lsm_str;
+        void                            *lsm_rule;
+};
 #define AUDITSC_INVALID 0
 #define AUDITSC_SUCCESS 1
@@ -536,6 +563,8 @@ extern void		    audit_log_d_path(struct audit_buffer *ab,
                                             const char *prefix,
                                             struct path *path);
 extern void                 audit_log_lost(const char *message);
+extern int                  audit_update_lsm_rules(void);
                                /* Private API (for audit.c only) */
 extern int audit_filter_user(struct netlink_skb_parms *cb, int type);
 extern int audit_filter_type(int type);
author	Linus Torvalds <torvalds@linux-foundation.org>	2008-04-18 21:18:30 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2008-04-18 21:18:30 -0400
commit	3925e6fc1f774048404fdd910b0345b06c699eb4 (patch)
tree	c9a58417d9492f39f7fe81d4721d674c34dd8be2 /include/linux/audit.h
parent	334d094504c2fe1c44211ecb49146ae6bca8c321 (diff)
parent	7cea51be4e91edad05bd834f3235b45c57783f0d (diff)

diff --git a/include/linux/audit.h b/include/linux/audit.h index 2af9ec025015..4ccb048cae1d 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -353,6 +353,33 @@ struct netlink_skb_parms;
353	struct linux_binprm;	353	struct linux_binprm;
354	struct mq_attr;	354	struct mq_attr;
355	struct mqstat;	355	struct mqstat;
		356	struct audit_watch;
		357	struct audit_tree;
		358
		359	struct audit_krule {
		360	int vers_ops;
		361	u32 flags;
		362	u32 listnr;
		363	u32 action;
		364	u32 mask[AUDIT_BITMASK_SIZE];
		365	u32 buflen; /* for data alloc on list rules */
		366	u32 field_count;
		367	char filterkey; / ties events to rules */
		368	struct audit_field *fields;
		369	struct audit_field arch_f; / quick access to arch field */
		370	struct audit_field inode_f; / quick access to an inode field */
		371	struct audit_watch watch; / associated watch */
		372	struct audit_tree tree; / associated watched tree */
		373	struct list_head rlist; /* entry in audit_{watch,tree}.rules list */
		374	};
		375
		376	struct audit_field {
		377	u32 type;
		378	u32 val;
		379	u32 op;
		380	char *lsm_str;
		381	void *lsm_rule;
		382	};
356		383
357	#define AUDITSC_INVALID 0	384	#define AUDITSC_INVALID 0
358	#define AUDITSC_SUCCESS 1	385	#define AUDITSC_SUCCESS 1
@@ -536,6 +563,8 @@ extern void audit_log_d_path(struct audit_buffer *ab,
536	const char *prefix,	563	const char *prefix,
537	struct path *path);	564	struct path *path);
538	extern void audit_log_lost(const char *message);	565	extern void audit_log_lost(const char *message);
		566	extern int audit_update_lsm_rules(void);
		567
539	/* Private API (for audit.c only) */	568	/* Private API (for audit.c only) */
540	extern int audit_filter_user(struct netlink_skb_parms *cb, int type);	569	extern int audit_filter_user(struct netlink_skb_parms *cb, int type);
541	extern int audit_filter_type(int type);	570	extern int audit_filter_type(int type);