diff options
| author | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-06-19 14:35:50 -0400 |
|---|---|---|
| committer | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-06-19 14:35:50 -0400 |
| commit | 0f45aa18e65cf3d768082d7d86054a0d2a20bb18 (patch) | |
| tree | 6e94dfcd813061f5a710b5621e1b2f5a01a95533 /include/linux/audit.h | |
| parent | 0107b3cf3225aed6ddde4fa8dbcd4ed643b34f4d (diff) | |
AUDIT: Allow filtering of user messages
Turn the field from a bitmask to an enumeration and add a list to allow
filtering of messages generated by userspace. We also define a list for
file system watches in anticipation of that feature.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'include/linux/audit.h')
| -rw-r--r-- | include/linux/audit.h | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index bf2ad3ba72eb..b5bda24f7365 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -75,10 +75,15 @@ | |||
| 75 | #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ | 75 | #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ |
| 76 | 76 | ||
| 77 | /* Rule flags */ | 77 | /* Rule flags */ |
| 78 | #define AUDIT_PER_TASK 0x01 /* Apply rule at task creation (not syscall) */ | 78 | #define AUDIT_FILTER_USER 0x00 /* Apply rule to user-generated messages */ |
| 79 | #define AUDIT_AT_ENTRY 0x02 /* Apply rule at syscall entry */ | 79 | #define AUDIT_FILTER_TASK 0x01 /* Apply rule at task creation (not syscall) */ |
| 80 | #define AUDIT_AT_EXIT 0x04 /* Apply rule at syscall exit */ | 80 | #define AUDIT_FILTER_ENTRY 0x02 /* Apply rule at syscall entry */ |
| 81 | #define AUDIT_PREPEND 0x10 /* Prepend to front of list */ | 81 | #define AUDIT_FILTER_WATCH 0x03 /* Apply rule to file system watches */ |
| 82 | #define AUDIT_FILTER_EXIT 0x04 /* Apply rule at syscall exit */ | ||
| 83 | |||
| 84 | #define AUDIT_NR_FILTERS 5 | ||
| 85 | |||
| 86 | #define AUDIT_FILTER_PREPEND 0x10 /* Prepend to front of list */ | ||
| 82 | 87 | ||
| 83 | /* Rule actions */ | 88 | /* Rule actions */ |
| 84 | #define AUDIT_NEVER 0 /* Do not build context if rule matches */ | 89 | #define AUDIT_NEVER 0 /* Do not build context if rule matches */ |
| @@ -230,6 +235,7 @@ extern int audit_socketcall(int nargs, unsigned long *args); | |||
| 230 | extern int audit_sockaddr(int len, void *addr); | 235 | extern int audit_sockaddr(int len, void *addr); |
| 231 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); | 236 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); |
| 232 | extern void audit_signal_info(int sig, struct task_struct *t); | 237 | extern void audit_signal_info(int sig, struct task_struct *t); |
| 238 | extern int audit_filter_user(struct task_struct *tsk, int type); | ||
| 233 | #else | 239 | #else |
| 234 | #define audit_alloc(t) ({ 0; }) | 240 | #define audit_alloc(t) ({ 0; }) |
| 235 | #define audit_free(t) do { ; } while (0) | 241 | #define audit_free(t) do { ; } while (0) |
| @@ -246,6 +252,7 @@ extern void audit_signal_info(int sig, struct task_struct *t); | |||
| 246 | #define audit_sockaddr(len, addr) ({ 0; }) | 252 | #define audit_sockaddr(len, addr) ({ 0; }) |
| 247 | #define audit_avc_path(dentry, mnt) ({ 0; }) | 253 | #define audit_avc_path(dentry, mnt) ({ 0; }) |
| 248 | #define audit_signal_info(s,t) do { ; } while (0) | 254 | #define audit_signal_info(s,t) do { ; } while (0) |
| 255 | #define audit_filter_user(struct ({ 1; }) | ||
| 249 | #endif | 256 | #endif |
| 250 | 257 | ||
| 251 | #ifdef CONFIG_AUDIT | 258 | #ifdef CONFIG_AUDIT |