aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-19 14:35:50 -0400
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-19 14:35:50 -0400
commit0f45aa18e65cf3d768082d7d86054a0d2a20bb18 (patch)
tree6e94dfcd813061f5a710b5621e1b2f5a01a95533 /include/linux
parent0107b3cf3225aed6ddde4fa8dbcd4ed643b34f4d (diff)
AUDIT: Allow filtering of user messages
Turn the field from a bitmask to an enumeration and add a list to allow filtering of messages generated by userspace. We also define a list for file system watches in anticipation of that feature. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/audit.h15
1 files changed, 11 insertions, 4 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index bf2ad3ba72eb..b5bda24f7365 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -75,10 +75,15 @@
75#define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ 75#define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */
76 76
77/* Rule flags */ 77/* Rule flags */
78#define AUDIT_PER_TASK 0x01 /* Apply rule at task creation (not syscall) */ 78#define AUDIT_FILTER_USER 0x00 /* Apply rule to user-generated messages */
79#define AUDIT_AT_ENTRY 0x02 /* Apply rule at syscall entry */ 79#define AUDIT_FILTER_TASK 0x01 /* Apply rule at task creation (not syscall) */
80#define AUDIT_AT_EXIT 0x04 /* Apply rule at syscall exit */ 80#define AUDIT_FILTER_ENTRY 0x02 /* Apply rule at syscall entry */
81#define AUDIT_PREPEND 0x10 /* Prepend to front of list */ 81#define AUDIT_FILTER_WATCH 0x03 /* Apply rule to file system watches */
82#define AUDIT_FILTER_EXIT 0x04 /* Apply rule at syscall exit */
83
84#define AUDIT_NR_FILTERS 5
85
86#define AUDIT_FILTER_PREPEND 0x10 /* Prepend to front of list */
82 87
83/* Rule actions */ 88/* Rule actions */
84#define AUDIT_NEVER 0 /* Do not build context if rule matches */ 89#define AUDIT_NEVER 0 /* Do not build context if rule matches */
@@ -230,6 +235,7 @@ extern int audit_socketcall(int nargs, unsigned long *args);
230extern int audit_sockaddr(int len, void *addr); 235extern int audit_sockaddr(int len, void *addr);
231extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); 236extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
232extern void audit_signal_info(int sig, struct task_struct *t); 237extern void audit_signal_info(int sig, struct task_struct *t);
238extern int audit_filter_user(struct task_struct *tsk, int type);
233#else 239#else
234#define audit_alloc(t) ({ 0; }) 240#define audit_alloc(t) ({ 0; })
235#define audit_free(t) do { ; } while (0) 241#define audit_free(t) do { ; } while (0)
@@ -246,6 +252,7 @@ extern void audit_signal_info(int sig, struct task_struct *t);
246#define audit_sockaddr(len, addr) ({ 0; }) 252#define audit_sockaddr(len, addr) ({ 0; })
247#define audit_avc_path(dentry, mnt) ({ 0; }) 253#define audit_avc_path(dentry, mnt) ({ 0; })
248#define audit_signal_info(s,t) do { ; } while (0) 254#define audit_signal_info(s,t) do { ; } while (0)
255#define audit_filter_user(struct ({ 1; })
249#endif 256#endif
250 257
251#ifdef CONFIG_AUDIT 258#ifdef CONFIG_AUDIT