diff options
author | David Woodhouse <dwmw2@infradead.org> | 2005-12-15 13:33:52 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-03-20 14:08:54 -0500 |
commit | fe7752bab26a9ac0651b695ad4f55659761f68f7 (patch) | |
tree | b2e516a52232c978fc824b226418d8a28460b8a8 /include/linux | |
parent | ee436dc46a762f430e37952d375a23d87735f73f (diff) |
[PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
This fixes the per-user and per-message-type filtering when syscall
auditing isn't enabled.
[AV: folded followup fix from the same author]
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/audit.h | 18 |
1 files changed, 5 insertions, 13 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 1912d8e8ae90..fbc21d6267f3 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -278,8 +278,6 @@ static inline void audit_inode_child(const char *dname, | |||
278 | } | 278 | } |
279 | 279 | ||
280 | /* Private API (for audit.c only) */ | 280 | /* Private API (for audit.c only) */ |
281 | extern int audit_receive_filter(int type, int pid, int uid, int seq, | ||
282 | void *data, uid_t loginuid); | ||
283 | extern unsigned int audit_serial(void); | 281 | extern unsigned int audit_serial(void); |
284 | extern void auditsc_get_stamp(struct audit_context *ctx, | 282 | extern void auditsc_get_stamp(struct audit_context *ctx, |
285 | struct timespec *t, unsigned int *serial); | 283 | struct timespec *t, unsigned int *serial); |
@@ -290,8 +288,6 @@ extern int audit_socketcall(int nargs, unsigned long *args); | |||
290 | extern int audit_sockaddr(int len, void *addr); | 288 | extern int audit_sockaddr(int len, void *addr); |
291 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); | 289 | extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); |
292 | extern void audit_signal_info(int sig, struct task_struct *t); | 290 | extern void audit_signal_info(int sig, struct task_struct *t); |
293 | extern int audit_filter_user(struct netlink_skb_parms *cb, int type); | ||
294 | extern int audit_filter_type(int type); | ||
295 | extern int audit_set_macxattr(const char *name); | 291 | extern int audit_set_macxattr(const char *name); |
296 | #else | 292 | #else |
297 | #define audit_alloc(t) ({ 0; }) | 293 | #define audit_alloc(t) ({ 0; }) |
@@ -304,7 +300,6 @@ extern int audit_set_macxattr(const char *name); | |||
304 | #define __audit_inode_child(d,i,p) do { ; } while (0) | 300 | #define __audit_inode_child(d,i,p) do { ; } while (0) |
305 | #define audit_inode(n,i,f) do { ; } while (0) | 301 | #define audit_inode(n,i,f) do { ; } while (0) |
306 | #define audit_inode_child(d,i,p) do { ; } while (0) | 302 | #define audit_inode_child(d,i,p) do { ; } while (0) |
307 | #define audit_receive_filter(t,p,u,s,d,l) ({ -EOPNOTSUPP; }) | ||
308 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) | 303 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) |
309 | #define audit_get_loginuid(c) ({ -1; }) | 304 | #define audit_get_loginuid(c) ({ -1; }) |
310 | #define audit_ipc_perms(q,u,g,m,i) ({ 0; }) | 305 | #define audit_ipc_perms(q,u,g,m,i) ({ 0; }) |
@@ -312,7 +307,6 @@ extern int audit_set_macxattr(const char *name); | |||
312 | #define audit_sockaddr(len, addr) ({ 0; }) | 307 | #define audit_sockaddr(len, addr) ({ 0; }) |
313 | #define audit_avc_path(dentry, mnt) ({ 0; }) | 308 | #define audit_avc_path(dentry, mnt) ({ 0; }) |
314 | #define audit_signal_info(s,t) do { ; } while (0) | 309 | #define audit_signal_info(s,t) do { ; } while (0) |
315 | #define audit_filter_user(cb,t) ({ 1; }) | ||
316 | #define audit_set_macxattr(n) do { ; } while (0) | 310 | #define audit_set_macxattr(n) do { ; } while (0) |
317 | #endif | 311 | #endif |
318 | 312 | ||
@@ -337,13 +331,11 @@ extern void audit_log_d_path(struct audit_buffer *ab, | |||
337 | const char *prefix, | 331 | const char *prefix, |
338 | struct dentry *dentry, | 332 | struct dentry *dentry, |
339 | struct vfsmount *vfsmnt); | 333 | struct vfsmount *vfsmnt); |
340 | /* Private API (for auditsc.c only) */ | 334 | /* Private API (for audit.c only) */ |
341 | extern void audit_send_reply(int pid, int seq, int type, | 335 | extern int audit_filter_user(struct netlink_skb_parms *cb, int type); |
342 | int done, int multi, | 336 | extern int audit_filter_type(int type); |
343 | void *payload, int size); | 337 | extern int audit_receive_filter(int type, int pid, int uid, int seq, |
344 | extern void audit_log_lost(const char *message); | 338 | void *data, uid_t loginuid); |
345 | extern void audit_panic(const char *message); | ||
346 | extern struct semaphore audit_netlink_sem; | ||
347 | #else | 339 | #else |
348 | #define audit_log(c,g,t,f,...) do { ; } while (0) | 340 | #define audit_log(c,g,t,f,...) do { ; } while (0) |
349 | #define audit_log_start(c,g,t) ({ NULL; }) | 341 | #define audit_log_start(c,g,t) ({ NULL; }) |