aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2008-04-29 14:41:22 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-04-29 14:41:22 -0400
commit9781db7b345b5dfe93787aaaf310c861db7c1ede (patch)
treed9796e29fd914ca04835636be95bbd5082a034fd /include/net
parent97094dcf5cefc8ccfdf93839f54dac2c4d316165 (diff)
parent8b67dca9420474623709e00d72a066068a502b20 (diff)
Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [PATCH] new predicate - AUDIT_FILETYPE [patch 2/2] Use find_task_by_vpid in audit code [patch 1/2] audit: let userspace fully control TTY input auditing [PATCH 2/2] audit: fix sparse shadowed variable warnings [PATCH 1/2] audit: move extern declarations to audit.h Audit: MAINTAINERS update Audit: increase the maximum length of the key field Audit: standardize string audit interfaces Audit: stop deadlock from signals under load Audit: save audit_backlog_limit audit messages in case auditd comes back Audit: collect sessionid in netlink messages Audit: end printk with newline
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netlabel.h1
-rw-r--r--include/net/xfrm.h23
2 files changed, 13 insertions, 11 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 5e53a85b5ca1..e4d2d6baa983 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -103,6 +103,7 @@ struct cipso_v4_doi;
103struct netlbl_audit { 103struct netlbl_audit {
104 u32 secid; 104 u32 secid;
105 uid_t loginuid; 105 uid_t loginuid;
106 u32 sessionid;
106}; 107};
107 108
108/* 109/*
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index baa9f372cfd1..d1350bcccb03 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -597,8 +597,9 @@ struct xfrm_spi_skb_cb {
597/* Audit Information */ 597/* Audit Information */
598struct xfrm_audit 598struct xfrm_audit
599{ 599{
600 u32 loginuid;
601 u32 secid; 600 u32 secid;
601 uid_t loginuid;
602 u32 sessionid;
602}; 603};
603 604
604#ifdef CONFIG_AUDITSYSCALL 605#ifdef CONFIG_AUDITSYSCALL
@@ -616,13 +617,13 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op)
616 return audit_buf; 617 return audit_buf;
617} 618}
618 619
619static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, 620static inline void xfrm_audit_helper_usrinfo(uid_t auid, u32 ses, u32 secid,
620 struct audit_buffer *audit_buf) 621 struct audit_buffer *audit_buf)
621{ 622{
622 char *secctx; 623 char *secctx;
623 u32 secctx_len; 624 u32 secctx_len;
624 625
625 audit_log_format(audit_buf, " auid=%u", auid); 626 audit_log_format(audit_buf, " auid=%u ses=%u", auid, ses);
626 if (secid != 0 && 627 if (secid != 0 &&
627 security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { 628 security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) {
628 audit_log_format(audit_buf, " subj=%s", secctx); 629 audit_log_format(audit_buf, " subj=%s", secctx);
@@ -632,13 +633,13 @@ static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid,
632} 633}
633 634
634extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, 635extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
635 u32 auid, u32 secid); 636 u32 auid, u32 ses, u32 secid);
636extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, 637extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
637 u32 auid, u32 secid); 638 u32 auid, u32 ses, u32 secid);
638extern void xfrm_audit_state_add(struct xfrm_state *x, int result, 639extern void xfrm_audit_state_add(struct xfrm_state *x, int result,
639 u32 auid, u32 secid); 640 u32 auid, u32 ses, u32 secid);
640extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, 641extern void xfrm_audit_state_delete(struct xfrm_state *x, int result,
641 u32 auid, u32 secid); 642 u32 auid, u32 ses, u32 secid);
642extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, 643extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
643 struct sk_buff *skb); 644 struct sk_buff *skb);
644extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); 645extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family);
@@ -647,10 +648,10 @@ extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family,
647extern void xfrm_audit_state_icvfail(struct xfrm_state *x, 648extern void xfrm_audit_state_icvfail(struct xfrm_state *x,
648 struct sk_buff *skb, u8 proto); 649 struct sk_buff *skb, u8 proto);
649#else 650#else
650#define xfrm_audit_policy_add(x, r, a, s) do { ; } while (0) 651#define xfrm_audit_policy_add(x, r, a, se, s) do { ; } while (0)
651#define xfrm_audit_policy_delete(x, r, a, s) do { ; } while (0) 652#define xfrm_audit_policy_delete(x, r, a, se, s) do { ; } while (0)
652#define xfrm_audit_state_add(x, r, a, s) do { ; } while (0) 653#define xfrm_audit_state_add(x, r, a, se, s) do { ; } while (0)
653#define xfrm_audit_state_delete(x, r, a, s) do { ; } while (0) 654#define xfrm_audit_state_delete(x, r, a, se, s) do { ; } while (0)
654#define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) 655#define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0)
655#define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) 656#define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0)
656#define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) 657#define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0)