diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-29 14:41:22 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-29 14:41:22 -0400 |
commit | 9781db7b345b5dfe93787aaaf310c861db7c1ede (patch) | |
tree | d9796e29fd914ca04835636be95bbd5082a034fd /include/net | |
parent | 97094dcf5cefc8ccfdf93839f54dac2c4d316165 (diff) | |
parent | 8b67dca9420474623709e00d72a066068a502b20 (diff) |
Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[PATCH] new predicate - AUDIT_FILETYPE
[patch 2/2] Use find_task_by_vpid in audit code
[patch 1/2] audit: let userspace fully control TTY input auditing
[PATCH 2/2] audit: fix sparse shadowed variable warnings
[PATCH 1/2] audit: move extern declarations to audit.h
Audit: MAINTAINERS update
Audit: increase the maximum length of the key field
Audit: standardize string audit interfaces
Audit: stop deadlock from signals under load
Audit: save audit_backlog_limit audit messages in case auditd comes back
Audit: collect sessionid in netlink messages
Audit: end printk with newline
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netlabel.h | 1 | ||||
-rw-r--r-- | include/net/xfrm.h | 23 |
2 files changed, 13 insertions, 11 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 5e53a85b5ca1..e4d2d6baa983 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h | |||
@@ -103,6 +103,7 @@ struct cipso_v4_doi; | |||
103 | struct netlbl_audit { | 103 | struct netlbl_audit { |
104 | u32 secid; | 104 | u32 secid; |
105 | uid_t loginuid; | 105 | uid_t loginuid; |
106 | u32 sessionid; | ||
106 | }; | 107 | }; |
107 | 108 | ||
108 | /* | 109 | /* |
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index baa9f372cfd1..d1350bcccb03 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h | |||
@@ -597,8 +597,9 @@ struct xfrm_spi_skb_cb { | |||
597 | /* Audit Information */ | 597 | /* Audit Information */ |
598 | struct xfrm_audit | 598 | struct xfrm_audit |
599 | { | 599 | { |
600 | u32 loginuid; | ||
601 | u32 secid; | 600 | u32 secid; |
601 | uid_t loginuid; | ||
602 | u32 sessionid; | ||
602 | }; | 603 | }; |
603 | 604 | ||
604 | #ifdef CONFIG_AUDITSYSCALL | 605 | #ifdef CONFIG_AUDITSYSCALL |
@@ -616,13 +617,13 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op) | |||
616 | return audit_buf; | 617 | return audit_buf; |
617 | } | 618 | } |
618 | 619 | ||
619 | static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, | 620 | static inline void xfrm_audit_helper_usrinfo(uid_t auid, u32 ses, u32 secid, |
620 | struct audit_buffer *audit_buf) | 621 | struct audit_buffer *audit_buf) |
621 | { | 622 | { |
622 | char *secctx; | 623 | char *secctx; |
623 | u32 secctx_len; | 624 | u32 secctx_len; |
624 | 625 | ||
625 | audit_log_format(audit_buf, " auid=%u", auid); | 626 | audit_log_format(audit_buf, " auid=%u ses=%u", auid, ses); |
626 | if (secid != 0 && | 627 | if (secid != 0 && |
627 | security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { | 628 | security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { |
628 | audit_log_format(audit_buf, " subj=%s", secctx); | 629 | audit_log_format(audit_buf, " subj=%s", secctx); |
@@ -632,13 +633,13 @@ static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, | |||
632 | } | 633 | } |
633 | 634 | ||
634 | extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, | 635 | extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, |
635 | u32 auid, u32 secid); | 636 | u32 auid, u32 ses, u32 secid); |
636 | extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, | 637 | extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, |
637 | u32 auid, u32 secid); | 638 | u32 auid, u32 ses, u32 secid); |
638 | extern void xfrm_audit_state_add(struct xfrm_state *x, int result, | 639 | extern void xfrm_audit_state_add(struct xfrm_state *x, int result, |
639 | u32 auid, u32 secid); | 640 | u32 auid, u32 ses, u32 secid); |
640 | extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, | 641 | extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, |
641 | u32 auid, u32 secid); | 642 | u32 auid, u32 ses, u32 secid); |
642 | extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, | 643 | extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, |
643 | struct sk_buff *skb); | 644 | struct sk_buff *skb); |
644 | extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); | 645 | extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); |
@@ -647,10 +648,10 @@ extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, | |||
647 | extern void xfrm_audit_state_icvfail(struct xfrm_state *x, | 648 | extern void xfrm_audit_state_icvfail(struct xfrm_state *x, |
648 | struct sk_buff *skb, u8 proto); | 649 | struct sk_buff *skb, u8 proto); |
649 | #else | 650 | #else |
650 | #define xfrm_audit_policy_add(x, r, a, s) do { ; } while (0) | 651 | #define xfrm_audit_policy_add(x, r, a, se, s) do { ; } while (0) |
651 | #define xfrm_audit_policy_delete(x, r, a, s) do { ; } while (0) | 652 | #define xfrm_audit_policy_delete(x, r, a, se, s) do { ; } while (0) |
652 | #define xfrm_audit_state_add(x, r, a, s) do { ; } while (0) | 653 | #define xfrm_audit_state_add(x, r, a, se, s) do { ; } while (0) |
653 | #define xfrm_audit_state_delete(x, r, a, s) do { ; } while (0) | 654 | #define xfrm_audit_state_delete(x, r, a, se, s) do { ; } while (0) |
654 | #define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) | 655 | #define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) |
655 | #define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) | 656 | #define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) |
656 | #define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) | 657 | #define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) |