Merge branch 'audit.b28' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current

* 'audit.b28' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
  [PATCH] audit: AUDIT_PERM support
  [PATCH] audit: more syscall classes added
  [PATCH] syscall classes hookup for ppc and s390
  [PATCH] update audit rule change messages
  [PATCH] sanity check audit_buffer
  [PATCH] fix ppid bug in 2.6.18 kernel

3 files changed, 30 insertions, 0 deletions

diff --git a/include/asm-generic/audit_read.h b/include/asm-generic/audit_read.h
new file mode 100644
index 000000000000..0e87464d9847
--- /dev/null
+++ b/include/asm-generic/audit_read.h
@@ -0,0 +1,8 @@
+__NR_readlink,
+__NR_quotactl,
+__NR_listxattr,
+__NR_llistxattr,
+__NR_flistxattr,
+__NR_getxattr,
+__NR_lgetxattr,
+__NR_fgetxattr,
diff --git a/include/asm-generic/audit_write.h b/include/asm-generic/audit_write.h
new file mode 100644
index 000000000000..f10d367fb2a5
--- /dev/null
+++ b/include/asm-generic/audit_write.h
@@ -0,0 +1,11 @@
+#include <asm-generic/audit_dir_write.h>
+__NR_acct,
+__NR_swapon,
+__NR_quotactl,
+__NR_truncate,
+#ifdef __NR_truncate64
+__NR_truncate64,
+#endif
+#ifdef __NR_bind
+__NR_bind,              /* bind can affect fs object only in one way... */
+#endif
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 64f9f9e56ac5..40a6c26294ae 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -132,6 +132,10 @@
 #define AUDIT_CLASS_DIR_WRITE_32 1
 #define AUDIT_CLASS_CHATTR 2
 #define AUDIT_CLASS_CHATTR_32 3
+#define AUDIT_CLASS_READ 4
+#define AUDIT_CLASS_READ_32 5
+#define AUDIT_CLASS_WRITE 6
+#define AUDIT_CLASS_WRITE_32 7
 
 /* This bitmask is used to validate user input.  It represents all bits that
  * are currently used in an audit field constant understood by the kernel.
@@ -177,6 +181,7 @@
 #define AUDIT_EXIT      103
 #define AUDIT_SUCCESS   104     /* exit >= 0; value ignored */
 #define AUDIT_WATCH     105
+#define AUDIT_PERM      106
 
 #define AUDIT_ARG0      200
 #define AUDIT_ARG1      (AUDIT_ARG0+1)
@@ -252,6 +257,11 @@
 #define AUDIT_ARCH_V850         (EM_V850|__AUDIT_ARCH_LE)
 #define AUDIT_ARCH_X86_64       (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
 
+#define AUDIT_PERM_EXEC         1
+#define AUDIT_PERM_WRITE        2
+#define AUDIT_PERM_READ         4
+#define AUDIT_PERM_ATTR         8
+
 struct audit_status {
         __u32           mask;           /* Bit mask for valid entries */
         __u32           enabled;        /* 1 = enabled, 0 = disabled */
@@ -314,6 +324,7 @@ struct mqstat;
 #define AUDITSC_FAILURE 2
 #define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
 extern int __init audit_register_class(int class, unsigned *list);
+extern int audit_classify_syscall(int abi, unsigned syscall);
 #ifdef CONFIG_AUDITSYSCALL
 /* These are defined in auditsc.c */
                                 /* Public API */