Merge branch 'audit.b22' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current

* 'audit.b22' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [PATCH] audit syscall classes [PATCH] audit: support for object context filters [PATCH] audit: rename AUDIT_SE_* constants [PATCH] add rule filterkey
author: Linus Torvalds <torvalds@g5.osdl.org> 2006-07-01 12:59:08 -0400
committer: Linus Torvalds <torvalds@g5.osdl.org> 2006-07-01 12:59:08 -0400
commit: fc25465f09414538afdbceacc517dd4dbabadeca (patch)
tree: 0e1b051a7ee108d3062949094da55626729d0a5b /include
parent: b4bc7b53ccfa0cb793591ba11af49db8f1bc5a4d (diff)
parent: b915543b46a2aa599fdd2169e51bcfd88812a12b (diff)
3 files changed, 52 insertions, 5 deletions
diff --git a/include/asm-generic/audit_change_attr.h b/include/asm-generic/audit_change_attr.h
new file mode 100644
index 000000000000..cb05bf69745a
--- /dev/null
+++ b/include/asm-generic/audit_change_attr.h
@@ -0,0 +1,18 @@
+__NR_chmod,
+__NR_fchmod,
+__NR_chown,
+__NR_fchown,
+__NR_lchown,
+__NR_setxattr,
+__NR_lsetxattr,
+__NR_fsetxattr,
+__NR_removexattr,
+__NR_lremovexattr,
+__NR_fremovexattr,
+__NR_fchownat,
+__NR_fchmodat,
+#ifdef __NR_chown32
+__NR_chown32,
+__NR_fchown32,
+__NR_lchown32,
+#endif
diff --git a/include/asm-generic/audit_dir_write.h b/include/asm-generic/audit_dir_write.h
new file mode 100644
index 000000000000..161a7a58fbab
--- /dev/null
+++ b/include/asm-generic/audit_dir_write.h
@@ -0,0 +1,14 @@
+__NR_rename,
+__NR_mkdir,
+__NR_rmdir,
+__NR_creat,
+__NR_link,
+__NR_unlink,
+__NR_symlink,
+__NR_mknod,
+__NR_mkdirat,
+__NR_mknodat,
+__NR_unlinkat,
+__NR_renameat,
+__NR_linkat,
+__NR_symlinkat,
diff --git a/include/linux/audit.h b/include/linux/audit.h
index e051ff9c5b50..b27d7debc5a1 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -122,10 +122,17 @@
 /* Rule structure sizes -- if these change, different AUDIT_ADD and
 * AUDIT_LIST commands must be implemented. */
 #define AUDIT_MAX_FIELDS   64
+#define AUDIT_MAX_KEY_LEN  32
 #define AUDIT_BITMASK_SIZE 64
 #define AUDIT_WORD(nr) ((__u32)((nr)/32))
 #define AUDIT_BIT(nr)  (1 << ((nr) - AUDIT_WORD(nr)*32))
+#define AUDIT_SYSCALL_CLASSES 16
+#define AUDIT_CLASS_DIR_WRITE 0
+#define AUDIT_CLASS_DIR_WRITE_32 1
+#define AUDIT_CLASS_CHATTR 2
+#define AUDIT_CLASS_CHATTR_32 3
 /* This bitmask is used to validate user input.  It represents all bits that
 * are currently used in an audit field constant understood by the kernel.
 * If you are adding a new #define AUDIT_<whatever>, please ensure that
@@ -150,12 +157,17 @@
 #define AUDIT_PERS      10
 #define AUDIT_ARCH      11
 #define AUDIT_MSGTYPE   12
-#define AUDIT_SE_USER   13      /* security label user */
+#define AUDIT_SUBJ_USER 13      /* security label user */
-#define AUDIT_SE_ROLE   14      /* security label role */
+#define AUDIT_SUBJ_ROLE 14      /* security label role */
-#define AUDIT_SE_TYPE   15      /* security label type */
+#define AUDIT_SUBJ_TYPE 15      /* security label type */
-#define AUDIT_SE_SEN    16      /* security label sensitivity label */
+#define AUDIT_SUBJ_SEN  16      /* security label sensitivity label */
-#define AUDIT_SE_CLR    17      /* security label clearance label */
+#define AUDIT_SUBJ_CLR  17      /* security label clearance label */
 #define AUDIT_PPID      18
+#define AUDIT_OBJ_USER  19
+#define AUDIT_OBJ_ROLE  20
+#define AUDIT_OBJ_TYPE  21
+#define AUDIT_OBJ_LEV_LOW       22
+#define AUDIT_OBJ_LEV_HIGH      23
                                /* These are ONLY useful when checking
                                 * at syscall exit time (AUDIT_AT_EXIT). */
@@ -171,6 +183,8 @@
 #define AUDIT_ARG2      (AUDIT_ARG0+2)
 #define AUDIT_ARG3      (AUDIT_ARG0+3)
+#define AUDIT_FILTERKEY 210
 #define AUDIT_NEGATE                    0x80000000
 /* These are the supported operators.
@@ -299,6 +313,7 @@ struct mqstat;
 #define AUDITSC_SUCCESS 1
 #define AUDITSC_FAILURE 2
 #define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
+extern int __init audit_register_class(int class, unsigned *list);
 #ifdef CONFIG_AUDITSYSCALL
 /* These are defined in auditsc.c */
                                /* Public API */
author	Linus Torvalds <torvalds@g5.osdl.org>	2006-07-01 12:59:08 -0400
committer	Linus Torvalds <torvalds@g5.osdl.org>	2006-07-01 12:59:08 -0400
commit	fc25465f09414538afdbceacc517dd4dbabadeca (patch)
tree	0e1b051a7ee108d3062949094da55626729d0a5b /include
parent	b4bc7b53ccfa0cb793591ba11af49db8f1bc5a4d (diff)
parent	b915543b46a2aa599fdd2169e51bcfd88812a12b (diff)

diff --git a/include/asm-generic/audit_change_attr.h b/include/asm-generic/audit_change_attr.h new file mode 100644 index 000000000000..cb05bf69745a --- /dev/null +++ b/include/asm-generic/audit_change_attr.h
@@ -0,0 +1,18 @@
		1	__NR_chmod,
		2	__NR_fchmod,
		3	__NR_chown,
		4	__NR_fchown,
		5	__NR_lchown,
		6	__NR_setxattr,
		7	__NR_lsetxattr,
		8	__NR_fsetxattr,
		9	__NR_removexattr,
		10	__NR_lremovexattr,
		11	__NR_fremovexattr,
		12	__NR_fchownat,
		13	__NR_fchmodat,
		14	#ifdef __NR_chown32
		15	__NR_chown32,
		16	__NR_fchown32,
		17	__NR_lchown32,
		18	#endif


diff --git a/include/asm-generic/audit_dir_write.h b/include/asm-generic/audit_dir_write.h new file mode 100644 index 000000000000..161a7a58fbab --- /dev/null +++ b/include/asm-generic/audit_dir_write.h
@@ -0,0 +1,14 @@
		1	__NR_rename,
		2	__NR_mkdir,
		3	__NR_rmdir,
		4	__NR_creat,
		5	__NR_link,
		6	__NR_unlink,
		7	__NR_symlink,
		8	__NR_mknod,
		9	__NR_mkdirat,
		10	__NR_mknodat,
		11	__NR_unlinkat,
		12	__NR_renameat,
		13	__NR_linkat,
		14	__NR_symlinkat,


diff --git a/include/linux/audit.h b/include/linux/audit.h index e051ff9c5b50..b27d7debc5a1 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -122,10 +122,17 @@
122	/* Rule structure sizes -- if these change, different AUDIT_ADD and	122	/* Rule structure sizes -- if these change, different AUDIT_ADD and
123	* AUDIT_LIST commands must be implemented. */	123	* AUDIT_LIST commands must be implemented. */
124	#define AUDIT_MAX_FIELDS 64	124	#define AUDIT_MAX_FIELDS 64
		125	#define AUDIT_MAX_KEY_LEN 32
125	#define AUDIT_BITMASK_SIZE 64	126	#define AUDIT_BITMASK_SIZE 64
126	#define AUDIT_WORD(nr) ((__u32)((nr)/32))	127	#define AUDIT_WORD(nr) ((__u32)((nr)/32))
127	#define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32))	128	#define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32))
128		129
		130	#define AUDIT_SYSCALL_CLASSES 16
		131	#define AUDIT_CLASS_DIR_WRITE 0
		132	#define AUDIT_CLASS_DIR_WRITE_32 1
		133	#define AUDIT_CLASS_CHATTR 2
		134	#define AUDIT_CLASS_CHATTR_32 3
		135
129	/* This bitmask is used to validate user input. It represents all bits that	136	/* This bitmask is used to validate user input. It represents all bits that
130	* are currently used in an audit field constant understood by the kernel.	137	* are currently used in an audit field constant understood by the kernel.
131	* If you are adding a new #define AUDIT_<whatever>, please ensure that	138	* If you are adding a new #define AUDIT_<whatever>, please ensure that
@@ -150,12 +157,17 @@
150	#define AUDIT_PERS 10	157	#define AUDIT_PERS 10
151	#define AUDIT_ARCH 11	158	#define AUDIT_ARCH 11
152	#define AUDIT_MSGTYPE 12	159	#define AUDIT_MSGTYPE 12
153	#define AUDIT_SE_USER 13 /* security label user */	160	#define AUDIT_SUBJ_USER 13 /* security label user */
154	#define AUDIT_SE_ROLE 14 /* security label role */	161	#define AUDIT_SUBJ_ROLE 14 /* security label role */
155	#define AUDIT_SE_TYPE 15 /* security label type */	162	#define AUDIT_SUBJ_TYPE 15 /* security label type */
156	#define AUDIT_SE_SEN 16 /* security label sensitivity label */	163	#define AUDIT_SUBJ_SEN 16 /* security label sensitivity label */
157	#define AUDIT_SE_CLR 17 /* security label clearance label */	164	#define AUDIT_SUBJ_CLR 17 /* security label clearance label */
158	#define AUDIT_PPID 18	165	#define AUDIT_PPID 18
		166	#define AUDIT_OBJ_USER 19
		167	#define AUDIT_OBJ_ROLE 20
		168	#define AUDIT_OBJ_TYPE 21
		169	#define AUDIT_OBJ_LEV_LOW 22
		170	#define AUDIT_OBJ_LEV_HIGH 23
159		171
160	/* These are ONLY useful when checking	172	/* These are ONLY useful when checking
161	* at syscall exit time (AUDIT_AT_EXIT). */	173	* at syscall exit time (AUDIT_AT_EXIT). */
@@ -171,6 +183,8 @@
171	#define AUDIT_ARG2 (AUDIT_ARG0+2)	183	#define AUDIT_ARG2 (AUDIT_ARG0+2)
172	#define AUDIT_ARG3 (AUDIT_ARG0+3)	184	#define AUDIT_ARG3 (AUDIT_ARG0+3)
173		185
		186	#define AUDIT_FILTERKEY 210
		187
174	#define AUDIT_NEGATE 0x80000000	188	#define AUDIT_NEGATE 0x80000000
175		189
176	/* These are the supported operators.	190	/* These are the supported operators.
@@ -299,6 +313,7 @@ struct mqstat;
299	#define AUDITSC_SUCCESS 1	313	#define AUDITSC_SUCCESS 1
300	#define AUDITSC_FAILURE 2	314	#define AUDITSC_FAILURE 2
301	#define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )	315	#define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
		316	extern int __init audit_register_class(int class, unsigned *list);
302	#ifdef CONFIG_AUDITSYSCALL	317	#ifdef CONFIG_AUDITSYSCALL
303	/* These are defined in auditsc.c */	318	/* These are defined in auditsc.c */
304	/* Public API */	319	/* Public API */