SELinux: use new audit hooks, remove redundant exports

Setup the new Audit LSM hooks for SELinux.
Remove the now redundant exported SELinux Audit interface.

Audit: Export 'audit_krule' and 'audit_field' to the public
since their internals are needed by the implementation of the
new LSM hook 'audit_rule_known'.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>

1 files changed, 8 insertions, 0 deletions

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index bfffaa52e0cb..a2f7e9cf78c5 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -83,6 +83,7 @@
 #include "netport.h"
 #include "xfrm.h"
 #include "netlabel.h"
+#include "audit.h"
 
 #define XATTR_SELINUX_SUFFIX "selinux"
 #define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX
@@ -5478,6 +5479,13 @@ static struct security_operations selinux_ops = {
         .key_free =                     selinux_key_free,
         .key_permission =               selinux_key_permission,
 #endif
+
+#ifdef CONFIG_AUDIT
+        .audit_rule_init =              selinux_audit_rule_init,
+        .audit_rule_known =             selinux_audit_rule_known,
+        .audit_rule_match =             selinux_audit_rule_match,
+        .audit_rule_free =              selinux_audit_rule_free,
+#endif
 };
 
 static __init int selinux_init(void)