diff options
author | Darrel Goeddel <dgoeddel@trustedcs.com> | 2006-06-29 17:56:39 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-07-01 05:44:08 -0400 |
commit | 3a6b9f85c641a3b89420b0c8150ed377526a1fe1 (patch) | |
tree | e44e64edf0620d3f6da443c57540b09882231459 /security/selinux | |
parent | 5adc8a6adc91c4c85a64c75a70a619fffc924817 (diff) |
[PATCH] audit: rename AUDIT_SE_* constants
This patch renames some audit constant definitions and adds
additional definitions used by the following patch. The renaming
avoids ambiguity with respect to the new definitions.
Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
include/linux/audit.h | 15 ++++++++----
kernel/auditfilter.c | 50 ++++++++++++++++++++---------------------
kernel/auditsc.c | 10 ++++----
security/selinux/ss/services.c | 32 +++++++++++++-------------
4 files changed, 56 insertions(+), 51 deletions(-)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/ss/services.c | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e9548bc049e1..92e80b99d183 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
@@ -1845,15 +1845,15 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, | |||
1845 | return -ENOTSUPP; | 1845 | return -ENOTSUPP; |
1846 | 1846 | ||
1847 | switch (field) { | 1847 | switch (field) { |
1848 | case AUDIT_SE_USER: | 1848 | case AUDIT_SUBJ_USER: |
1849 | case AUDIT_SE_ROLE: | 1849 | case AUDIT_SUBJ_ROLE: |
1850 | case AUDIT_SE_TYPE: | 1850 | case AUDIT_SUBJ_TYPE: |
1851 | /* only 'equals' and 'not equals' fit user, role, and type */ | 1851 | /* only 'equals' and 'not equals' fit user, role, and type */ |
1852 | if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL) | 1852 | if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL) |
1853 | return -EINVAL; | 1853 | return -EINVAL; |
1854 | break; | 1854 | break; |
1855 | case AUDIT_SE_SEN: | 1855 | case AUDIT_SUBJ_SEN: |
1856 | case AUDIT_SE_CLR: | 1856 | case AUDIT_SUBJ_CLR: |
1857 | /* we do not allow a range, indicated by the presense of '-' */ | 1857 | /* we do not allow a range, indicated by the presense of '-' */ |
1858 | if (strchr(rulestr, '-')) | 1858 | if (strchr(rulestr, '-')) |
1859 | return -EINVAL; | 1859 | return -EINVAL; |
@@ -1874,29 +1874,29 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, | |||
1874 | tmprule->au_seqno = latest_granting; | 1874 | tmprule->au_seqno = latest_granting; |
1875 | 1875 | ||
1876 | switch (field) { | 1876 | switch (field) { |
1877 | case AUDIT_SE_USER: | 1877 | case AUDIT_SUBJ_USER: |
1878 | userdatum = hashtab_search(policydb.p_users.table, rulestr); | 1878 | userdatum = hashtab_search(policydb.p_users.table, rulestr); |
1879 | if (!userdatum) | 1879 | if (!userdatum) |
1880 | rc = -EINVAL; | 1880 | rc = -EINVAL; |
1881 | else | 1881 | else |
1882 | tmprule->au_ctxt.user = userdatum->value; | 1882 | tmprule->au_ctxt.user = userdatum->value; |
1883 | break; | 1883 | break; |
1884 | case AUDIT_SE_ROLE: | 1884 | case AUDIT_SUBJ_ROLE: |
1885 | roledatum = hashtab_search(policydb.p_roles.table, rulestr); | 1885 | roledatum = hashtab_search(policydb.p_roles.table, rulestr); |
1886 | if (!roledatum) | 1886 | if (!roledatum) |
1887 | rc = -EINVAL; | 1887 | rc = -EINVAL; |
1888 | else | 1888 | else |
1889 | tmprule->au_ctxt.role = roledatum->value; | 1889 | tmprule->au_ctxt.role = roledatum->value; |
1890 | break; | 1890 | break; |
1891 | case AUDIT_SE_TYPE: | 1891 | case AUDIT_SUBJ_TYPE: |
1892 | typedatum = hashtab_search(policydb.p_types.table, rulestr); | 1892 | typedatum = hashtab_search(policydb.p_types.table, rulestr); |
1893 | if (!typedatum) | 1893 | if (!typedatum) |
1894 | rc = -EINVAL; | 1894 | rc = -EINVAL; |
1895 | else | 1895 | else |
1896 | tmprule->au_ctxt.type = typedatum->value; | 1896 | tmprule->au_ctxt.type = typedatum->value; |
1897 | break; | 1897 | break; |
1898 | case AUDIT_SE_SEN: | 1898 | case AUDIT_SUBJ_SEN: |
1899 | case AUDIT_SE_CLR: | 1899 | case AUDIT_SUBJ_CLR: |
1900 | rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC); | 1900 | rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC); |
1901 | break; | 1901 | break; |
1902 | } | 1902 | } |
@@ -1948,7 +1948,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
1948 | /* a field/op pair that is not caught here will simply fall through | 1948 | /* a field/op pair that is not caught here will simply fall through |
1949 | without a match */ | 1949 | without a match */ |
1950 | switch (field) { | 1950 | switch (field) { |
1951 | case AUDIT_SE_USER: | 1951 | case AUDIT_SUBJ_USER: |
1952 | switch (op) { | 1952 | switch (op) { |
1953 | case AUDIT_EQUAL: | 1953 | case AUDIT_EQUAL: |
1954 | match = (ctxt->user == rule->au_ctxt.user); | 1954 | match = (ctxt->user == rule->au_ctxt.user); |
@@ -1958,7 +1958,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
1958 | break; | 1958 | break; |
1959 | } | 1959 | } |
1960 | break; | 1960 | break; |
1961 | case AUDIT_SE_ROLE: | 1961 | case AUDIT_SUBJ_ROLE: |
1962 | switch (op) { | 1962 | switch (op) { |
1963 | case AUDIT_EQUAL: | 1963 | case AUDIT_EQUAL: |
1964 | match = (ctxt->role == rule->au_ctxt.role); | 1964 | match = (ctxt->role == rule->au_ctxt.role); |
@@ -1968,7 +1968,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
1968 | break; | 1968 | break; |
1969 | } | 1969 | } |
1970 | break; | 1970 | break; |
1971 | case AUDIT_SE_TYPE: | 1971 | case AUDIT_SUBJ_TYPE: |
1972 | switch (op) { | 1972 | switch (op) { |
1973 | case AUDIT_EQUAL: | 1973 | case AUDIT_EQUAL: |
1974 | match = (ctxt->type == rule->au_ctxt.type); | 1974 | match = (ctxt->type == rule->au_ctxt.type); |
@@ -1978,9 +1978,9 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
1978 | break; | 1978 | break; |
1979 | } | 1979 | } |
1980 | break; | 1980 | break; |
1981 | case AUDIT_SE_SEN: | 1981 | case AUDIT_SUBJ_SEN: |
1982 | case AUDIT_SE_CLR: | 1982 | case AUDIT_SUBJ_CLR: |
1983 | level = (field == AUDIT_SE_SEN ? | 1983 | level = (field == AUDIT_SUBJ_SEN ? |
1984 | &ctxt->range.level[0] : &ctxt->range.level[1]); | 1984 | &ctxt->range.level[0] : &ctxt->range.level[1]); |
1985 | switch (op) { | 1985 | switch (op) { |
1986 | case AUDIT_EQUAL: | 1986 | case AUDIT_EQUAL: |