diff options
| author | Ahmed S. Darwish <darwish.07@gmail.com> | 2008-04-18 19:59:43 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-04-18 19:59:43 -0400 |
| commit | 04305e4aff8b0533dc05f9f6f1a34d0796bd985f (patch) | |
| tree | 9938264917b4b9e6e147b883d88fca94c6788b76 /security | |
| parent | 9d57a7f9e23dc30783d245280fc9907cf2c87837 (diff) | |
Audit: Final renamings and cleanup
Rename the se_str and se_rule audit fields elements to
lsm_str and lsm_rule to avoid confusion.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/include/audit.h | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h new file mode 100644 index 000000000000..6c8b9ef15579 --- /dev/null +++ b/security/selinux/include/audit.h | |||
| @@ -0,0 +1,65 @@ | |||
| 1 | /* | ||
| 2 | * SELinux support for the Audit LSM hooks | ||
| 3 | * | ||
| 4 | * Most of below header was moved from include/linux/selinux.h which | ||
| 5 | * is released under below copyrights: | ||
| 6 | * | ||
| 7 | * Author: James Morris <jmorris@redhat.com> | ||
| 8 | * | ||
| 9 | * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com> | ||
| 10 | * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> | ||
| 11 | * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com> | ||
| 12 | * | ||
| 13 | * This program is free software; you can redistribute it and/or modify | ||
| 14 | * it under the terms of the GNU General Public License version 2, | ||
| 15 | * as published by the Free Software Foundation. | ||
| 16 | */ | ||
| 17 | |||
| 18 | #ifndef _SELINUX_AUDIT_H | ||
| 19 | #define _SELINUX_AUDIT_H | ||
| 20 | |||
| 21 | /** | ||
| 22 | * selinux_audit_rule_init - alloc/init an selinux audit rule structure. | ||
| 23 | * @field: the field this rule refers to | ||
| 24 | * @op: the operater the rule uses | ||
| 25 | * @rulestr: the text "target" of the rule | ||
| 26 | * @rule: pointer to the new rule structure returned via this | ||
| 27 | * | ||
| 28 | * Returns 0 if successful, -errno if not. On success, the rule structure | ||
| 29 | * will be allocated internally. The caller must free this structure with | ||
| 30 | * selinux_audit_rule_free() after use. | ||
| 31 | */ | ||
| 32 | int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule); | ||
| 33 | |||
| 34 | /** | ||
| 35 | * selinux_audit_rule_free - free an selinux audit rule structure. | ||
| 36 | * @rule: pointer to the audit rule to be freed | ||
| 37 | * | ||
| 38 | * This will free all memory associated with the given rule. | ||
| 39 | * If @rule is NULL, no operation is performed. | ||
| 40 | */ | ||
| 41 | void selinux_audit_rule_free(void *rule); | ||
| 42 | |||
| 43 | /** | ||
| 44 | * selinux_audit_rule_match - determine if a context ID matches a rule. | ||
| 45 | * @sid: the context ID to check | ||
| 46 | * @field: the field this rule refers to | ||
| 47 | * @op: the operater the rule uses | ||
| 48 | * @rule: pointer to the audit rule to check against | ||
| 49 | * @actx: the audit context (can be NULL) associated with the check | ||
| 50 | * | ||
| 51 | * Returns 1 if the context id matches the rule, 0 if it does not, and | ||
| 52 | * -errno on failure. | ||
| 53 | */ | ||
| 54 | int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule, | ||
| 55 | struct audit_context *actx); | ||
| 56 | |||
| 57 | /** | ||
| 58 | * selinux_audit_rule_known - check to see if rule contains selinux fields. | ||
| 59 | * @rule: rule to be checked | ||
| 60 | * Returns 1 if there are selinux fields specified in the rule, 0 otherwise. | ||
| 61 | */ | ||
| 62 | int selinux_audit_rule_known(struct audit_krule *krule); | ||
| 63 | |||
| 64 | #endif /* _SELINUX_AUDIT_H */ | ||
| 65 | |||