[PATCH] audit: rename AUDIT_SE_* constants

This patch renames some audit constant definitions and adds additional definitions used by the following patch. The renaming avoids ambiguity with respect to the new definitions. Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com> include/linux/audit.h | 15 ++++++++---- kernel/auditfilter.c | 50 ++++++++++++++++++++--------------------- kernel/auditsc.c | 10 ++++---- security/selinux/ss/services.c | 32 +++++++++++++------------- 4 files changed, 56 insertions(+), 51 deletions(-) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
author: Darrel Goeddel <dgoeddel@trustedcs.com> 2006-06-29 17:56:39 -0400
committer: Al Viro <viro@zeniv.linux.org.uk> 2006-07-01 05:44:08 -0400
commit: 3a6b9f85c641a3b89420b0c8150ed377526a1fe1 (patch)
tree: e44e64edf0620d3f6da443c57540b09882231459 /security
parent: 5adc8a6adc91c4c85a64c75a70a619fffc924817 (diff)
1 files changed, 16 insertions, 16 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index e9548bc049e1..92e80b99d183 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1845,15 +1845,15 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
                return -ENOTSUPP;
        switch (field) {
-        case AUDIT_SE_USER:
+        case AUDIT_SUBJ_USER:
-        case AUDIT_SE_ROLE:
+        case AUDIT_SUBJ_ROLE:
-        case AUDIT_SE_TYPE:
+        case AUDIT_SUBJ_TYPE:
                /* only 'equals' and 'not equals' fit user, role, and type */
                if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL)
                        return -EINVAL;
                break;
-        case AUDIT_SE_SEN:
+        case AUDIT_SUBJ_SEN:
-        case AUDIT_SE_CLR:
+        case AUDIT_SUBJ_CLR:
                /* we do not allow a range, indicated by the presense of '-' */
                if (strchr(rulestr, '-'))
                        return -EINVAL;
@@ -1874,29 +1874,29 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
        tmprule->au_seqno = latest_granting;
        switch (field) {
-        case AUDIT_SE_USER:
+        case AUDIT_SUBJ_USER:
                userdatum = hashtab_search(policydb.p_users.table, rulestr);
                if (!userdatum)
                        rc = -EINVAL;
                else
                        tmprule->au_ctxt.user = userdatum->value;
                break;
-        case AUDIT_SE_ROLE:
+        case AUDIT_SUBJ_ROLE:
                roledatum = hashtab_search(policydb.p_roles.table, rulestr);
                if (!roledatum)
                        rc = -EINVAL;
                else
                        tmprule->au_ctxt.role = roledatum->value;
                break;
-        case AUDIT_SE_TYPE:
+        case AUDIT_SUBJ_TYPE:
                typedatum = hashtab_search(policydb.p_types.table, rulestr);
                if (!typedatum)
                        rc = -EINVAL;
                else
                        tmprule->au_ctxt.type = typedatum->value;
                break;
-        case AUDIT_SE_SEN:
+        case AUDIT_SUBJ_SEN:
-        case AUDIT_SE_CLR:
+        case AUDIT_SUBJ_CLR:
                rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC);
                break;
        }
@@ -1948,7 +1948,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
        /* a field/op pair that is not caught here will simply fall through
           without a match */
        switch (field) {
-        case AUDIT_SE_USER:
+        case AUDIT_SUBJ_USER:
                switch (op) {
                case AUDIT_EQUAL:
                        match = (ctxt->user == rule->au_ctxt.user);
@@ -1958,7 +1958,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
                        break;
                }
                break;
-        case AUDIT_SE_ROLE:
+        case AUDIT_SUBJ_ROLE:
                switch (op) {
                case AUDIT_EQUAL:
                        match = (ctxt->role == rule->au_ctxt.role);
@@ -1968,7 +1968,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
                        break;
                }
                break;
-        case AUDIT_SE_TYPE:
+        case AUDIT_SUBJ_TYPE:
                switch (op) {
                case AUDIT_EQUAL:
                        match = (ctxt->type == rule->au_ctxt.type);
@@ -1978,9 +1978,9 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
                        break;
                }
                break;
-        case AUDIT_SE_SEN:
+        case AUDIT_SUBJ_SEN:
-        case AUDIT_SE_CLR:
+        case AUDIT_SUBJ_CLR:
-                level = (field == AUDIT_SE_SEN ?
+                level = (field == AUDIT_SUBJ_SEN ?
                         &ctxt->range.level[0] : &ctxt->range.level[1]);
                switch (op) {
                case AUDIT_EQUAL:
author	Darrel Goeddel <dgoeddel@trustedcs.com>	2006-06-29 17:56:39 -0400
committer	Al Viro <viro@zeniv.linux.org.uk>	2006-07-01 05:44:08 -0400
commit	3a6b9f85c641a3b89420b0c8150ed377526a1fe1 (patch)
tree	e44e64edf0620d3f6da443c57540b09882231459 /security
parent	5adc8a6adc91c4c85a64c75a70a619fffc924817 (diff)

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e9548bc049e1..92e80b99d183 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c
@@ -1845,15 +1845,15 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
1845	return -ENOTSUPP;	1845	return -ENOTSUPP;
1846		1846
1847	switch (field) {	1847	switch (field) {
1848	case AUDIT_SE_USER:	1848	case AUDIT_SUBJ_USER:
1849	case AUDIT_SE_ROLE:	1849	case AUDIT_SUBJ_ROLE:
1850	case AUDIT_SE_TYPE:	1850	case AUDIT_SUBJ_TYPE:
1851	/* only 'equals' and 'not equals' fit user, role, and type */	1851	/* only 'equals' and 'not equals' fit user, role, and type */
1852	if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL)	1852	if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL)
1853	return -EINVAL;	1853	return -EINVAL;
1854	break;	1854	break;
1855	case AUDIT_SE_SEN:	1855	case AUDIT_SUBJ_SEN:
1856	case AUDIT_SE_CLR:	1856	case AUDIT_SUBJ_CLR:
1857	/* we do not allow a range, indicated by the presense of '-' */	1857	/* we do not allow a range, indicated by the presense of '-' */
1858	if (strchr(rulestr, '-'))	1858	if (strchr(rulestr, '-'))
1859	return -EINVAL;	1859	return -EINVAL;
@@ -1874,29 +1874,29 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
1874	tmprule->au_seqno = latest_granting;	1874	tmprule->au_seqno = latest_granting;
1875		1875
1876	switch (field) {	1876	switch (field) {
1877	case AUDIT_SE_USER:	1877	case AUDIT_SUBJ_USER:
1878	userdatum = hashtab_search(policydb.p_users.table, rulestr);	1878	userdatum = hashtab_search(policydb.p_users.table, rulestr);
1879	if (!userdatum)	1879	if (!userdatum)
1880	rc = -EINVAL;	1880	rc = -EINVAL;
1881	else	1881	else
1882	tmprule->au_ctxt.user = userdatum->value;	1882	tmprule->au_ctxt.user = userdatum->value;
1883	break;	1883	break;
1884	case AUDIT_SE_ROLE:	1884	case AUDIT_SUBJ_ROLE:
1885	roledatum = hashtab_search(policydb.p_roles.table, rulestr);	1885	roledatum = hashtab_search(policydb.p_roles.table, rulestr);
1886	if (!roledatum)	1886	if (!roledatum)
1887	rc = -EINVAL;	1887	rc = -EINVAL;
1888	else	1888	else
1889	tmprule->au_ctxt.role = roledatum->value;	1889	tmprule->au_ctxt.role = roledatum->value;
1890	break;	1890	break;
1891	case AUDIT_SE_TYPE:	1891	case AUDIT_SUBJ_TYPE:
1892	typedatum = hashtab_search(policydb.p_types.table, rulestr);	1892	typedatum = hashtab_search(policydb.p_types.table, rulestr);
1893	if (!typedatum)	1893	if (!typedatum)
1894	rc = -EINVAL;	1894	rc = -EINVAL;
1895	else	1895	else
1896	tmprule->au_ctxt.type = typedatum->value;	1896	tmprule->au_ctxt.type = typedatum->value;
1897	break;	1897	break;
1898	case AUDIT_SE_SEN:	1898	case AUDIT_SUBJ_SEN:
1899	case AUDIT_SE_CLR:	1899	case AUDIT_SUBJ_CLR:
1900	rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC);	1900	rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC);
1901	break;	1901	break;
1902	}	1902	}
@@ -1948,7 +1948,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
1948	/* a field/op pair that is not caught here will simply fall through	1948	/* a field/op pair that is not caught here will simply fall through
1949	without a match */	1949	without a match */
1950	switch (field) {	1950	switch (field) {
1951	case AUDIT_SE_USER:	1951	case AUDIT_SUBJ_USER:
1952	switch (op) {	1952	switch (op) {
1953	case AUDIT_EQUAL:	1953	case AUDIT_EQUAL:
1954	match = (ctxt->user == rule->au_ctxt.user);	1954	match = (ctxt->user == rule->au_ctxt.user);
@@ -1958,7 +1958,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
1958	break;	1958	break;
1959	}	1959	}
1960	break;	1960	break;
1961	case AUDIT_SE_ROLE:	1961	case AUDIT_SUBJ_ROLE:
1962	switch (op) {	1962	switch (op) {
1963	case AUDIT_EQUAL:	1963	case AUDIT_EQUAL:
1964	match = (ctxt->role == rule->au_ctxt.role);	1964	match = (ctxt->role == rule->au_ctxt.role);
@@ -1968,7 +1968,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
1968	break;	1968	break;
1969	}	1969	}
1970	break;	1970	break;
1971	case AUDIT_SE_TYPE:	1971	case AUDIT_SUBJ_TYPE:
1972	switch (op) {	1972	switch (op) {
1973	case AUDIT_EQUAL:	1973	case AUDIT_EQUAL:
1974	match = (ctxt->type == rule->au_ctxt.type);	1974	match = (ctxt->type == rule->au_ctxt.type);
@@ -1978,9 +1978,9 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
1978	break;	1978	break;
1979	}	1979	}
1980	break;	1980	break;
1981	case AUDIT_SE_SEN:	1981	case AUDIT_SUBJ_SEN:
1982	case AUDIT_SE_CLR:	1982	case AUDIT_SUBJ_CLR:
1983	level = (field == AUDIT_SE_SEN ?	1983	level = (field == AUDIT_SUBJ_SEN ?
1984	&ctxt->range.level[0] : &ctxt->range.level[1]);	1984	&ctxt->range.level[0] : &ctxt->range.level[1]);
1985	switch (op) {	1985	switch (op) {
1986	case AUDIT_EQUAL:	1986	case AUDIT_EQUAL: