1 files changed, 28 insertions, 1 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index da3c01955f3d..2408cb77899c 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -98,6 +98,13 @@
 #define AUDIT_WORD(nr) ((__u32)((nr)/32))
 #define AUDIT_BIT(nr)  (1 << ((nr) - AUDIT_WORD(nr)*32))
+/* This bitmask is used to validate user input.  It represents all bits that
+ * are currently used in an audit field constant understood by the kernel.
+ * If you are adding a new #define AUDIT_<whatever>, please ensure that
+ * AUDIT_UNUSED_BITS is updated if need be. */
+#define AUDIT_UNUSED_BITS       0x0FFFFC00
 /* Rule fields */
                                /* These are useful when checking the
                                 * task structure at task creation time
@@ -128,8 +135,28 @@
 #define AUDIT_ARG2      (AUDIT_ARG0+2)
 #define AUDIT_ARG3      (AUDIT_ARG0+3)
-#define AUDIT_NEGATE    0x80000000
+#define AUDIT_NEGATE                    0x80000000
+/* These are the supported operators.
+ *      4  2  1
+ *      =  >  <
+ *      -------
+ *      0  0  0         0       nonsense
+ *      0  0  1         1       <
+ *      0  1  0         2       >
+ *      0  1  1         3       !=
+ *      1  0  0         4       =
+ *      1  0  1         5       <=
+ *      1  1  0         6       >=
+ *      1  1  1         7       all operators
+ */
+#define AUDIT_LESS_THAN                 0x10000000
+#define AUDIT_GREATER_THAN              0x20000000
+#define AUDIT_NOT_EQUAL                 0x30000000
+#define AUDIT_EQUAL                     0x40000000
+#define AUDIT_LESS_THAN_OR_EQUAL        (AUDIT_LESS_THAN|AUDIT_EQUAL)
+#define AUDIT_GREATER_THAN_OR_EQUAL     (AUDIT_GREATER_THAN|AUDIT_EQUAL)
+#define AUDIT_OPERATORS                 (AUDIT_EQUAL|AUDIT_NOT_EQUAL)
 /* Status symbols */
                                /* Mask values */

diff --git a/include/linux/audit.h b/include/linux/audit.h index da3c01955f3d..2408cb77899c 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -98,6 +98,13 @@
98	#define AUDIT_WORD(nr) ((__u32)((nr)/32))	98	#define AUDIT_WORD(nr) ((__u32)((nr)/32))
99	#define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32))	99	#define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32))
100		100
		101	/* This bitmask is used to validate user input. It represents all bits that
		102	* are currently used in an audit field constant understood by the kernel.
		103	* If you are adding a new #define AUDIT_<whatever>, please ensure that
		104	* AUDIT_UNUSED_BITS is updated if need be. */
		105	#define AUDIT_UNUSED_BITS 0x0FFFFC00
		106
		107
101	/* Rule fields */	108	/* Rule fields */
102	/* These are useful when checking the	109	/* These are useful when checking the
103	* task structure at task creation time	110	* task structure at task creation time
@@ -128,8 +135,28 @@
128	#define AUDIT_ARG2 (AUDIT_ARG0+2)	135	#define AUDIT_ARG2 (AUDIT_ARG0+2)
129	#define AUDIT_ARG3 (AUDIT_ARG0+3)	136	#define AUDIT_ARG3 (AUDIT_ARG0+3)
130		137
131	#define AUDIT_NEGATE 0x80000000	138	#define AUDIT_NEGATE 0x80000000
132		139
		140	/* These are the supported operators.
		141	* 4 2 1
		142	* = > <
		143	* -------
		144	* 0 0 0 0 nonsense
		145	* 0 0 1 1 <
		146	* 0 1 0 2 >
		147	* 0 1 1 3 !=
		148	* 1 0 0 4 =
		149	* 1 0 1 5 <=
		150	* 1 1 0 6 >=
		151	* 1 1 1 7 all operators
		152	*/
		153	#define AUDIT_LESS_THAN 0x10000000
		154	#define AUDIT_GREATER_THAN 0x20000000
		155	#define AUDIT_NOT_EQUAL 0x30000000
		156	#define AUDIT_EQUAL 0x40000000
		157	#define AUDIT_LESS_THAN_OR_EQUAL (AUDIT_LESS_THAN\|AUDIT_EQUAL)
		158	#define AUDIT_GREATER_THAN_OR_EQUAL (AUDIT_GREATER_THAN\|AUDIT_EQUAL)
		159	#define AUDIT_OPERATORS (AUDIT_EQUAL\|AUDIT_NOT_EQUAL)
133		160
134	/* Status symbols */	161	/* Status symbols */
135	/* Mask values */	162	/* Mask values */