aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/audit.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/audit.h')
-rw-r--r--include/linux/audit.h25
1 files changed, 20 insertions, 5 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index e051ff9c5b50..b27d7debc5a1 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -122,10 +122,17 @@
122/* Rule structure sizes -- if these change, different AUDIT_ADD and 122/* Rule structure sizes -- if these change, different AUDIT_ADD and
123 * AUDIT_LIST commands must be implemented. */ 123 * AUDIT_LIST commands must be implemented. */
124#define AUDIT_MAX_FIELDS 64 124#define AUDIT_MAX_FIELDS 64
125#define AUDIT_MAX_KEY_LEN 32
125#define AUDIT_BITMASK_SIZE 64 126#define AUDIT_BITMASK_SIZE 64
126#define AUDIT_WORD(nr) ((__u32)((nr)/32)) 127#define AUDIT_WORD(nr) ((__u32)((nr)/32))
127#define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32)) 128#define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32))
128 129
130#define AUDIT_SYSCALL_CLASSES 16
131#define AUDIT_CLASS_DIR_WRITE 0
132#define AUDIT_CLASS_DIR_WRITE_32 1
133#define AUDIT_CLASS_CHATTR 2
134#define AUDIT_CLASS_CHATTR_32 3
135
129/* This bitmask is used to validate user input. It represents all bits that 136/* This bitmask is used to validate user input. It represents all bits that
130 * are currently used in an audit field constant understood by the kernel. 137 * are currently used in an audit field constant understood by the kernel.
131 * If you are adding a new #define AUDIT_<whatever>, please ensure that 138 * If you are adding a new #define AUDIT_<whatever>, please ensure that
@@ -150,12 +157,17 @@
150#define AUDIT_PERS 10 157#define AUDIT_PERS 10
151#define AUDIT_ARCH 11 158#define AUDIT_ARCH 11
152#define AUDIT_MSGTYPE 12 159#define AUDIT_MSGTYPE 12
153#define AUDIT_SE_USER 13 /* security label user */ 160#define AUDIT_SUBJ_USER 13 /* security label user */
154#define AUDIT_SE_ROLE 14 /* security label role */ 161#define AUDIT_SUBJ_ROLE 14 /* security label role */
155#define AUDIT_SE_TYPE 15 /* security label type */ 162#define AUDIT_SUBJ_TYPE 15 /* security label type */
156#define AUDIT_SE_SEN 16 /* security label sensitivity label */ 163#define AUDIT_SUBJ_SEN 16 /* security label sensitivity label */
157#define AUDIT_SE_CLR 17 /* security label clearance label */ 164#define AUDIT_SUBJ_CLR 17 /* security label clearance label */
158#define AUDIT_PPID 18 165#define AUDIT_PPID 18
166#define AUDIT_OBJ_USER 19
167#define AUDIT_OBJ_ROLE 20
168#define AUDIT_OBJ_TYPE 21
169#define AUDIT_OBJ_LEV_LOW 22
170#define AUDIT_OBJ_LEV_HIGH 23
159 171
160 /* These are ONLY useful when checking 172 /* These are ONLY useful when checking
161 * at syscall exit time (AUDIT_AT_EXIT). */ 173 * at syscall exit time (AUDIT_AT_EXIT). */
@@ -171,6 +183,8 @@
171#define AUDIT_ARG2 (AUDIT_ARG0+2) 183#define AUDIT_ARG2 (AUDIT_ARG0+2)
172#define AUDIT_ARG3 (AUDIT_ARG0+3) 184#define AUDIT_ARG3 (AUDIT_ARG0+3)
173 185
186#define AUDIT_FILTERKEY 210
187
174#define AUDIT_NEGATE 0x80000000 188#define AUDIT_NEGATE 0x80000000
175 189
176/* These are the supported operators. 190/* These are the supported operators.
@@ -299,6 +313,7 @@ struct mqstat;
299#define AUDITSC_SUCCESS 1 313#define AUDITSC_SUCCESS 1
300#define AUDITSC_FAILURE 2 314#define AUDITSC_FAILURE 2
301#define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS ) 315#define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
316extern int __init audit_register_class(int class, unsigned *list);
302#ifdef CONFIG_AUDITSYSCALL 317#ifdef CONFIG_AUDITSYSCALL
303/* These are defined in auditsc.c */ 318/* These are defined in auditsc.c */
304 /* Public API */ 319 /* Public API */
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-16 18:57:46 -0500