1 files changed, 33 insertions, 1 deletions
diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h
index f78f83d7663f..112a55033352 100644
--- a/include/linux/lsm_audit.h
+++ b/include/linux/lsm_audit.h
@@ -33,7 +33,7 @@ struct common_audit_data {
 #define LSM_AUDIT_DATA_IPC      4
 #define LSM_AUDIT_DATA_TASK     5
 #define LSM_AUDIT_DATA_KEY      6
-#define LSM_AUDIT_NO_AUDIT      7
+#define LSM_AUDIT_DATA_NONE     7
 #define LSM_AUDIT_DATA_KMOD     8
        struct task_struct *tsk;
        union   {
@@ -90,10 +90,42 @@ struct common_audit_data {
                        u32 requested;
                        u32 audited;
                        u32 denied;
+                        /*
+                         * auditdeny is a bit tricky and unintuitive.  See the
+                         * comments in avc.c for it's meaning and usage.
+                         */
+                        u32 auditdeny;
                        struct av_decision *avd;
                        int result;
                } selinux_audit_data;
 #endif
+#ifdef CONFIG_SECURITY_APPARMOR
+                struct {
+                        int error;
+                        int op;
+                        int type;
+                        void *profile;
+                        const char *name;
+                        const char *info;
+                        union {
+                                void *target;
+                                struct {
+                                        long pos;
+                                        void *target;
+                                } iface;
+                                struct {
+                                        int rlim;
+                                        unsigned long max;
+                                } rlim;
+                                struct {
+                                        const char *target;
+                                        u32 request;
+                                        u32 denied;
+                                        uid_t ouid;
+                                } fs;
+                        };
+                } apparmor_audit_data;
+#endif
        };
        /* these callback will be implemented by a specific LSM */
        void (*lsm_pre_audit)(struct audit_buffer *, void *);

diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h index f78f83d7663f..112a55033352 100644 --- a/include/linux/lsm_audit.h +++ b/include/linux/lsm_audit.h
@@ -33,7 +33,7 @@ struct common_audit_data {
33	#define LSM_AUDIT_DATA_IPC 4	33	#define LSM_AUDIT_DATA_IPC 4
34	#define LSM_AUDIT_DATA_TASK 5	34	#define LSM_AUDIT_DATA_TASK 5
35	#define LSM_AUDIT_DATA_KEY 6	35	#define LSM_AUDIT_DATA_KEY 6
36	#define LSM_AUDIT_NO_AUDIT 7	36	#define LSM_AUDIT_DATA_NONE 7
37	#define LSM_AUDIT_DATA_KMOD 8	37	#define LSM_AUDIT_DATA_KMOD 8
38	struct task_struct *tsk;	38	struct task_struct *tsk;
39	union {	39	union {
@@ -90,10 +90,42 @@ struct common_audit_data {
90	u32 requested;	90	u32 requested;
91	u32 audited;	91	u32 audited;
92	u32 denied;	92	u32 denied;
		93	/*
		94	* auditdeny is a bit tricky and unintuitive. See the
		95	* comments in avc.c for it's meaning and usage.
		96	*/
		97	u32 auditdeny;
93	struct av_decision *avd;	98	struct av_decision *avd;
94	int result;	99	int result;
95	} selinux_audit_data;	100	} selinux_audit_data;
96	#endif	101	#endif
		102	#ifdef CONFIG_SECURITY_APPARMOR
		103	struct {
		104	int error;
		105	int op;
		106	int type;
		107	void *profile;
		108	const char *name;
		109	const char *info;
		110	union {
		111	void *target;
		112	struct {
		113	long pos;
		114	void *target;
		115	} iface;
		116	struct {
		117	int rlim;
		118	unsigned long max;
		119	} rlim;
		120	struct {
		121	const char *target;
		122	u32 request;
		123	u32 denied;
		124	uid_t ouid;
		125	} fs;
		126	};
		127	} apparmor_audit_data;
		128	#endif
97	};	129	};
98	/* these callback will be implemented by a specific LSM */	130	/* these callback will be implemented by a specific LSM */
99	void (lsm_pre_audit)(struct audit_buffer , void *);	131	void (lsm_pre_audit)(struct audit_buffer , void *);