3 files changed, 30 insertions, 0 deletions
diff --git a/include/asm-generic/audit_read.h b/include/asm-generic/audit_read.h
new file mode 100644
index 000000000000..0e87464d9847
--- /dev/null
+++ b/include/asm-generic/audit_read.h
@@ -0,0 +1,8 @@
+__NR_readlink,
+__NR_quotactl,
+__NR_listxattr,
+__NR_llistxattr,
+__NR_flistxattr,
+__NR_getxattr,
+__NR_lgetxattr,
+__NR_fgetxattr,
diff --git a/include/asm-generic/audit_write.h b/include/asm-generic/audit_write.h
new file mode 100644
index 000000000000..f10d367fb2a5
--- /dev/null
+++ b/include/asm-generic/audit_write.h
@@ -0,0 +1,11 @@
+#include <asm-generic/audit_dir_write.h>
+__NR_acct,
+__NR_swapon,
+__NR_quotactl,
+__NR_truncate,
+#ifdef __NR_truncate64
+__NR_truncate64,
+#endif
+#ifdef __NR_bind
+__NR_bind,              /* bind can affect fs object only in one way... */
+#endif
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 64f9f9e56ac5..40a6c26294ae 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -132,6 +132,10 @@
 #define AUDIT_CLASS_DIR_WRITE_32 1
 #define AUDIT_CLASS_CHATTR 2
 #define AUDIT_CLASS_CHATTR_32 3
+#define AUDIT_CLASS_READ 4
+#define AUDIT_CLASS_READ_32 5
+#define AUDIT_CLASS_WRITE 6
+#define AUDIT_CLASS_WRITE_32 7
 /* This bitmask is used to validate user input.  It represents all bits that
 * are currently used in an audit field constant understood by the kernel.
@@ -177,6 +181,7 @@
 #define AUDIT_EXIT      103
 #define AUDIT_SUCCESS   104     /* exit >= 0; value ignored */
 #define AUDIT_WATCH     105
+#define AUDIT_PERM      106
 #define AUDIT_ARG0      200
 #define AUDIT_ARG1      (AUDIT_ARG0+1)
@@ -252,6 +257,11 @@
 #define AUDIT_ARCH_V850         (EM_V850|__AUDIT_ARCH_LE)
 #define AUDIT_ARCH_X86_64       (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+#define AUDIT_PERM_EXEC         1
+#define AUDIT_PERM_WRITE        2
+#define AUDIT_PERM_READ         4
+#define AUDIT_PERM_ATTR         8
 struct audit_status {
        __u32           mask;           /* Bit mask for valid entries */
        __u32           enabled;        /* 1 = enabled, 0 = disabled */
@@ -314,6 +324,7 @@ struct mqstat;
 #define AUDITSC_FAILURE 2
 #define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
 extern int __init audit_register_class(int class, unsigned *list);
+extern int audit_classify_syscall(int abi, unsigned syscall);
 #ifdef CONFIG_AUDITSYSCALL
 /* These are defined in auditsc.c */
                                /* Public API */

diff --git a/include/asm-generic/audit_read.h b/include/asm-generic/audit_read.h new file mode 100644 index 000000000000..0e87464d9847 --- /dev/null +++ b/include/asm-generic/audit_read.h
@@ -0,0 +1,8 @@
		1	__NR_readlink,
		2	__NR_quotactl,
		3	__NR_listxattr,
		4	__NR_llistxattr,
		5	__NR_flistxattr,
		6	__NR_getxattr,
		7	__NR_lgetxattr,
		8	__NR_fgetxattr,


diff --git a/include/asm-generic/audit_write.h b/include/asm-generic/audit_write.h new file mode 100644 index 000000000000..f10d367fb2a5 --- /dev/null +++ b/include/asm-generic/audit_write.h
@@ -0,0 +1,11 @@
		1	#include <asm-generic/audit_dir_write.h>
		2	__NR_acct,
		3	__NR_swapon,
		4	__NR_quotactl,
		5	__NR_truncate,
		6	#ifdef __NR_truncate64
		7	__NR_truncate64,
		8	#endif
		9	#ifdef __NR_bind
		10	__NR_bind, /* bind can affect fs object only in one way... */
		11	#endif


diff --git a/include/linux/audit.h b/include/linux/audit.h index 64f9f9e56ac5..40a6c26294ae 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -132,6 +132,10 @@
132	#define AUDIT_CLASS_DIR_WRITE_32 1	132	#define AUDIT_CLASS_DIR_WRITE_32 1
133	#define AUDIT_CLASS_CHATTR 2	133	#define AUDIT_CLASS_CHATTR 2
134	#define AUDIT_CLASS_CHATTR_32 3	134	#define AUDIT_CLASS_CHATTR_32 3
		135	#define AUDIT_CLASS_READ 4
		136	#define AUDIT_CLASS_READ_32 5
		137	#define AUDIT_CLASS_WRITE 6
		138	#define AUDIT_CLASS_WRITE_32 7
135		139
136	/* This bitmask is used to validate user input. It represents all bits that	140	/* This bitmask is used to validate user input. It represents all bits that
137	* are currently used in an audit field constant understood by the kernel.	141	* are currently used in an audit field constant understood by the kernel.
@@ -177,6 +181,7 @@
177	#define AUDIT_EXIT 103	181	#define AUDIT_EXIT 103
178	#define AUDIT_SUCCESS 104 /* exit >= 0; value ignored */	182	#define AUDIT_SUCCESS 104 /* exit >= 0; value ignored */
179	#define AUDIT_WATCH 105	183	#define AUDIT_WATCH 105
		184	#define AUDIT_PERM 106
180		185
181	#define AUDIT_ARG0 200	186	#define AUDIT_ARG0 200
182	#define AUDIT_ARG1 (AUDIT_ARG0+1)	187	#define AUDIT_ARG1 (AUDIT_ARG0+1)
@@ -252,6 +257,11 @@
252	#define AUDIT_ARCH_V850 (EM_V850\|__AUDIT_ARCH_LE)	257	#define AUDIT_ARCH_V850 (EM_V850\|__AUDIT_ARCH_LE)
253	#define AUDIT_ARCH_X86_64 (EM_X86_64\|__AUDIT_ARCH_64BIT\|__AUDIT_ARCH_LE)	258	#define AUDIT_ARCH_X86_64 (EM_X86_64\|__AUDIT_ARCH_64BIT\|__AUDIT_ARCH_LE)
254		259
		260	#define AUDIT_PERM_EXEC 1
		261	#define AUDIT_PERM_WRITE 2
		262	#define AUDIT_PERM_READ 4
		263	#define AUDIT_PERM_ATTR 8
		264
255	struct audit_status {	265	struct audit_status {
256	__u32 mask; /* Bit mask for valid entries */	266	__u32 mask; /* Bit mask for valid entries */
257	__u32 enabled; /* 1 = enabled, 0 = disabled */	267	__u32 enabled; /* 1 = enabled, 0 = disabled */
@@ -314,6 +324,7 @@ struct mqstat;
314	#define AUDITSC_FAILURE 2	324	#define AUDITSC_FAILURE 2
315	#define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )	325	#define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
316	extern int __init audit_register_class(int class, unsigned *list);	326	extern int __init audit_register_class(int class, unsigned *list);
		327	extern int audit_classify_syscall(int abi, unsigned syscall);
317	#ifdef CONFIG_AUDITSYSCALL	328	#ifdef CONFIG_AUDITSYSCALL
318	/* These are defined in auditsc.c */	329	/* These are defined in auditsc.c */
319	/* Public API */	330	/* Public API */