aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/audit.h
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/audit.h')
-rw-r--r--kernel/audit.h38
1 files changed, 13 insertions, 25 deletions
diff --git a/kernel/audit.h b/kernel/audit.h
index 2554bd524fd1..9d6717412fec 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -65,40 +65,20 @@ struct audit_watch {
65 struct list_head rules; /* associated rules */ 65 struct list_head rules; /* associated rules */
66}; 66};
67 67
68struct audit_field {
69 u32 type;
70 u32 val;
71 u32 op;
72 char *se_str;
73 struct selinux_audit_rule *se_rule;
74};
75
76struct audit_tree; 68struct audit_tree;
77struct audit_chunk; 69struct audit_chunk;
78 70
79struct audit_krule {
80 int vers_ops;
81 u32 flags;
82 u32 listnr;
83 u32 action;
84 u32 mask[AUDIT_BITMASK_SIZE];
85 u32 buflen; /* for data alloc on list rules */
86 u32 field_count;
87 char *filterkey; /* ties events to rules */
88 struct audit_field *fields;
89 struct audit_field *arch_f; /* quick access to arch field */
90 struct audit_field *inode_f; /* quick access to an inode field */
91 struct audit_watch *watch; /* associated watch */
92 struct audit_tree *tree; /* associated watched tree */
93 struct list_head rlist; /* entry in audit_{watch,tree}.rules list */
94};
95
96struct audit_entry { 71struct audit_entry {
97 struct list_head list; 72 struct list_head list;
98 struct rcu_head rcu; 73 struct rcu_head rcu;
99 struct audit_krule rule; 74 struct audit_krule rule;
100}; 75};
101 76
77#ifdef CONFIG_AUDIT
78extern int audit_enabled;
79extern int audit_ever_enabled;
80#endif
81
102extern int audit_pid; 82extern int audit_pid;
103 83
104#define AUDIT_INODE_BUCKETS 32 84#define AUDIT_INODE_BUCKETS 32
@@ -129,6 +109,9 @@ struct audit_netlink_list {
129int audit_send_list(void *); 109int audit_send_list(void *);
130 110
131struct inotify_watch; 111struct inotify_watch;
112/* Inotify handle */
113extern struct inotify_handle *audit_ih;
114
132extern void audit_free_parent(struct inotify_watch *); 115extern void audit_free_parent(struct inotify_watch *);
133extern void audit_handle_ievent(struct inotify_watch *, u32, u32, u32, 116extern void audit_handle_ievent(struct inotify_watch *, u32, u32, u32,
134 const char *, struct inode *); 117 const char *, struct inode *);
@@ -136,6 +119,7 @@ extern int selinux_audit_rule_update(void);
136 119
137extern struct mutex audit_filter_mutex; 120extern struct mutex audit_filter_mutex;
138extern void audit_free_rule_rcu(struct rcu_head *); 121extern void audit_free_rule_rcu(struct rcu_head *);
122extern struct list_head audit_filter_list[];
139 123
140#ifdef CONFIG_AUDIT_TREE 124#ifdef CONFIG_AUDIT_TREE
141extern struct audit_chunk *audit_tree_lookup(const struct inode *); 125extern struct audit_chunk *audit_tree_lookup(const struct inode *);
@@ -162,6 +146,10 @@ extern void audit_put_tree(struct audit_tree *);
162 146
163extern char *audit_unpack_string(void **, size_t *, size_t); 147extern char *audit_unpack_string(void **, size_t *, size_t);
164 148
149extern pid_t audit_sig_pid;
150extern uid_t audit_sig_uid;
151extern u32 audit_sig_sid;
152
165#ifdef CONFIG_AUDITSYSCALL 153#ifdef CONFIG_AUDITSYSCALL
166extern int __audit_signal_info(int sig, struct task_struct *t); 154extern int __audit_signal_info(int sig, struct task_struct *t);
167static inline int audit_signal_info(int sig, struct task_struct *t) 155static inline int audit_signal_info(int sig, struct task_struct *t)
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-28 11:32:47 -0400