diff options
Diffstat (limited to 'kernel/audit.h')
-rw-r--r-- | kernel/audit.h | 38 |
1 files changed, 13 insertions, 25 deletions
diff --git a/kernel/audit.h b/kernel/audit.h index 2554bd524fd1..9d6717412fec 100644 --- a/kernel/audit.h +++ b/kernel/audit.h | |||
@@ -65,40 +65,20 @@ struct audit_watch { | |||
65 | struct list_head rules; /* associated rules */ | 65 | struct list_head rules; /* associated rules */ |
66 | }; | 66 | }; |
67 | 67 | ||
68 | struct audit_field { | ||
69 | u32 type; | ||
70 | u32 val; | ||
71 | u32 op; | ||
72 | char *se_str; | ||
73 | struct selinux_audit_rule *se_rule; | ||
74 | }; | ||
75 | |||
76 | struct audit_tree; | 68 | struct audit_tree; |
77 | struct audit_chunk; | 69 | struct audit_chunk; |
78 | 70 | ||
79 | struct audit_krule { | ||
80 | int vers_ops; | ||
81 | u32 flags; | ||
82 | u32 listnr; | ||
83 | u32 action; | ||
84 | u32 mask[AUDIT_BITMASK_SIZE]; | ||
85 | u32 buflen; /* for data alloc on list rules */ | ||
86 | u32 field_count; | ||
87 | char *filterkey; /* ties events to rules */ | ||
88 | struct audit_field *fields; | ||
89 | struct audit_field *arch_f; /* quick access to arch field */ | ||
90 | struct audit_field *inode_f; /* quick access to an inode field */ | ||
91 | struct audit_watch *watch; /* associated watch */ | ||
92 | struct audit_tree *tree; /* associated watched tree */ | ||
93 | struct list_head rlist; /* entry in audit_{watch,tree}.rules list */ | ||
94 | }; | ||
95 | |||
96 | struct audit_entry { | 71 | struct audit_entry { |
97 | struct list_head list; | 72 | struct list_head list; |
98 | struct rcu_head rcu; | 73 | struct rcu_head rcu; |
99 | struct audit_krule rule; | 74 | struct audit_krule rule; |
100 | }; | 75 | }; |
101 | 76 | ||
77 | #ifdef CONFIG_AUDIT | ||
78 | extern int audit_enabled; | ||
79 | extern int audit_ever_enabled; | ||
80 | #endif | ||
81 | |||
102 | extern int audit_pid; | 82 | extern int audit_pid; |
103 | 83 | ||
104 | #define AUDIT_INODE_BUCKETS 32 | 84 | #define AUDIT_INODE_BUCKETS 32 |
@@ -129,6 +109,9 @@ struct audit_netlink_list { | |||
129 | int audit_send_list(void *); | 109 | int audit_send_list(void *); |
130 | 110 | ||
131 | struct inotify_watch; | 111 | struct inotify_watch; |
112 | /* Inotify handle */ | ||
113 | extern struct inotify_handle *audit_ih; | ||
114 | |||
132 | extern void audit_free_parent(struct inotify_watch *); | 115 | extern void audit_free_parent(struct inotify_watch *); |
133 | extern void audit_handle_ievent(struct inotify_watch *, u32, u32, u32, | 116 | extern void audit_handle_ievent(struct inotify_watch *, u32, u32, u32, |
134 | const char *, struct inode *); | 117 | const char *, struct inode *); |
@@ -136,6 +119,7 @@ extern int selinux_audit_rule_update(void); | |||
136 | 119 | ||
137 | extern struct mutex audit_filter_mutex; | 120 | extern struct mutex audit_filter_mutex; |
138 | extern void audit_free_rule_rcu(struct rcu_head *); | 121 | extern void audit_free_rule_rcu(struct rcu_head *); |
122 | extern struct list_head audit_filter_list[]; | ||
139 | 123 | ||
140 | #ifdef CONFIG_AUDIT_TREE | 124 | #ifdef CONFIG_AUDIT_TREE |
141 | extern struct audit_chunk *audit_tree_lookup(const struct inode *); | 125 | extern struct audit_chunk *audit_tree_lookup(const struct inode *); |
@@ -162,6 +146,10 @@ extern void audit_put_tree(struct audit_tree *); | |||
162 | 146 | ||
163 | extern char *audit_unpack_string(void **, size_t *, size_t); | 147 | extern char *audit_unpack_string(void **, size_t *, size_t); |
164 | 148 | ||
149 | extern pid_t audit_sig_pid; | ||
150 | extern uid_t audit_sig_uid; | ||
151 | extern u32 audit_sig_sid; | ||
152 | |||
165 | #ifdef CONFIG_AUDITSYSCALL | 153 | #ifdef CONFIG_AUDITSYSCALL |
166 | extern int __audit_signal_info(int sig, struct task_struct *t); | 154 | extern int __audit_signal_info(int sig, struct task_struct *t); |
167 | static inline int audit_signal_info(int sig, struct task_struct *t) | 155 | static inline int audit_signal_info(int sig, struct task_struct *t) |