diff options
Diffstat (limited to 'kernel/audit.h')
-rw-r--r-- | kernel/audit.h | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/kernel/audit.h b/kernel/audit.h index 52cb1e31d522..58fa44cb8d01 100644 --- a/kernel/audit.h +++ b/kernel/audit.h | |||
@@ -19,7 +19,6 @@ | |||
19 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | 19 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
20 | */ | 20 | */ |
21 | 21 | ||
22 | #include <linux/mutex.h> | ||
23 | #include <linux/fs.h> | 22 | #include <linux/fs.h> |
24 | #include <linux/audit.h> | 23 | #include <linux/audit.h> |
25 | #include <linux/skbuff.h> | 24 | #include <linux/skbuff.h> |
@@ -54,6 +53,18 @@ enum audit_state { | |||
54 | }; | 53 | }; |
55 | 54 | ||
56 | /* Rule lists */ | 55 | /* Rule lists */ |
56 | struct audit_parent; | ||
57 | |||
58 | struct audit_watch { | ||
59 | atomic_t count; /* reference count */ | ||
60 | char *path; /* insertion path */ | ||
61 | dev_t dev; /* associated superblock device */ | ||
62 | unsigned long ino; /* associated inode number */ | ||
63 | struct audit_parent *parent; /* associated parent */ | ||
64 | struct list_head wlist; /* entry in parent->watches list */ | ||
65 | struct list_head rules; /* associated rules */ | ||
66 | }; | ||
67 | |||
57 | struct audit_field { | 68 | struct audit_field { |
58 | u32 type; | 69 | u32 type; |
59 | u32 val; | 70 | u32 val; |
@@ -71,6 +82,9 @@ struct audit_krule { | |||
71 | u32 buflen; /* for data alloc on list rules */ | 82 | u32 buflen; /* for data alloc on list rules */ |
72 | u32 field_count; | 83 | u32 field_count; |
73 | struct audit_field *fields; | 84 | struct audit_field *fields; |
85 | struct audit_field *inode_f; /* quick access to an inode field */ | ||
86 | struct audit_watch *watch; /* associated watch */ | ||
87 | struct list_head rlist; /* entry in audit_watch.rules list */ | ||
74 | }; | 88 | }; |
75 | 89 | ||
76 | struct audit_entry { | 90 | struct audit_entry { |
@@ -79,10 +93,18 @@ struct audit_entry { | |||
79 | struct audit_krule rule; | 93 | struct audit_krule rule; |
80 | }; | 94 | }; |
81 | 95 | ||
82 | |||
83 | extern int audit_pid; | 96 | extern int audit_pid; |
84 | extern int audit_comparator(const u32 left, const u32 op, const u32 right); | ||
85 | 97 | ||
98 | #define AUDIT_INODE_BUCKETS 32 | ||
99 | extern struct list_head audit_inode_hash[AUDIT_INODE_BUCKETS]; | ||
100 | |||
101 | static inline int audit_hash_ino(u32 ino) | ||
102 | { | ||
103 | return (ino & (AUDIT_INODE_BUCKETS-1)); | ||
104 | } | ||
105 | |||
106 | extern int audit_comparator(const u32 left, const u32 op, const u32 right); | ||
107 | extern int audit_compare_dname_path(const char *dname, const char *path); | ||
86 | extern struct sk_buff * audit_make_reply(int pid, int seq, int type, | 108 | extern struct sk_buff * audit_make_reply(int pid, int seq, int type, |
87 | int done, int multi, | 109 | int done, int multi, |
88 | void *payload, int size); | 110 | void *payload, int size); |
@@ -91,7 +113,6 @@ extern void audit_send_reply(int pid, int seq, int type, | |||
91 | void *payload, int size); | 113 | void *payload, int size); |
92 | extern void audit_log_lost(const char *message); | 114 | extern void audit_log_lost(const char *message); |
93 | extern void audit_panic(const char *message); | 115 | extern void audit_panic(const char *message); |
94 | extern struct mutex audit_netlink_mutex; | ||
95 | 116 | ||
96 | struct audit_netlink_list { | 117 | struct audit_netlink_list { |
97 | int pid; | 118 | int pid; |
@@ -100,6 +121,10 @@ struct audit_netlink_list { | |||
100 | 121 | ||
101 | int audit_send_list(void *); | 122 | int audit_send_list(void *); |
102 | 123 | ||
124 | struct inotify_watch; | ||
125 | extern void audit_free_parent(struct inotify_watch *); | ||
126 | extern void audit_handle_ievent(struct inotify_watch *, u32, u32, u32, | ||
127 | const char *, struct inode *); | ||
103 | extern int selinux_audit_rule_update(void); | 128 | extern int selinux_audit_rule_update(void); |
104 | 129 | ||
105 | #ifdef CONFIG_AUDITSYSCALL | 130 | #ifdef CONFIG_AUDITSYSCALL |
@@ -109,6 +134,11 @@ static inline void audit_signal_info(int sig, struct task_struct *t) | |||
109 | if (unlikely(audit_pid && t->tgid == audit_pid)) | 134 | if (unlikely(audit_pid && t->tgid == audit_pid)) |
110 | __audit_signal_info(sig, t); | 135 | __audit_signal_info(sig, t); |
111 | } | 136 | } |
137 | extern enum audit_state audit_filter_inodes(struct task_struct *, | ||
138 | struct audit_context *); | ||
139 | extern void audit_set_auditable(struct audit_context *); | ||
112 | #else | 140 | #else |
113 | #define audit_signal_info(s,t) | 141 | #define audit_signal_info(s,t) |
142 | #define audit_filter_inodes(t,c) AUDIT_DISABLED | ||
143 | #define audit_set_auditable(c) | ||
114 | #endif | 144 | #endif |