aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/include
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/include')
-rw-r--r--security/selinux/include/audit.h65
1 files changed, 65 insertions, 0 deletions
diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h
new file mode 100644
index 000000000000..6c8b9ef15579
--- /dev/null
+++ b/security/selinux/include/audit.h
@@ -0,0 +1,65 @@
1/*
2 * SELinux support for the Audit LSM hooks
3 *
4 * Most of below header was moved from include/linux/selinux.h which
5 * is released under below copyrights:
6 *
7 * Author: James Morris <jmorris@redhat.com>
8 *
9 * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
10 * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
11 * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License version 2,
15 * as published by the Free Software Foundation.
16 */
17
18#ifndef _SELINUX_AUDIT_H
19#define _SELINUX_AUDIT_H
20
21/**
22 * selinux_audit_rule_init - alloc/init an selinux audit rule structure.
23 * @field: the field this rule refers to
24 * @op: the operater the rule uses
25 * @rulestr: the text "target" of the rule
26 * @rule: pointer to the new rule structure returned via this
27 *
28 * Returns 0 if successful, -errno if not. On success, the rule structure
29 * will be allocated internally. The caller must free this structure with
30 * selinux_audit_rule_free() after use.
31 */
32int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
33
34/**
35 * selinux_audit_rule_free - free an selinux audit rule structure.
36 * @rule: pointer to the audit rule to be freed
37 *
38 * This will free all memory associated with the given rule.
39 * If @rule is NULL, no operation is performed.
40 */
41void selinux_audit_rule_free(void *rule);
42
43/**
44 * selinux_audit_rule_match - determine if a context ID matches a rule.
45 * @sid: the context ID to check
46 * @field: the field this rule refers to
47 * @op: the operater the rule uses
48 * @rule: pointer to the audit rule to check against
49 * @actx: the audit context (can be NULL) associated with the check
50 *
51 * Returns 1 if the context id matches the rule, 0 if it does not, and
52 * -errno on failure.
53 */
54int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule,
55 struct audit_context *actx);
56
57/**
58 * selinux_audit_rule_known - check to see if rule contains selinux fields.
59 * @rule: rule to be checked
60 * Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
61 */
62int selinux_audit_rule_known(struct audit_krule *krule);
63
64#endif /* _SELINUX_AUDIT_H */
65