mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-29 07:34:06 +08:00
be37f21a08
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAlx+8ZgUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXOlDhAAiGlirQ9syyG2fYzaARZZ2QoU/GGD PSAeiNmP3jvJzXArCvugRCw+YSNDdQOBM3SrLQC+cM0MAIDRYXN0NdcrsbTchlMA 51Fx1egZ9Fyj+Ehgida3muh2lRUy7DQwMCL6tAVqwz7vYkSTGDUf+MlYqOqXDka5 74pEExOS3Jdi7560BsE8b6QoW9JIJqEJnirXGkG9o2qC0oFHCR6PKxIyQ7TJrLR1 F23aFTqLTH1nbPUQjnox2PTf13iQVh4j2gwzd+9c9KBfxoGSge3dmxId7BJHy2aG M27fPdCYTNZAGWpPVujsCPAh1WPQ9NQqg3mA9+g14PEbiLqPcqU+kWmnDU7T7bEw Qx0kt6Y8GiknwCqq8pDbKYclgRmOjSGdfutzd0z8uDpbaeunS4/NqnDb/FUaDVcr jA4d6ep7qEgHpYbL8KgOeZCexfaTfz6mcwRWNq3Uu9cLZbZqSSQ7PXolMADHvoRs LS7VH2jcP7q4p4GWmdfjv67xyUUo9HG5HHX74h5pLfQSYXiBWo4ht0UOAzX/6EcE CJNHAFHv+OanI5Rg/6JQ8b3/bJYxzAJVyLZpCuMtlKk6lYBGNeADk9BezEDIYsm8 tSe4/GqqyR9+Qz8rSdpAZ0KKkfqS535IcHUPUJau7Bzg1xqSEP5gzZN6QsjdXg0+ 5wFFfdFICTfJFXo= =57/1 -----END PGP SIGNATURE----- Merge tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit Pull audit updates from Paul Moore: "A lucky 13 audit patches for v5.1. Despite the rather large diffstat, most of the changes are from two bug fix patches that move code from one Kconfig option to another. Beyond that bit of churn, the remaining changes are largely cleanups and bug-fixes as we slowly march towards container auditing. It isn't all boring though, we do have a couple of new things: file capabilities v3 support, and expanded support for filtering on filesystems to solve problems with remote filesystems. All changes pass the audit-testsuite. Please merge for v5.1" * tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: audit: mark expected switch fall-through audit: hide auditsc_get_stamp and audit_serial prototypes audit: join tty records to their syscall audit: remove audit_context when CONFIG_ AUDIT and not AUDITSYSCALL audit: remove unused actx param from audit_rule_match audit: ignore fcaps on umount audit: clean up AUDITSYSCALL prototypes and stubs audit: more filter PATH records keyed on filesystem magic audit: add support for fcaps v3 audit: move loginuid and sessionid from CONFIG_AUDITSYSCALL to CONFIG_AUDIT audit: add syscall information to CONFIG_CHANGE records audit: hand taken context to audit_kill_trees for syscall logging audit: give a clue what CONFIG_CHANGE op was involved
61 lines
2.0 KiB
C
61 lines
2.0 KiB
C
/*
|
|
* SELinux support for the Audit LSM hooks
|
|
*
|
|
* Author: James Morris <jmorris@redhat.com>
|
|
*
|
|
* Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
|
|
* Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
|
|
* Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2,
|
|
* as published by the Free Software Foundation.
|
|
*/
|
|
|
|
#ifndef _SELINUX_AUDIT_H
|
|
#define _SELINUX_AUDIT_H
|
|
|
|
/**
|
|
* selinux_audit_rule_init - alloc/init an selinux audit rule structure.
|
|
* @field: the field this rule refers to
|
|
* @op: the operater the rule uses
|
|
* @rulestr: the text "target" of the rule
|
|
* @rule: pointer to the new rule structure returned via this
|
|
*
|
|
* Returns 0 if successful, -errno if not. On success, the rule structure
|
|
* will be allocated internally. The caller must free this structure with
|
|
* selinux_audit_rule_free() after use.
|
|
*/
|
|
int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
|
|
|
|
/**
|
|
* selinux_audit_rule_free - free an selinux audit rule structure.
|
|
* @rule: pointer to the audit rule to be freed
|
|
*
|
|
* This will free all memory associated with the given rule.
|
|
* If @rule is NULL, no operation is performed.
|
|
*/
|
|
void selinux_audit_rule_free(void *rule);
|
|
|
|
/**
|
|
* selinux_audit_rule_match - determine if a context ID matches a rule.
|
|
* @sid: the context ID to check
|
|
* @field: the field this rule refers to
|
|
* @op: the operater the rule uses
|
|
* @rule: pointer to the audit rule to check against
|
|
*
|
|
* Returns 1 if the context id matches the rule, 0 if it does not, and
|
|
* -errno on failure.
|
|
*/
|
|
int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule);
|
|
|
|
/**
|
|
* selinux_audit_rule_known - check to see if rule contains selinux fields.
|
|
* @rule: rule to be checked
|
|
* Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
|
|
*/
|
|
int selinux_audit_rule_known(struct audit_krule *krule);
|
|
|
|
#endif /* _SELINUX_AUDIT_H */
|
|
|