summaryrefslogtreecommitdiffstats
path: root/kernel/audit.h
diff options
context:
space:
mode:
authorAmy Griffis <amy.griffis@hp.com>2006-02-07 18:05:27 +0100
committerAl Viro <viro@zeniv.linux.org.uk>2006-03-20 20:08:54 +0100
commit93315ed6dd12dacfc941f9eb8ca0293aadf99793 (patch)
tree4fc070c92a1de21d3befe4ce48c733c65d044bb3 /kernel/audit.h
parent[PATCH] SE Linux audit events (diff)
downloadlinux-93315ed6dd12dacfc941f9eb8ca0293aadf99793.tar.xz
linux-93315ed6dd12dacfc941f9eb8ca0293aadf99793.zip
[PATCH] audit string fields interface + consumer
Updated patch to dynamically allocate audit rule fields in kernel's internal representation. Added unlikely() calls for testing memory allocation result. Amy Griffis wrote: [Wed Jan 11 2006, 02:02:31PM EST] > Modify audit's kernel-userspace interface to allow the specification > of string fields in audit rules. > > Signed-off-by: Amy Griffis <amy.griffis@hp.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from 5ffc4a863f92351b720fe3e9c5cd647accff9e03 commit)
Diffstat (limited to 'kernel/audit.h')
-rw-r--r--kernel/audit.h23
1 files changed, 20 insertions, 3 deletions
diff --git a/kernel/audit.h b/kernel/audit.h
index 7643e46daeb2..4b602cdcabef 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -52,10 +52,27 @@ enum audit_state {
};
/* Rule lists */
+struct audit_field {
+ u32 type;
+ u32 val;
+ u32 op;
+};
+
+struct audit_krule {
+ int vers_ops;
+ u32 flags;
+ u32 listnr;
+ u32 action;
+ u32 mask[AUDIT_BITMASK_SIZE];
+ u32 buflen; /* for data alloc on list rules */
+ u32 field_count;
+ struct audit_field *fields;
+};
+
struct audit_entry {
- struct list_head list;
- struct rcu_head rcu;
- struct audit_rule rule;
+ struct list_head list;
+ struct rcu_head rcu;
+ struct audit_krule rule;
};