diff options
author | Amy Griffis <amy.griffis@hp.com> | 2006-02-07 18:05:27 +0100 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-03-20 20:08:54 +0100 |
commit | 93315ed6dd12dacfc941f9eb8ca0293aadf99793 (patch) | |
tree | 4fc070c92a1de21d3befe4ce48c733c65d044bb3 /kernel/audit.h | |
parent | [PATCH] SE Linux audit events (diff) | |
download | linux-93315ed6dd12dacfc941f9eb8ca0293aadf99793.tar.xz linux-93315ed6dd12dacfc941f9eb8ca0293aadf99793.zip |
[PATCH] audit string fields interface + consumer
Updated patch to dynamically allocate audit rule fields in kernel's
internal representation. Added unlikely() calls for testing memory
allocation result.
Amy Griffis wrote: [Wed Jan 11 2006, 02:02:31PM EST]
> Modify audit's kernel-userspace interface to allow the specification
> of string fields in audit rules.
>
> Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
(cherry picked from 5ffc4a863f92351b720fe3e9c5cd647accff9e03 commit)
Diffstat (limited to 'kernel/audit.h')
-rw-r--r-- | kernel/audit.h | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/kernel/audit.h b/kernel/audit.h index 7643e46daeb2..4b602cdcabef 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -52,10 +52,27 @@ enum audit_state { }; /* Rule lists */ +struct audit_field { + u32 type; + u32 val; + u32 op; +}; + +struct audit_krule { + int vers_ops; + u32 flags; + u32 listnr; + u32 action; + u32 mask[AUDIT_BITMASK_SIZE]; + u32 buflen; /* for data alloc on list rules */ + u32 field_count; + struct audit_field *fields; +}; + struct audit_entry { - struct list_head list; - struct rcu_head rcu; - struct audit_rule rule; + struct list_head list; + struct rcu_head rcu; + struct audit_krule rule; }; |