[PATCH 10/12] Tell git about security/selinux/include/audit.h

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: James Morris

Subject: [PATCH 10/12] Tell git about security/selinux/include/audit.h

Date: Thursday, April 17, 2008 - 4:06 am

Signed-off-by: James Morris <jmorris@namei.org>
---
 security/selinux/include/audit.h |   65 ++++++++++++++++++++++++++++++++++++++
 1 files changed, 65 insertions(+), 0 deletions(-)
 create mode 100644 security/selinux/include/audit.h

diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h
new file mode 100644
index 0000000..6c8b9ef
--- /dev/null
+++ b/security/selinux/include/audit.h
@@ -0,0 +1,65 @@
+/*
+ * SELinux support for the Audit LSM hooks
+ *
+ * Most of below header was moved from include/linux/selinux.h which 
+ * is released under below copyrights:
+ *
+ * Author: James Morris <jmorris@redhat.com>
+ *
+ * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
+ * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * as published by the Free Software Foundation.
+ */
+
+#ifndef _SELINUX_AUDIT_H
+#define _SELINUX_AUDIT_H
+
+/**
+ *	selinux_audit_rule_init - alloc/init an selinux audit rule structure.
+ *	@field: the field this rule refers to
+ *	@op: the operater the rule uses
+ *	@rulestr: the text "target" of the rule
+ *	@rule: pointer to the new rule structure returned via this
+ *
+ *	Returns 0 if successful, -errno if not.  On success, the rule structure
+ *	will be allocated internally.  The caller must free this structure with
+ *	selinux_audit_rule_free() after use.
+ */
+int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
+
+/**
+ *	selinux_audit_rule_free - free an selinux audit rule structure.
+ *	@rule: pointer to the audit rule to be freed
+ *
+ *	This will free all memory associated with the given rule.
+ *	If @rule is NULL, no operation is performed.
+ */
+void selinux_audit_rule_free(void *rule);
+
+/**
+ *	selinux_audit_rule_match - determine if a context ID matches a rule.
+ *	@sid: the context ID to check
+ *	@field: the field this rule refers to
+ *	@op: the operater the rule uses
+ *	@rule: pointer to the audit rule to check against
+ *	@actx: the audit context (can be NULL) associated with the check
+ *
+ *	Returns 1 if the context id matches the rule, 0 if it does not, and
+ *	-errno on failure.
+ */
+int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule,
+                             struct audit_context *actx);
+
+/**
+ *	selinux_audit_rule_known - check to see if rule contains selinux fields.
+ *	@rule: rule to be checked
+ *	Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
+ */
+int selinux_audit_rule_known(struct audit_krule *krule);
+
+#endif /* _SELINUX_AUDIT_H */
+
-- 
1.5.4.2

--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Security testing tree patch review for 2.6.26, James Morris, (Thu Apr 17, 4:05 am)

[PATCH 01/12] LSM: Introduce inode_getsecid and ipc_getsec ..., James Morris, (Thu Apr 17, 4:05 am)

[PATCH 02/12] SELinux: setup new inode/ipc getsecid hooks, James Morris, (Thu Apr 17, 4:05 am)

[PATCH 03/12] Audit: use new LSM hooks instead of SELinux ..., James Morris, (Thu Apr 17, 4:06 am)

[PATCH 04/12] Netlink: Use generic LSM hook, James Morris, (Thu Apr 17, 4:06 am)

[PATCH 05/12] SELinux: remove redundant exports, James Morris, (Thu Apr 17, 4:06 am)

[PATCH 06/12] LSM/Audit: Introduce generic Audit LSM hooks, James Morris, (Thu Apr 17, 4:06 am)

[PATCH 07/12] Audit: internally use the new LSM audit hooks, James Morris, (Thu Apr 17, 4:06 am)

[PATCH 08/12] SELinux: use new audit hooks, remove redunda ..., James Morris, (Thu Apr 17, 4:06 am)

[PATCH 09/12] Audit: Final renamings and cleanup, James Morris, (Thu Apr 17, 4:06 am)

[PATCH 10/12] Tell git about security/selinux/include/audit.h, James Morris, (Thu Apr 17, 4:06 am)

[PATCH 11/12] Security: Introduce security= boot parameter, James Morris, (Thu Apr 17, 4:06 am)

[PATCH 12/12] security: fix up documentation for security_ ..., James Morris, (Thu Apr 17, 4:06 am)

Re: [PATCH 11/12] Security: Introduce security= boot parameter, Casey Schaufler, (Thu Apr 17, 8:29 am)

Re: [PATCH 12/12] security: fix up documentation for secur ..., Casey Schaufler, (Thu Apr 17, 8:30 am)

Re: [PATCH 10/12] Tell git about security/selinux/include/ ..., Greg KH, (Thu Apr 17, 8:44 am)

Re: [PATCH 10/12] Tell git about security/selinux/include/ ..., James Morris, (Thu Apr 17, 8:53 am)

[PATCH 2.6.26 #repost] Smack: Integrate with Audit, Ahmed S. Darwish, (Thu Apr 17, 9:10 am)

Re: Security testing tree patch review for 2.6.26, Casey Schaufler, (Fri Apr 18, 11:11 am)

Re: [PATCH 2.6.26 #repost] Smack: Integrate with Audit, Casey Schaufler, (Sat Apr 19, 3:19 pm)

Re: Security testing tree patch review for 2.6.26, Alexander Viro, (Mon Apr 28, 9:32 am)


linux-kernel:
Michael Trimarchi	Re: [PATCH] VFS: make file->f_pos access atomic on 32bit arch
Miklos Szeredi	[patch 14/15] vfs: more path_permission() conversions
Serge E. Hallyn	Re: [RFC v5][PATCH 7/8] Infrastructure for shared objects
Bernd Schmidt	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Takashi Iwai	[PATCH 2/2] input: Add LED support to Synaptics device
git:
Junio C Hamano	Re: mingw, windows, crlf/lf, and git
Eyvind Bernhardsen	Re: Where has "git ls-remote" reference pattern matching gone?
Shawn O. Pearce	Re: Switching from CVS to GIT
Todd Zullinger	Re: [PATCH 2/2] send-email: rfc2047-quote subject lines with non-ascii characters
Santi Béjar	Re: How to use git-fmt-merge-msg?
linux-netdev:
Ramkrishna Vepa	[net-2.6 PATCH 1/10] Neterion: New driver: Driver help file
Mark Anthony	invitation / inquiry
Ingo Molnar	Re: [PATCH 08/16] dma-debug: add core checking functions
David Miller	Re: [PATCH 1/3] f_phonet: dev_kfree_skb instead of dev_kfree_skb_any in TX callback
Sascha Hauer	[PATCH 03/12] fec: do not typedef struct types
git-commits-head:
Linux Kernel Mailing List	amba: struct device - replace bus_id with dev_name(), dev_set_name()
Linux Kernel Mailing List	MIPS: Yosemite: Convert SMP startup lock to arch spinlock.
Linux Kernel Mailing List	ARM: S5PC100: IRQ and timer
Linux Kernel Mailing List	davinci: edma: clear interrupt status for interrupt enabled channels only
Linux Kernel Mailing List	x86, mm, kprobes: fault.c, simplify notify_page_fault()
openbsd-misc:
Daniel A. Ramaley	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?
Matthias Kilian	Re: can't get vesa @ 1280x800 or nv
Tobias Ulmer	Re: Problem after upgrade 4.5 to 4.6: ERR M
Philip Guenther	Re: SIGCHLD and libpthread.so
J.C. Roberts	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?