summaryrefslogtreecommitdiffstats
path: root/include/linux/audit.h
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-19 19:35:50 +0100
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-19 19:35:50 +0100
commit0f45aa18e65cf3d768082d7d86054a0d2a20bb18 (patch)
tree6e94dfcd813061f5a710b5621e1b2f5a01a95533 /include/linux/audit.h
parent0107b3cf3225aed6ddde4fa8dbcd4ed643b34f4d (diff)
downloadop-kernel-dev-0f45aa18e65cf3d768082d7d86054a0d2a20bb18.zip
op-kernel-dev-0f45aa18e65cf3d768082d7d86054a0d2a20bb18.tar.gz
AUDIT: Allow filtering of user messages
Turn the field from a bitmask to an enumeration and add a list to allow filtering of messages generated by userspace. We also define a list for file system watches in anticipation of that feature. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'include/linux/audit.h')
-rw-r--r--include/linux/audit.h15
1 files changed, 11 insertions, 4 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index bf2ad3b..b5bda24 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -75,10 +75,15 @@
#define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */
/* Rule flags */
-#define AUDIT_PER_TASK 0x01 /* Apply rule at task creation (not syscall) */
-#define AUDIT_AT_ENTRY 0x02 /* Apply rule at syscall entry */
-#define AUDIT_AT_EXIT 0x04 /* Apply rule at syscall exit */
-#define AUDIT_PREPEND 0x10 /* Prepend to front of list */
+#define AUDIT_FILTER_USER 0x00 /* Apply rule to user-generated messages */
+#define AUDIT_FILTER_TASK 0x01 /* Apply rule at task creation (not syscall) */
+#define AUDIT_FILTER_ENTRY 0x02 /* Apply rule at syscall entry */
+#define AUDIT_FILTER_WATCH 0x03 /* Apply rule to file system watches */
+#define AUDIT_FILTER_EXIT 0x04 /* Apply rule at syscall exit */
+
+#define AUDIT_NR_FILTERS 5
+
+#define AUDIT_FILTER_PREPEND 0x10 /* Prepend to front of list */
/* Rule actions */
#define AUDIT_NEVER 0 /* Do not build context if rule matches */
@@ -230,6 +235,7 @@ extern int audit_socketcall(int nargs, unsigned long *args);
extern int audit_sockaddr(int len, void *addr);
extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
extern void audit_signal_info(int sig, struct task_struct *t);
+extern int audit_filter_user(struct task_struct *tsk, int type);
#else
#define audit_alloc(t) ({ 0; })
#define audit_free(t) do { ; } while (0)
@@ -246,6 +252,7 @@ extern void audit_signal_info(int sig, struct task_struct *t);
#define audit_sockaddr(len, addr) ({ 0; })
#define audit_avc_path(dentry, mnt) ({ 0; })
#define audit_signal_info(s,t) do { ; } while (0)
+#define audit_filter_user(struct ({ 1; })
#endif
#ifdef CONFIG_AUDIT
OpenPOWER on IntegriCloud