diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2006-07-01 03:56:16 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-07-01 07:44:10 -0400 |
commit | b915543b46a2aa599fdd2169e51bcfd88812a12b (patch) | |
tree | 8025e6654829d4c245b5b6b6f47a84543ebffb7b /include | |
parent | 6e5a2d1d32596850a0ebf7fb3e54c0d69901dabd (diff) | |
download | op-kernel-dev-b915543b46a2aa599fdd2169e51bcfd88812a12b.zip op-kernel-dev-b915543b46a2aa599fdd2169e51bcfd88812a12b.tar.gz |
[PATCH] audit syscall classes
Allow to tie upper bits of syscall bitmap in audit rules to kernel-defined
sets of syscalls. Infrastructure, a couple of classes (with 32bit counterparts
for biarch targets) and actual tie-in on i386, amd64 and ia64.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include')
-rw-r--r-- | include/asm-generic/audit_change_attr.h | 18 | ||||
-rw-r--r-- | include/asm-generic/audit_dir_write.h | 14 | ||||
-rw-r--r-- | include/linux/audit.h | 7 |
3 files changed, 39 insertions, 0 deletions
diff --git a/include/asm-generic/audit_change_attr.h b/include/asm-generic/audit_change_attr.h new file mode 100644 index 0000000..cb05bf6 --- /dev/null +++ b/include/asm-generic/audit_change_attr.h @@ -0,0 +1,18 @@ +__NR_chmod, +__NR_fchmod, +__NR_chown, +__NR_fchown, +__NR_lchown, +__NR_setxattr, +__NR_lsetxattr, +__NR_fsetxattr, +__NR_removexattr, +__NR_lremovexattr, +__NR_fremovexattr, +__NR_fchownat, +__NR_fchmodat, +#ifdef __NR_chown32 +__NR_chown32, +__NR_fchown32, +__NR_lchown32, +#endif diff --git a/include/asm-generic/audit_dir_write.h b/include/asm-generic/audit_dir_write.h new file mode 100644 index 0000000..161a7a5 --- /dev/null +++ b/include/asm-generic/audit_dir_write.h @@ -0,0 +1,14 @@ +__NR_rename, +__NR_mkdir, +__NR_rmdir, +__NR_creat, +__NR_link, +__NR_unlink, +__NR_symlink, +__NR_mknod, +__NR_mkdirat, +__NR_mknodat, +__NR_unlinkat, +__NR_renameat, +__NR_linkat, +__NR_symlinkat, diff --git a/include/linux/audit.h b/include/linux/audit.h index c211f0a..b27d7de 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -127,6 +127,12 @@ #define AUDIT_WORD(nr) ((__u32)((nr)/32)) #define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32)) +#define AUDIT_SYSCALL_CLASSES 16 +#define AUDIT_CLASS_DIR_WRITE 0 +#define AUDIT_CLASS_DIR_WRITE_32 1 +#define AUDIT_CLASS_CHATTR 2 +#define AUDIT_CLASS_CHATTR_32 3 + /* This bitmask is used to validate user input. It represents all bits that * are currently used in an audit field constant understood by the kernel. * If you are adding a new #define AUDIT_<whatever>, please ensure that @@ -307,6 +313,7 @@ struct mqstat; #define AUDITSC_SUCCESS 1 #define AUDITSC_FAILURE 2 #define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS ) +extern int __init audit_register_class(int class, unsigned *list); #ifdef CONFIG_AUDITSYSCALL /* These are defined in auditsc.c */ /* Public API */ |