Blame view
security/selinux/include/audit.h
2.23 KB
04305e4af Audit: Final rena... |
1 2 3 |
/* * SELinux support for the Audit LSM hooks * |
f52697107 SELinux: keep the... |
4 |
* Most of below header was moved from include/linux/selinux.h which |
04305e4af Audit: Final rena... |
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
* is released under below copyrights: * * Author: James Morris <jmorris@redhat.com> * * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com> * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation. */ #ifndef _SELINUX_AUDIT_H #define _SELINUX_AUDIT_H /** * selinux_audit_rule_init - alloc/init an selinux audit rule structure. * @field: the field this rule refers to * @op: the operater the rule uses * @rulestr: the text "target" of the rule * @rule: pointer to the new rule structure returned via this * * Returns 0 if successful, -errno if not. On success, the rule structure * will be allocated internally. The caller must free this structure with * selinux_audit_rule_free() after use. */ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule); /** * selinux_audit_rule_free - free an selinux audit rule structure. * @rule: pointer to the audit rule to be freed * * This will free all memory associated with the given rule. * If @rule is NULL, no operation is performed. */ void selinux_audit_rule_free(void *rule); /** * selinux_audit_rule_match - determine if a context ID matches a rule. * @sid: the context ID to check * @field: the field this rule refers to * @op: the operater the rule uses * @rule: pointer to the audit rule to check against * @actx: the audit context (can be NULL) associated with the check * * Returns 1 if the context id matches the rule, 0 if it does not, and * -errno on failure. */ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule, |
f52697107 SELinux: keep the... |
55 |
struct audit_context *actx); |
04305e4af Audit: Final rena... |
56 57 58 59 60 61 62 63 64 |
/** * selinux_audit_rule_known - check to see if rule contains selinux fields. * @rule: rule to be checked * Returns 1 if there are selinux fields specified in the rule, 0 otherwise. */ int selinux_audit_rule_known(struct audit_krule *krule); #endif /* _SELINUX_AUDIT_H */ |