Linux Audio

Check our new training course

Open Menu / security / selinux / include / audit.h
Loading...
v6.2
 1/* SPDX-License-Identifier: GPL-2.0-only */
 2/*
 3 * SELinux support for the Audit LSM hooks
 4 *
 
 
 
 5 * Author: James Morris <jmorris@redhat.com>
 6 *
 7 * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
 8 * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
 9 * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
 
 
 
 
10 */
11
12#ifndef _SELINUX_AUDIT_H
13#define _SELINUX_AUDIT_H
14
15#include <linux/audit.h>
16#include <linux/types.h>
17
18/**
19 *	selinux_audit_rule_init - alloc/init an selinux audit rule structure.
20 *	@field: the field this rule refers to
21 *	@op: the operator the rule uses
22 *	@rulestr: the text "target" of the rule
23 *	@rule: pointer to the new rule structure returned via this
24 *
25 *	Returns 0 if successful, -errno if not.  On success, the rule structure
26 *	will be allocated internally.  The caller must free this structure with
27 *	selinux_audit_rule_free() after use.
28 */
29int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
30
31/**
32 *	selinux_audit_rule_free - free an selinux audit rule structure.
33 *	@rule: pointer to the audit rule to be freed
34 *
35 *	This will free all memory associated with the given rule.
36 *	If @rule is NULL, no operation is performed.
37 */
38void selinux_audit_rule_free(void *rule);
39
40/**
41 *	selinux_audit_rule_match - determine if a context ID matches a rule.
42 *	@sid: the context ID to check
43 *	@field: the field this rule refers to
44 *	@op: the operater the rule uses
45 *	@rule: pointer to the audit rule to check against
 
46 *
47 *	Returns 1 if the context id matches the rule, 0 if it does not, and
48 *	-errno on failure.
49 */
50int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule);
 
51
52/**
53 *	selinux_audit_rule_known - check to see if rule contains selinux fields.
54 *	@rule: rule to be checked
55 *	Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
56 */
57int selinux_audit_rule_known(struct audit_krule *rule);
58
59#endif /* _SELINUX_AUDIT_H */
60
v3.5.6
 
 1/*
 2 * SELinux support for the Audit LSM hooks
 3 *
 4 * Most of below header was moved from include/linux/selinux.h which
 5 * is released under below copyrights:
 6 *
 7 * Author: James Morris <jmorris@redhat.com>
 8 *
 9 * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
10 * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
11 * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License version 2,
15 * as published by the Free Software Foundation.
16 */
17
18#ifndef _SELINUX_AUDIT_H
19#define _SELINUX_AUDIT_H
20
 
 
 
21/**
22 *	selinux_audit_rule_init - alloc/init an selinux audit rule structure.
23 *	@field: the field this rule refers to
24 *	@op: the operater the rule uses
25 *	@rulestr: the text "target" of the rule
26 *	@rule: pointer to the new rule structure returned via this
27 *
28 *	Returns 0 if successful, -errno if not.  On success, the rule structure
29 *	will be allocated internally.  The caller must free this structure with
30 *	selinux_audit_rule_free() after use.
31 */
32int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
33
34/**
35 *	selinux_audit_rule_free - free an selinux audit rule structure.
36 *	@rule: pointer to the audit rule to be freed
37 *
38 *	This will free all memory associated with the given rule.
39 *	If @rule is NULL, no operation is performed.
40 */
41void selinux_audit_rule_free(void *rule);
42
43/**
44 *	selinux_audit_rule_match - determine if a context ID matches a rule.
45 *	@sid: the context ID to check
46 *	@field: the field this rule refers to
47 *	@op: the operater the rule uses
48 *	@rule: pointer to the audit rule to check against
49 *	@actx: the audit context (can be NULL) associated with the check
50 *
51 *	Returns 1 if the context id matches the rule, 0 if it does not, and
52 *	-errno on failure.
53 */
54int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule,
55			     struct audit_context *actx);
56
57/**
58 *	selinux_audit_rule_known - check to see if rule contains selinux fields.
59 *	@rule: rule to be checked
60 *	Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
61 */
62int selinux_audit_rule_known(struct audit_krule *krule);
63
64#endif /* _SELINUX_AUDIT_H */
65