d2912cb15b
Based on 2 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation # extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 4122 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Enrico Weigelt <info@metux.net> Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190604081206.933168790@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
58 lines
1.9 KiB
C
58 lines
1.9 KiB
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
/*
|
|
* SELinux support for the Audit LSM hooks
|
|
*
|
|
* Author: James Morris <jmorris@redhat.com>
|
|
*
|
|
* Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
|
|
* Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
|
|
* Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
|
|
*/
|
|
|
|
#ifndef _SELINUX_AUDIT_H
|
|
#define _SELINUX_AUDIT_H
|
|
|
|
/**
|
|
* selinux_audit_rule_init - alloc/init an selinux audit rule structure.
|
|
* @field: the field this rule refers to
|
|
* @op: the operater the rule uses
|
|
* @rulestr: the text "target" of the rule
|
|
* @rule: pointer to the new rule structure returned via this
|
|
*
|
|
* Returns 0 if successful, -errno if not. On success, the rule structure
|
|
* will be allocated internally. The caller must free this structure with
|
|
* selinux_audit_rule_free() after use.
|
|
*/
|
|
int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
|
|
|
|
/**
|
|
* selinux_audit_rule_free - free an selinux audit rule structure.
|
|
* @rule: pointer to the audit rule to be freed
|
|
*
|
|
* This will free all memory associated with the given rule.
|
|
* If @rule is NULL, no operation is performed.
|
|
*/
|
|
void selinux_audit_rule_free(void *rule);
|
|
|
|
/**
|
|
* selinux_audit_rule_match - determine if a context ID matches a rule.
|
|
* @sid: the context ID to check
|
|
* @field: the field this rule refers to
|
|
* @op: the operater the rule uses
|
|
* @rule: pointer to the audit rule to check against
|
|
*
|
|
* Returns 1 if the context id matches the rule, 0 if it does not, and
|
|
* -errno on failure.
|
|
*/
|
|
int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule);
|
|
|
|
/**
|
|
* selinux_audit_rule_known - check to see if rule contains selinux fields.
|
|
* @rule: rule to be checked
|
|
* Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
|
|
*/
|
|
int selinux_audit_rule_known(struct audit_krule *krule);
|
|
|
|
#endif /* _SELINUX_AUDIT_H */
|
|
|