Commit | Line | Data |
---|---|---|
04305e4a AD |
1 | /* |
2 | * SELinux support for the Audit LSM hooks | |
3 | * | |
f5269710 | 4 | * Most of below header was moved from include/linux/selinux.h which |
04305e4a AD |
5 | * is released under below copyrights: |
6 | * | |
7 | * Author: James Morris <jmorris@redhat.com> | |
8 | * | |
9 | * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com> | |
10 | * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> | |
11 | * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com> | |
12 | * | |
13 | * This program is free software; you can redistribute it and/or modify | |
14 | * it under the terms of the GNU General Public License version 2, | |
15 | * as published by the Free Software Foundation. | |
16 | */ | |
17 | ||
18 | #ifndef _SELINUX_AUDIT_H | |
19 | #define _SELINUX_AUDIT_H | |
20 | ||
21 | /** | |
22 | * selinux_audit_rule_init - alloc/init an selinux audit rule structure. | |
23 | * @field: the field this rule refers to | |
24 | * @op: the operater the rule uses | |
25 | * @rulestr: the text "target" of the rule | |
26 | * @rule: pointer to the new rule structure returned via this | |
27 | * | |
28 | * Returns 0 if successful, -errno if not. On success, the rule structure | |
29 | * will be allocated internally. The caller must free this structure with | |
30 | * selinux_audit_rule_free() after use. | |
31 | */ | |
32 | int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule); | |
33 | ||
34 | /** | |
35 | * selinux_audit_rule_free - free an selinux audit rule structure. | |
36 | * @rule: pointer to the audit rule to be freed | |
37 | * | |
38 | * This will free all memory associated with the given rule. | |
39 | * If @rule is NULL, no operation is performed. | |
40 | */ | |
41 | void selinux_audit_rule_free(void *rule); | |
42 | ||
43 | /** | |
44 | * selinux_audit_rule_match - determine if a context ID matches a rule. | |
45 | * @sid: the context ID to check | |
46 | * @field: the field this rule refers to | |
47 | * @op: the operater the rule uses | |
48 | * @rule: pointer to the audit rule to check against | |
49 | * @actx: the audit context (can be NULL) associated with the check | |
50 | * | |
51 | * Returns 1 if the context id matches the rule, 0 if it does not, and | |
52 | * -errno on failure. | |
53 | */ | |
54 | int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule, | |
f5269710 | 55 | struct audit_context *actx); |
04305e4a AD |
56 | |
57 | /** | |
58 | * selinux_audit_rule_known - check to see if rule contains selinux fields. | |
59 | * @rule: rule to be checked | |
60 | * Returns 1 if there are selinux fields specified in the rule, 0 otherwise. | |
61 | */ | |
62 | int selinux_audit_rule_known(struct audit_krule *krule); | |
63 | ||
64 | #endif /* _SELINUX_AUDIT_H */ | |
65 |