| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123 |
- /*
- * AppArmor security module
- *
- * This file contains AppArmor auditing function definitions.
- *
- * Copyright (C) 1998-2008 Novell/SUSE
- * Copyright 2009-2010 Canonical Ltd.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License as
- * published by the Free Software Foundation, version 2 of the
- * License.
- */
- #ifndef __AA_AUDIT_H
- #define __AA_AUDIT_H
- #include <linux/audit.h>
- #include <linux/fs.h>
- #include <linux/lsm_audit.h>
- #include <linux/sched.h>
- #include <linux/slab.h>
- #include "file.h"
- struct aa_profile;
- extern const char *audit_mode_names[];
- #define AUDIT_MAX_INDEX 5
- #define AUDIT_APPARMOR_AUTO 0 /* auto choose audit message type */
- enum audit_mode {
- AUDIT_NORMAL, /* follow normal auditing of accesses */
- AUDIT_QUIET_DENIED, /* quiet all denied access messages */
- AUDIT_QUIET, /* quiet all messages */
- AUDIT_NOQUIET, /* do not quiet audit messages */
- AUDIT_ALL /* audit all accesses */
- };
- enum audit_type {
- AUDIT_APPARMOR_AUDIT,
- AUDIT_APPARMOR_ALLOWED,
- AUDIT_APPARMOR_DENIED,
- AUDIT_APPARMOR_HINT,
- AUDIT_APPARMOR_STATUS,
- AUDIT_APPARMOR_ERROR,
- AUDIT_APPARMOR_KILL
- };
- extern const char *op_table[];
- enum aa_ops {
- OP_NULL,
- OP_SYSCTL,
- OP_CAPABLE,
- OP_UNLINK,
- OP_MKDIR,
- OP_RMDIR,
- OP_MKNOD,
- OP_TRUNC,
- OP_LINK,
- OP_SYMLINK,
- OP_RENAME_SRC,
- OP_RENAME_DEST,
- OP_CHMOD,
- OP_CHOWN,
- OP_GETATTR,
- OP_OPEN,
- OP_FPERM,
- OP_FLOCK,
- OP_FMMAP,
- OP_FMPROT,
- OP_CREATE,
- OP_POST_CREATE,
- OP_BIND,
- OP_CONNECT,
- OP_LISTEN,
- OP_ACCEPT,
- OP_SENDMSG,
- OP_RECVMSG,
- OP_GETSOCKNAME,
- OP_GETPEERNAME,
- OP_GETSOCKOPT,
- OP_SETSOCKOPT,
- OP_SOCK_SHUTDOWN,
- OP_PTRACE,
- OP_EXEC,
- OP_CHANGE_HAT,
- OP_CHANGE_PROFILE,
- OP_CHANGE_ONEXEC,
- OP_SETPROCATTR,
- OP_SETRLIMIT,
- OP_PROF_REPL,
- OP_PROF_LOAD,
- OP_PROF_RM,
- };
- /* define a short hand for apparmor_audit_data portion of common_audit_data */
- #define aad apparmor_audit_data
- void aa_audit_msg(int type, struct common_audit_data *sa,
- void (*cb) (struct audit_buffer *, void *));
- int aa_audit(int type, struct aa_profile *profile, gfp_t gfp,
- struct common_audit_data *sa,
- void (*cb) (struct audit_buffer *, void *));
- static inline int complain_error(int error)
- {
- if (error == -EPERM || error == -EACCES)
- return 0;
- return error;
- }
- #endif /* __AA_AUDIT_H */
|
