Blame view

kernel/linux-imx6_3.14.28/security/selinux/include/audit.h 2.23 KB
6b13f685e   김민수   BSP 최초 추가
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
  /*
   * SELinux support for the Audit LSM hooks
   *
   * Most of below header was moved from include/linux/selinux.h which
   * is released under below copyrights:
   *
   * Author: James Morris <jmorris@redhat.com>
   *
   * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
   * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
   * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
   *
   * This program is free software; you can redistribute it and/or modify
   * it under the terms of the GNU General Public License version 2,
   * as published by the Free Software Foundation.
   */
  
  #ifndef _SELINUX_AUDIT_H
  #define _SELINUX_AUDIT_H
  
  /**
   *	selinux_audit_rule_init - alloc/init an selinux audit rule structure.
   *	@field: the field this rule refers to
   *	@op: the operater the rule uses
   *	@rulestr: the text "target" of the rule
   *	@rule: pointer to the new rule structure returned via this
   *
   *	Returns 0 if successful, -errno if not.  On success, the rule structure
   *	will be allocated internally.  The caller must free this structure with
   *	selinux_audit_rule_free() after use.
   */
  int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
  
  /**
   *	selinux_audit_rule_free - free an selinux audit rule structure.
   *	@rule: pointer to the audit rule to be freed
   *
   *	This will free all memory associated with the given rule.
   *	If @rule is NULL, no operation is performed.
   */
  void selinux_audit_rule_free(void *rule);
  
  /**
   *	selinux_audit_rule_match - determine if a context ID matches a rule.
   *	@sid: the context ID to check
   *	@field: the field this rule refers to
   *	@op: the operater the rule uses
   *	@rule: pointer to the audit rule to check against
   *	@actx: the audit context (can be NULL) associated with the check
   *
   *	Returns 1 if the context id matches the rule, 0 if it does not, and
   *	-errno on failure.
   */
  int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule,
  			     struct audit_context *actx);
  
  /**
   *	selinux_audit_rule_known - check to see if rule contains selinux fields.
   *	@rule: rule to be checked
   *	Returns 1 if there are selinux fields specified in the rule, 0 otherwise.
   */
  int selinux_audit_rule_known(struct audit_krule *krule);
  
  #endif /* _SELINUX_AUDIT_H */