[PATCH] fix faulty inode data collection for open() with O_CREAT

[karo-tx-linux.git] / include / linux / audit.h

diff --git a/include/linux/audit.h b/include/linux/audit.h
index a489104ae3a42dc9afeeb661b5ba0e5a913912ab..e7e5e534898755e16ecb2f93d0dc8daf1bc4c703 100644 (file)
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -127,6 +127,12 @@
 #define AUDIT_WORD(nr) ((__u32)((nr)/32))
 #define AUDIT_BIT(nr)  (1 << ((nr) - AUDIT_WORD(nr)*32))
 
+#define AUDIT_SYSCALL_CLASSES 16
+#define AUDIT_CLASS_DIR_WRITE 0
+#define AUDIT_CLASS_DIR_WRITE_32 1
+#define AUDIT_CLASS_CHATTR 2
+#define AUDIT_CLASS_CHATTR_32 3
+
 /* This bitmask is used to validate user input.  It represents all bits that
  * are currently used in an audit field constant understood by the kernel.
  * If you are adding a new #define AUDIT_<whatever>, please ensure that
@@ -151,12 +157,17 @@
 #define AUDIT_PERS     10
 #define AUDIT_ARCH     11
 #define AUDIT_MSGTYPE  12
-#define AUDIT_SE_USER  13      /* security label user */
-#define AUDIT_SE_ROLE  14      /* security label role */
-#define AUDIT_SE_TYPE  15      /* security label type */
-#define AUDIT_SE_SEN   16      /* security label sensitivity label */
-#define AUDIT_SE_CLR   17      /* security label clearance label */
+#define AUDIT_SUBJ_USER        13      /* security label user */
+#define AUDIT_SUBJ_ROLE        14      /* security label role */
+#define AUDIT_SUBJ_TYPE        15      /* security label type */
+#define AUDIT_SUBJ_SEN 16      /* security label sensitivity label */
+#define AUDIT_SUBJ_CLR 17      /* security label clearance label */
 #define AUDIT_PPID     18
+#define AUDIT_OBJ_USER 19
+#define AUDIT_OBJ_ROLE 20
+#define AUDIT_OBJ_TYPE 21
+#define AUDIT_OBJ_LEV_LOW      22
+#define AUDIT_OBJ_LEV_HIGH     23
 
                                /* These are ONLY useful when checking
                                 * at syscall exit time (AUDIT_AT_EXIT). */
@@ -302,6 +313,7 @@ struct mqstat;
 #define AUDITSC_SUCCESS 1
 #define AUDITSC_FAILURE 2
 #define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
+extern int __init audit_register_class(int class, unsigned *list);
 #ifdef CONFIG_AUDITSYSCALL
 /* These are defined in auditsc.c */
                                /* Public API */
@@ -316,6 +328,7 @@ extern void audit_putname(const char *name);
 extern void __audit_inode(const char *name, const struct inode *inode);
 extern void __audit_inode_child(const char *dname, const struct inode *inode,
                                unsigned long pino);
+extern void __audit_inode_update(const struct inode *inode);
 static inline void audit_getname(const char *name)
 {
        if (unlikely(current->audit_context))
@@ -331,6 +344,10 @@ static inline void audit_inode_child(const char *dname,
        if (unlikely(current->audit_context))
                __audit_inode_child(dname, inode, pino);
 }
+static inline void audit_inode_update(const struct inode *inode) {
+       if (unlikely(current->audit_context))
+               __audit_inode_update(inode);
+}
 
                                /* Private API (for audit.c only) */
 extern unsigned int audit_serial(void);
@@ -402,8 +419,10 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
 #define audit_putname(n) do { ; } while (0)
 #define __audit_inode(n,i) do { ; } while (0)
 #define __audit_inode_child(d,i,p) do { ; } while (0)
+#define __audit_inode_update(i) do { ; } while (0)
 #define audit_inode(n,i) do { ; } while (0)
 #define audit_inode_child(d,i,p) do { ; } while (0)
+#define audit_inode_update(i) do { ; } while (0)
 #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
 #define audit_get_loginuid(c) ({ -1; })
 #define audit_ipc_obj(i) ({ 0; })