| 1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
|---|---|
| 2 | /* |
| 3 | * SELinux support for the Audit LSM hooks |
| 4 | * |
| 5 | * Author: James Morris <jmorris@redhat.com> |
| 6 | * |
| 7 | * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com> |
| 8 | * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> |
| 9 | * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com> |
| 10 | */ |
| 11 | |
| 12 | #ifndef _SELINUX_AUDIT_H |
| 13 | #define _SELINUX_AUDIT_H |
| 14 | |
| 15 | #include <linux/audit.h> |
| 16 | #include <linux/types.h> |
| 17 | |
| 18 | /** |
| 19 | * selinux_audit_rule_init - alloc/init an selinux audit rule structure. |
| 20 | * @field: the field this rule refers to |
| 21 | * @op: the operator the rule uses |
| 22 | * @rulestr: the text "target" of the rule |
| 23 | * @rule: pointer to the new rule structure returned via this |
| 24 | * @gfp: GFP flag used for kmalloc |
| 25 | * |
| 26 | * Returns 0 if successful, -errno if not. On success, the rule structure |
| 27 | * will be allocated internally. The caller must free this structure with |
| 28 | * selinux_audit_rule_free() after use. |
| 29 | */ |
| 30 | int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule, |
| 31 | gfp_t gfp); |
| 32 | |
| 33 | /** |
| 34 | * selinux_audit_rule_free - free an selinux audit rule structure. |
| 35 | * @rule: pointer to the audit rule to be freed |
| 36 | * |
| 37 | * This will free all memory associated with the given rule. |
| 38 | * If @rule is NULL, no operation is performed. |
| 39 | */ |
| 40 | void selinux_audit_rule_free(void *rule); |
| 41 | |
| 42 | /** |
| 43 | * selinux_audit_rule_match - determine if a context ID matches a rule. |
| 44 | * @prop: includes the context ID to check |
| 45 | * @field: the field this rule refers to |
| 46 | * @op: the operator the rule uses |
| 47 | * @rule: pointer to the audit rule to check against |
| 48 | * |
| 49 | * Returns 1 if the context id matches the rule, 0 if it does not, and |
| 50 | * -errno on failure. |
| 51 | */ |
| 52 | int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, |
| 53 | void *rule); |
| 54 | |
| 55 | /** |
| 56 | * selinux_audit_rule_known - check to see if rule contains selinux fields. |
| 57 | * @rule: rule to be checked |
| 58 | * Returns 1 if there are selinux fields specified in the rule, 0 otherwise. |
| 59 | */ |
| 60 | int selinux_audit_rule_known(struct audit_krule *rule); |
| 61 | |
| 62 | #endif /* _SELINUX_AUDIT_H */ |
| 63 |
Generated while processing Linux/security/selinux/hooks.c
Generated on 2025-Oct-12 from project Linux revision 6.17.0 (67029a49db6c)
Powered by 
Code Browser 2.1
Generator usage only permitted with license.