Thomas Gleixner | d2912cb | 2019-06-04 10:11:33 +0200 | [diff] [blame] | 1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
Ahmed S. Darwish | 04305e4 | 2008-04-19 09:59:43 +1000 | [diff] [blame] | 2 | /* |
| 3 | * SELinux support for the Audit LSM hooks |
| 4 | * |
Ahmed S. Darwish | 04305e4 | 2008-04-19 09:59:43 +1000 | [diff] [blame] | 5 | * Author: James Morris <jmorris@redhat.com> |
| 6 | * |
| 7 | * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com> |
| 8 | * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> |
| 9 | * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com> |
Ahmed S. Darwish | 04305e4 | 2008-04-19 09:59:43 +1000 | [diff] [blame] | 10 | */ |
| 11 | |
| 12 | #ifndef _SELINUX_AUDIT_H |
| 13 | #define _SELINUX_AUDIT_H |
| 14 | |
| 15 | /** |
| 16 | * selinux_audit_rule_init - alloc/init an selinux audit rule structure. |
| 17 | * @field: the field this rule refers to |
| 18 | * @op: the operater the rule uses |
| 19 | * @rulestr: the text "target" of the rule |
| 20 | * @rule: pointer to the new rule structure returned via this |
| 21 | * |
| 22 | * Returns 0 if successful, -errno if not. On success, the rule structure |
| 23 | * will be allocated internally. The caller must free this structure with |
| 24 | * selinux_audit_rule_free() after use. |
| 25 | */ |
| 26 | int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule); |
| 27 | |
| 28 | /** |
| 29 | * selinux_audit_rule_free - free an selinux audit rule structure. |
| 30 | * @rule: pointer to the audit rule to be freed |
| 31 | * |
| 32 | * This will free all memory associated with the given rule. |
| 33 | * If @rule is NULL, no operation is performed. |
| 34 | */ |
| 35 | void selinux_audit_rule_free(void *rule); |
| 36 | |
| 37 | /** |
| 38 | * selinux_audit_rule_match - determine if a context ID matches a rule. |
| 39 | * @sid: the context ID to check |
| 40 | * @field: the field this rule refers to |
| 41 | * @op: the operater the rule uses |
| 42 | * @rule: pointer to the audit rule to check against |
Ahmed S. Darwish | 04305e4 | 2008-04-19 09:59:43 +1000 | [diff] [blame] | 43 | * |
| 44 | * Returns 1 if the context id matches the rule, 0 if it does not, and |
| 45 | * -errno on failure. |
| 46 | */ |
Richard Guy Briggs | 90462a5 | 2019-01-31 11:52:11 -0500 | [diff] [blame] | 47 | int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule); |
Ahmed S. Darwish | 04305e4 | 2008-04-19 09:59:43 +1000 | [diff] [blame] | 48 | |
| 49 | /** |
| 50 | * selinux_audit_rule_known - check to see if rule contains selinux fields. |
| 51 | * @rule: rule to be checked |
| 52 | * Returns 1 if there are selinux fields specified in the rule, 0 otherwise. |
| 53 | */ |
| 54 | int selinux_audit_rule_known(struct audit_krule *krule); |
| 55 | |
| 56 | #endif /* _SELINUX_AUDIT_H */ |
| 57 | |