+++ /dev/null
-From: Tony Jones <tonyj@suse.de>
-Subject: Export audit subsystem for use by modules
-
-Update kenel audit range comments to show AppArmor's registered range of
-1500-1599. This range used to be reserved for LSPP but LSPP uses the
-SE Linux range and the range was given to AppArmor.
-Adds necessary export symbols for audit subsystem routines.
-Changes audit_log_vformat to be externally visible (analagous to vprintf)
-Patch is not in mainline -- pending AppArmor code submission to lkml
-
-Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
-Signed-off-by: John Johansen <jjohansen@suse.de>
-
----
- include/linux/audit.h | 12 +++++++++++-
- kernel/audit.c | 6 ++++--
- 2 files changed, 15 insertions(+), 3 deletions(-)
-
---- a/include/linux/audit.h
-+++ b/include/linux/audit.h
-@@ -33,7 +33,7 @@
- * 1200 - 1299 messages internal to the audit daemon
- * 1300 - 1399 audit event messages
- * 1400 - 1499 SE Linux use
-- * 1500 - 1599 kernel LSPP events
-+ * 1500 - 1599 AppArmor use
- * 1600 - 1699 kernel crypto events
- * 1700 - 1799 kernel anomaly records
- * 1800 - 1999 future kernel use (maybe integrity labels and related events)
-@@ -119,6 +119,13 @@
- #define AUDIT_MAC_UNLBL_STCADD 1416 /* NetLabel: add a static label */
- #define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label */
-
-+#define AUDIT_APPARMOR_AUDIT 1501 /* AppArmor audited grants */
-+#define AUDIT_APPARMOR_ALLOWED 1502 /* Allowed Access for learning */
-+#define AUDIT_APPARMOR_DENIED 1503
-+#define AUDIT_APPARMOR_HINT 1504 /* Process Tracking information */
-+#define AUDIT_APPARMOR_STATUS 1505 /* Changes in config */
-+#define AUDIT_APPARMOR_ERROR 1506 /* Internal AppArmor Errors */
-+
- #define AUDIT_FIRST_KERN_ANOM_MSG 1700
- #define AUDIT_LAST_KERN_ANOM_MSG 1799
- #define AUDIT_ANOM_PROMISCUOUS 1700 /* Device changed promiscuous mode */
-@@ -545,6 +552,9 @@ extern void audit_log(struct audit_
- __attribute__((format(printf,4,5)));
-
- extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type);
-+extern void audit_log_vformat(struct audit_buffer *ab,
-+ const char *fmt, va_list args)
-+ __attribute__((format(printf,2,0)));
- extern void audit_log_format(struct audit_buffer *ab,
- const char *fmt, ...)
- __attribute__((format(printf,2,3)));
---- a/kernel/audit.c
-+++ b/kernel/audit.c
-@@ -1231,8 +1231,7 @@ static inline int audit_expand(struct au
- * will be called a second time. Currently, we assume that a printk
- * can't format message larger than 1024 bytes, so we don't either.
- */
--static void audit_log_vformat(struct audit_buffer *ab, const char *fmt,
-- va_list args)
-+void audit_log_vformat(struct audit_buffer *ab, const char *fmt, va_list args)
- {
- int len, avail;
- struct sk_buff *skb;
-@@ -1506,3 +1505,6 @@ EXPORT_SYMBOL(audit_log_start);
- EXPORT_SYMBOL(audit_log_end);
- EXPORT_SYMBOL(audit_log_format);
- EXPORT_SYMBOL(audit_log);
-+EXPORT_SYMBOL_GPL(audit_log_vformat);
-+EXPORT_SYMBOL_GPL(audit_log_untrustedstring);
-+EXPORT_SYMBOL_GPL(audit_log_d_path);