]>
Commit | Line | Data |
---|---|---|
8f69975d BS |
1 | From: Tony Jones <tonyj@suse.de> |
2 | Subject: Export audit subsystem for use by modules | |
3 | ||
4 | Update kenel audit range comments to show AppArmor's registered range of | |
5 | 1500-1599. This range used to be reserved for LSPP but LSPP uses the | |
6 | SE Linux range and the range was given to AppArmor. | |
7 | Adds necessary export symbols for audit subsystem routines. | |
8 | Changes audit_log_vformat to be externally visible (analagous to vprintf) | |
9 | Patch is not in mainline -- pending AppArmor code submission to lkml | |
10 | ||
11 | Signed-off-by: Andreas Gruenbacher <agruen@suse.de> | |
12 | Signed-off-by: John Johansen <jjohansen@suse.de> | |
13 | ||
14 | --- | |
15 | include/linux/audit.h | 12 +++++++++++- | |
16 | kernel/audit.c | 6 ++++-- | |
17 | 2 files changed, 15 insertions(+), 3 deletions(-) | |
18 | ||
19 | --- a/include/linux/audit.h | |
20 | +++ b/include/linux/audit.h | |
21 | @@ -33,7 +33,7 @@ | |
22 | * 1200 - 1299 messages internal to the audit daemon | |
23 | * 1300 - 1399 audit event messages | |
24 | * 1400 - 1499 SE Linux use | |
25 | - * 1500 - 1599 kernel LSPP events | |
26 | + * 1500 - 1599 AppArmor use | |
27 | * 1600 - 1699 kernel crypto events | |
28 | * 1700 - 1799 kernel anomaly records | |
29 | * 1800 - 1999 future kernel use (maybe integrity labels and related events) | |
30 | @@ -119,6 +119,13 @@ | |
31 | #define AUDIT_MAC_UNLBL_STCADD 1416 /* NetLabel: add a static label */ | |
32 | #define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label */ | |
33 | ||
34 | +#define AUDIT_APPARMOR_AUDIT 1501 /* AppArmor audited grants */ | |
35 | +#define AUDIT_APPARMOR_ALLOWED 1502 /* Allowed Access for learning */ | |
36 | +#define AUDIT_APPARMOR_DENIED 1503 | |
37 | +#define AUDIT_APPARMOR_HINT 1504 /* Process Tracking information */ | |
38 | +#define AUDIT_APPARMOR_STATUS 1505 /* Changes in config */ | |
39 | +#define AUDIT_APPARMOR_ERROR 1506 /* Internal AppArmor Errors */ | |
40 | + | |
41 | #define AUDIT_FIRST_KERN_ANOM_MSG 1700 | |
42 | #define AUDIT_LAST_KERN_ANOM_MSG 1799 | |
43 | #define AUDIT_ANOM_PROMISCUOUS 1700 /* Device changed promiscuous mode */ | |
44 | @@ -545,6 +552,9 @@ extern void audit_log(struct audit_ | |
45 | __attribute__((format(printf,4,5))); | |
46 | ||
47 | extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type); | |
48 | +extern void audit_log_vformat(struct audit_buffer *ab, | |
49 | + const char *fmt, va_list args) | |
50 | + __attribute__((format(printf,2,0))); | |
51 | extern void audit_log_format(struct audit_buffer *ab, | |
52 | const char *fmt, ...) | |
53 | __attribute__((format(printf,2,3))); | |
54 | --- a/kernel/audit.c | |
55 | +++ b/kernel/audit.c | |
56 | @@ -1231,8 +1231,7 @@ static inline int audit_expand(struct au | |
57 | * will be called a second time. Currently, we assume that a printk | |
58 | * can't format message larger than 1024 bytes, so we don't either. | |
59 | */ | |
60 | -static void audit_log_vformat(struct audit_buffer *ab, const char *fmt, | |
61 | - va_list args) | |
62 | +void audit_log_vformat(struct audit_buffer *ab, const char *fmt, va_list args) | |
63 | { | |
64 | int len, avail; | |
65 | struct sk_buff *skb; | |
66 | @@ -1506,3 +1505,6 @@ EXPORT_SYMBOL(audit_log_start); | |
67 | EXPORT_SYMBOL(audit_log_end); | |
68 | EXPORT_SYMBOL(audit_log_format); | |
69 | EXPORT_SYMBOL(audit_log); | |
70 | +EXPORT_SYMBOL_GPL(audit_log_vformat); | |
71 | +EXPORT_SYMBOL_GPL(audit_log_untrustedstring); | |
72 | +EXPORT_SYMBOL_GPL(audit_log_d_path); |