From 32f50cdee666333168b5203c7864bede159f789e Mon Sep 17 00:00:00 2001 From: Paul Moore Date: Thu, 28 Sep 2006 14:51:47 -0700 Subject: [NetLabel]: add audit support for configuration changes This patch adds audit support to NetLabel, including six new audit message types shown below. #define AUDIT_MAC_UNLBL_ACCEPT 1406 #define AUDIT_MAC_UNLBL_DENY 1407 #define AUDIT_MAC_CIPSOV4_ADD 1408 #define AUDIT_MAC_CIPSOV4_DEL 1409 #define AUDIT_MAC_MAP_ADD 1410 #define AUDIT_MAC_MAP_DEL 1411 Signed-off-by: Paul Moore Acked-by: James Morris Signed-off-by: David S. Miller --- include/net/cipso_ipv4.h | 5 ++++- include/net/netlabel.h | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'include/net') diff --git a/include/net/cipso_ipv4.h b/include/net/cipso_ipv4.h index 2d72496c2029..5d6ae1b2b196 100644 --- a/include/net/cipso_ipv4.h +++ b/include/net/cipso_ipv4.h @@ -128,7 +128,9 @@ extern int cipso_v4_rbm_strictvalid; #ifdef CONFIG_NETLABEL int cipso_v4_doi_add(struct cipso_v4_doi *doi_def); -int cipso_v4_doi_remove(u32 doi, void (*callback) (struct rcu_head * head)); +int cipso_v4_doi_remove(u32 doi, + u32 audit_secid, + void (*callback) (struct rcu_head * head)); struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi); int cipso_v4_doi_walk(u32 *skip_cnt, int (*callback) (struct cipso_v4_doi *doi_def, void *arg), @@ -143,6 +145,7 @@ static inline int cipso_v4_doi_add(struct cipso_v4_doi *doi_def) } static inline int cipso_v4_doi_remove(u32 doi, + u32 audit_secid, void (*callback) (struct rcu_head * head)) { return 0; diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 6692430063fd..190bfdbbdba6 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -96,7 +96,7 @@ struct netlbl_dom_map; /* Domain mapping operations */ -int netlbl_domhsh_remove(const char *domain); +int netlbl_domhsh_remove(const char *domain, u32 audit_secid); /* LSM security attributes */ struct netlbl_lsm_cache { -- cgit v1.2.1