#include <linux/kernel.h>
#include <linux/audit.h>
#include <linux/kthread.h>
#include <linux/mutex.h>
#include <linux/fs.h>
#include <linux/namei.h>
#include <linux/netlink.h>
#include <linux/sched.h>
#include <linux/slab.h>
#include <linux/security.h>
#include "audit.h"

Functions
	DEFINE_MUTEX (audit_filter_mutex)

void	audit_free_rule_rcu (struct rcu_head *head)

char *	audit_unpack_string (void *bufp, size_t remain, size_t len)

int __init	audit_register_class (int class, unsigned *list)

int	audit_match_class (int class, unsigned syscall)

struct audit_entry *	audit_dupe_rule (struct audit_krule *old)

int	audit_receive_filter (int type, int pid, int seq, void *data, size_t datasz, kuid_t loginuid, u32 sessionid, u32 sid)

int	audit_comparator (u32 left, u32 op, u32 right)

int	audit_uid_comparator (kuid_t left, u32 op, kuid_t right)

int	audit_gid_comparator (kgid_t left, u32 op, kgid_t right)

int	parent_len (const char *path)

int	audit_compare_dname_path (const char dname, const char path, int parentlen)

int	audit_filter_user (void)

int	audit_filter_type (int type)

int	audit_update_lsm_rules (void)

Variables
struct list_head	audit_filter_list [AUDIT_NR_FILTERS]

Function Documentation

int audit_comparator	(	u32	left,
		u32	op,
		u32	right
	)

Definition at line 1230 of file auditfilter.c.

int audit_compare_dname_path	(	const char *	dname,
		const char *	path,
		int	parentlen
	)

audit_compare_dname_path - compare given dentry name with last component in given path. Return of 0 indicates a match. : dentry name that we're comparing : full pathname that we're comparing : length of the parent if known. Passing in AUDIT_NAME_FULL here indicates that we must compute this value.

Definition at line 1339 of file auditfilter.c.

struct audit_entry* audit_dupe_rule ( struct audit_krule * old )

read

Definition at line 810 of file auditfilter.c.

int audit_filter_type ( int type )

Definition at line 1427 of file auditfilter.c.

int audit_filter_user ( void )

Definition at line 1408 of file auditfilter.c.

void audit_free_rule_rcu ( struct rcu_head * head )

Definition at line 89 of file auditfilter.c.

int audit_gid_comparator	(	kgid_t	left,
		u32	op,
		kgid_t	right
	)

Definition at line 1278 of file auditfilter.c.

int audit_match_class	(	int	class,
		unsigned	syscall
	)

Definition at line 178 of file auditfilter.c.

int audit_receive_filter	(	int	type,
		int	pid,
		int	seq,
		void *	data,
		size_t	datasz,
		kuid_t	loginuid,
		u32	sessionid,
		u32	sid
	)

audit_receive_filter - apply all rules to the specified message type : audit message type : target pid for netlink audit messages : target uid for netlink audit messages : netlink audit message sequence (serial) number : payload data : size of payload data : loginuid of sender : sessionid for netlink audit message : SE Linux Security ID of sender

Definition at line 1155 of file auditfilter.c.

int __init audit_register_class	(	int	class,
		unsigned *	list
	)

Definition at line 157 of file auditfilter.c.

int audit_uid_comparator	(	kuid_t	left,
		u32	op,
		kuid_t	right
	)

Definition at line 1255 of file auditfilter.c.

char* audit_unpack_string	(	void **	bufp,
		size_t *	remain,
		size_t	len
	)

Definition at line 117 of file auditfilter.c.

int audit_update_lsm_rules ( void )

Definition at line 1490 of file auditfilter.c.

DEFINE_MUTEX ( audit_filter_mutex )

int parent_len ( const char * path )

parent_len - find the length of the parent portion of a pathname : pathname of which to determine length

Definition at line 1305 of file auditfilter.c.

Variable Documentation

struct list_head audit_filter_list[AUDIT_NR_FILTERS]

Initial value:

= {
    LIST_HEAD_INIT(audit_filter_list[0]),
    LIST_HEAD_INIT(audit_filter_list[1]),
    LIST_HEAD_INIT(audit_filter_list[2]),
    LIST_HEAD_INIT(audit_filter_list[3]),
    LIST_HEAD_INIT(audit_filter_list[4]),
    LIST_HEAD_INIT(audit_filter_list[5]),
}

Definition at line 48 of file auditfilter.c.

Functions

Variables

Function Documentation

Variable Documentation