Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

author: David S. Miller <davem@davemloft.net> 2012-04-10 22:30:45 +0400
committer: David S. Miller <davem@davemloft.net> 2012-04-10 22:30:45 +0400
commit: 06eb4eafbdc0796d741d139a44f1253278da8611 (patch)
tree: fbdb44317130c371928154c9e6903e699fe2b995 /security/selinux/include/avc.h
parent: 32ed53b83ea5ec26a4dba90e18f5e0ff6c71eb48 (diff)
parent: f68e556e23d1a4176b563bcb25d8baf2c5313f91 (diff)
download: linux-06eb4eafbdc0796d741d139a44f1253278da8611.tar.xz
1 files changed, 25 insertions, 1 deletions
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index 47fda963495d..1931370233d7 100644
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -15,7 +15,6 @@
 #include <linux/audit.h>
 #include <linux/lsm_audit.h>
 #include <linux/in6.h>
-#include <asm/system.h>
 #include "flask.h"
 #include "av_permissions.h"
 #include "security.h"
@@ -48,6 +47,31 @@ struct avc_cache_stats {
 };
 
 /*
+ * We only need this data after we have decided to send an audit message.
+ */
+struct selinux_late_audit_data {
+	u32 ssid;
+	u32 tsid;
+	u16 tclass;
+	u32 requested;
+	u32 audited;
+	u32 denied;
+	int result;
+};
+
+/*
+ * We collect this at the beginning or during an selinux security operation
+ */
+struct selinux_audit_data {
+	/*
+	 * auditdeny is a bit tricky and unintuitive.  See the
+	 * comments in avc.c for it's meaning and usage.
+	 */
+	u32 auditdeny;
+	struct selinux_late_audit_data *slad;
+};
+
+/*
  * AVC operations
  */
author	David S. Miller <davem@davemloft.net>	2012-04-10 22:30:45 +0400
committer	David S. Miller <davem@davemloft.net>	2012-04-10 22:30:45 +0400
commit	06eb4eafbdc0796d741d139a44f1253278da8611 (patch)
tree	fbdb44317130c371928154c9e6903e699fe2b995 /security/selinux/include/avc.h
parent	32ed53b83ea5ec26a4dba90e18f5e0ff6c71eb48 (diff)
parent	f68e556e23d1a4176b563bcb25d8baf2c5313f91 (diff)
download	linux-06eb4eafbdc0796d741d139a44f1253278da8611.tar.xz