Renumber AUDIT_TTY_[GS]ET

[sfrench/cifs-2.6.git] / include / linux / audit.h

diff --git a/include/linux/audit.h b/include/linux/audit.h
index fccc6e50298a20cb89eda2fd8a7dc11c7864cd77..d6579df8dadf629968c704c774081fa4ef422586 100644 (file)
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -63,9 +63,12 @@
 #define AUDIT_ADD_RULE         1011    /* Add syscall filtering rule */
 #define AUDIT_DEL_RULE         1012    /* Delete syscall filtering rule */
 #define AUDIT_LIST_RULES       1013    /* List syscall filtering rules */
+#define AUDIT_TTY_GET          1016    /* Get TTY auditing status */
+#define AUDIT_TTY_SET          1017    /* Set TTY auditing status */
 
 #define AUDIT_FIRST_USER_MSG   1100    /* Userspace messages mostly uninteresting to kernel */
 #define AUDIT_USER_AVC         1107    /* We filter this differently */
+#define AUDIT_USER_TTY         1124    /* Non-ICANON TTY input meaning */
 #define AUDIT_LAST_USER_MSG    1199
 #define AUDIT_FIRST_USER_MSG2  2100    /* More user space messages */
 #define AUDIT_LAST_USER_MSG2   2999
@@ -92,6 +95,7 @@
 #define AUDIT_KERNEL_OTHER     1316    /* For use by 3rd party modules */
 #define AUDIT_FD_PAIR          1317    /* audit record for pipe/socketpair */
 #define AUDIT_OBJ_PID          1318    /* ptrace target */
+#define AUDIT_TTY              1319    /* Input on an administrative TTY */
 
 #define AUDIT_AVC              1400    /* SE Linux avc denial or grant */
 #define AUDIT_SELINUX_ERR      1401    /* Internal SE Linux Errors */
@@ -157,7 +161,7 @@
  * are currently used in an audit field constant understood by the kernel.
  * If you are adding a new #define AUDIT_<whatever>, please ensure that
  * AUDIT_UNUSED_BITS is updated if need be. */
-#define AUDIT_UNUSED_BITS      0x0FFFFC00
+#define AUDIT_UNUSED_BITS      0x07FFFC00
 
 
 /* Rule fields */
@@ -209,25 +213,29 @@
 #define AUDIT_NEGATE                   0x80000000
 
 /* These are the supported operators.
- *     4  2  1
- *     =  >  <
- *     -------
- *     0  0  0         0       nonsense
- *     0  0  1         1       <
- *     0  1  0         2       >
- *     0  1  1         3       !=
- *     1  0  0         4       =
- *     1  0  1         5       <=
- *     1  1  0         6       >=
- *     1  1  1         7       all operators
+ *     4  2  1  8
+ *     =  >  <  ?
+ *     ----------
+ *     0  0  0  0      00      nonsense
+ *     0  0  0  1      08      &  bit mask
+ *     0  0  1  0      10      <
+ *     0  1  0  0      20      >
+ *     0  1  1  0      30      !=
+ *     1  0  0  0      40      =
+ *     1  0  0  1      48      &=  bit test
+ *     1  0  1  0      50      <=
+ *     1  1  0  0      60      >=
+ *     1  1  1  1      78      all operators
  */
+#define AUDIT_BIT_MASK                 0x08000000
 #define AUDIT_LESS_THAN                        0x10000000
 #define AUDIT_GREATER_THAN             0x20000000
 #define AUDIT_NOT_EQUAL                        0x30000000
 #define AUDIT_EQUAL                    0x40000000
+#define AUDIT_BIT_TEST                 (AUDIT_BIT_MASK|AUDIT_EQUAL)
 #define AUDIT_LESS_THAN_OR_EQUAL       (AUDIT_LESS_THAN|AUDIT_EQUAL)
 #define AUDIT_GREATER_THAN_OR_EQUAL    (AUDIT_GREATER_THAN|AUDIT_EQUAL)
-#define AUDIT_OPERATORS                        (AUDIT_EQUAL|AUDIT_NOT_EQUAL)
+#define AUDIT_OPERATORS                        (AUDIT_EQUAL|AUDIT_NOT_EQUAL|AUDIT_BIT_MASK)
 
 /* Status symbols */
                                /* Mask values */
@@ -289,6 +297,10 @@ struct audit_status {
        __u32           backlog;        /* messages waiting in queue */
 };
 
+struct audit_tty_status {
+       __u32           enabled; /* 1 = enabled, 0 = disabled */
+};
+
 /* audit_rule_data supports filter rules with both integer and string
  * fields.  It corresponds with AUDIT_ADD_RULE, AUDIT_DEL_RULE and
  * AUDIT_LIST_RULES requests.
@@ -399,7 +411,6 @@ extern int audit_bprm(struct linux_binprm *bprm);
 extern int audit_socketcall(int nargs, unsigned long *args);
 extern int audit_sockaddr(int len, void *addr);
 extern int __audit_fd_pair(int fd1, int fd2);
-extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
 extern int audit_set_macxattr(const char *name);
 extern int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr);
 extern int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout);
@@ -479,7 +490,6 @@ extern int audit_signals;
 #define audit_socketcall(n,a) ({ 0; })
 #define audit_fd_pair(n,a) ({ 0; })
 #define audit_sockaddr(len, addr) ({ 0; })
-#define audit_avc_path(dentry, mnt) ({ 0; })
 #define audit_set_macxattr(n) do { ; } while (0)
 #define audit_mq_open(o,m,a) ({ 0; })
 #define audit_mq_timedsend(d,l,p,t) ({ 0; })
@@ -515,11 +525,13 @@ extern void                   audit_log_d_path(struct audit_buffer *ab,
                                             const char *prefix,
                                             struct dentry *dentry,
                                             struct vfsmount *vfsmnt);
+extern void                audit_log_lost(const char *message);
                                /* Private API (for audit.c only) */
 extern int audit_filter_user(struct netlink_skb_parms *cb, int type);
 extern int audit_filter_type(int type);
 extern int  audit_receive_filter(int type, int pid, int uid, int seq,
                         void *data, size_t datasz, uid_t loginuid, u32 sid);
+extern int audit_enabled;
 #else
 #define audit_log(c,g,t,f,...) do { ; } while (0)
 #define audit_log_start(c,g,t) ({ NULL; })
@@ -530,6 +542,7 @@ extern int  audit_receive_filter(int type, int pid, int uid, int seq,
 #define audit_log_untrustedstring(a,s) do { ; } while (0)
 #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0)
 #define audit_log_d_path(b,p,d,v) do { ; } while (0)
+#define audit_enabled 0
 #endif
 #endif
 #endif