diff options
| -rw-r--r-- | include/linux/lsm_audit.h | 2 | ||||
| -rw-r--r-- | security/apparmor/capability.c | 2 | ||||
| -rw-r--r-- | security/apparmor/file.c | 2 | ||||
| -rw-r--r-- | security/apparmor/ipc.c | 2 | ||||
| -rw-r--r-- | security/apparmor/lib.c | 2 | ||||
| -rw-r--r-- | security/apparmor/lsm.c | 2 | ||||
| -rw-r--r-- | security/apparmor/policy.c | 2 | ||||
| -rw-r--r-- | security/apparmor/policy_unpack.c | 2 | ||||
| -rw-r--r-- | security/apparmor/resource.c | 2 | ||||
| -rw-r--r-- | security/selinux/avc.c | 2 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 68 |
11 files changed, 44 insertions, 44 deletions
diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h index fad48aab893..9e1ebf5851b 100644 --- a/include/linux/lsm_audit.h +++ b/include/linux/lsm_audit.h @@ -96,7 +96,7 @@ int ipv6_skb_to_auditdata(struct sk_buff *skb, /* Initialize an LSM audit data structure. */ #define COMMON_AUDIT_DATA_INIT(_d, _t) \ { memset((_d), 0, sizeof(struct common_audit_data)); \ - (_d)->type = LSM_AUDIT_DATA_##_t; } + (_d)->type = _t; } void common_lsm_audit(struct common_audit_data *a, void (*pre_audit)(struct audit_buffer *, void *), diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c index 088dba3bf7d..3ecb8b7d850 100644 --- a/security/apparmor/capability.c +++ b/security/apparmor/capability.c @@ -65,7 +65,7 @@ static int audit_caps(struct aa_profile *profile, struct task_struct *task, int type = AUDIT_APPARMOR_AUTO; struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, CAP); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_CAP); sa.aad = &aad; sa.tsk = task; sa.u.cap = cap; diff --git a/security/apparmor/file.c b/security/apparmor/file.c index 2f8fcba9ce4..6ab264ca85c 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c @@ -108,7 +108,7 @@ int aa_audit_file(struct aa_profile *profile, struct file_perms *perms, int type = AUDIT_APPARMOR_AUTO; struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, NONE); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_NONE); sa.aad = &aad; aad.op = op, aad.fs.request = request; diff --git a/security/apparmor/ipc.c b/security/apparmor/ipc.c index c3da93a5150..dba449b74db 100644 --- a/security/apparmor/ipc.c +++ b/security/apparmor/ipc.c @@ -42,7 +42,7 @@ static int aa_audit_ptrace(struct aa_profile *profile, { struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, NONE); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_NONE); sa.aad = &aad; aad.op = OP_PTRACE; aad.target = target; diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c index e75829ba0ff..b11a2652f54 100644 --- a/security/apparmor/lib.c +++ b/security/apparmor/lib.c @@ -66,7 +66,7 @@ void aa_info_message(const char *str) if (audit_enabled) { struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, NONE); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_NONE); sa.aad = &aad; aad.info = str; aa_audit_msg(AUDIT_APPARMOR_STATUS, &sa, NULL); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 02fddcd4c64..4f7bc07b2dc 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -589,7 +589,7 @@ static int apparmor_setprocattr(struct task_struct *task, char *name, } else { struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, NONE); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_NONE); sa.aad = &aad; aad.op = OP_SETPROCATTR; aad.info = name; diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index f1f7506a464..03dbaef2f8e 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -965,7 +965,7 @@ static int audit_policy(int op, gfp_t gfp, const char *name, const char *info, { struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, NONE); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_NONE); sa.aad = &aad; aad.op = op; aad.name = name; diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index deab7c7e8dc..504ba4015aa 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -95,7 +95,7 @@ static int audit_iface(struct aa_profile *new, const char *name, struct aa_profile *profile = __aa_current_profile(); struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, NONE); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_NONE); sa.aad = &aad; if (e) aad.iface.pos = e->pos - e->start; diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c index 2fe8613efe3..d06f57b74f7 100644 --- a/security/apparmor/resource.c +++ b/security/apparmor/resource.c @@ -52,7 +52,7 @@ static int audit_resource(struct aa_profile *profile, unsigned int resource, struct common_audit_data sa; struct apparmor_audit_data aad = {0,}; - COMMON_AUDIT_DATA_INIT(&sa, NONE); + COMMON_AUDIT_DATA_INIT(&sa, LSM_AUDIT_DATA_NONE); sa.aad = &aad; aad.op = OP_SETRLIMIT, aad.rlim.rlim = resource; diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 1a04247e3a1..c04eea2bdb0 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -469,7 +469,7 @@ noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass, if (!a) { a = &stack_data; - COMMON_AUDIT_DATA_INIT(a, NONE); + COMMON_AUDIT_DATA_INIT(a, LSM_AUDIT_DATA_NONE); a->selinux_audit_data = &sad; } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index b3bd8e1d268..9f038449300 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1427,7 +1427,7 @@ static int cred_has_capability(const struct cred *cred, u32 av = CAP_TO_MASK(cap); int rc; - COMMON_AUDIT_DATA_INIT(&ad, CAP); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_CAP); ad.selinux_audit_data = &sad; ad.tsk = current; ad.u.cap = cap; @@ -1499,7 +1499,7 @@ static inline int dentry_has_perm(const struct cred *cred, struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.u.dentry = dentry; ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); @@ -1516,7 +1516,7 @@ static inline int path_has_perm(const struct cred *cred, struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, PATH); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); ad.u.path = *path; ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); @@ -1541,7 +1541,7 @@ static int file_has_perm(const struct cred *cred, u32 sid = cred_sid(cred); int rc; - COMMON_AUDIT_DATA_INIT(&ad, PATH); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); ad.u.path = file->f_path; ad.selinux_audit_data = &sad; @@ -1582,7 +1582,7 @@ static int may_create(struct inode *dir, sid = tsec->sid; newsid = tsec->create_sid; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.u.dentry = dentry; ad.selinux_audit_data = &sad; @@ -1637,7 +1637,7 @@ static int may_link(struct inode *dir, dsec = dir->i_security; isec = dentry->d_inode->i_security; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.u.dentry = dentry; ad.selinux_audit_data = &sad; @@ -1685,7 +1685,7 @@ static inline int may_rename(struct inode *old_dir, old_is_dir = S_ISDIR(old_dentry->d_inode->i_mode); new_dsec = new_dir->i_security; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = old_dentry; @@ -2011,7 +2011,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm) return rc; } - COMMON_AUDIT_DATA_INIT(&ad, PATH); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); ad.selinux_audit_data = &sad; ad.u.path = bprm->file->f_path; @@ -2135,7 +2135,7 @@ static inline void flush_unauthorized_files(const struct cred *cred, /* Revalidate access to inherited open files. */ - COMMON_AUDIT_DATA_INIT(&ad, INODE); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE); ad.selinux_audit_data = &sad; spin_lock(&files->file_lock); @@ -2485,7 +2485,7 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) if (flags & MS_KERNMOUNT) return 0; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = sb->s_root; return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad); @@ -2497,7 +2497,7 @@ static int selinux_sb_statfs(struct dentry *dentry) struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = dentry->d_sb->s_root; return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad); @@ -2667,7 +2667,7 @@ static noinline int audit_inode_permission(struct inode *inode, struct inode_security_struct *isec = inode->i_security; int rc; - COMMON_AUDIT_DATA_INIT(&ad, INODE); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE); ad.selinux_audit_data = &sad; ad.u.inode = inode; @@ -2797,7 +2797,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, if (!inode_owner_or_capable(inode)) return -EPERM; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = dentry; @@ -3412,7 +3412,7 @@ static int selinux_kernel_module_request(char *kmod_name) sid = task_sid(current); - COMMON_AUDIT_DATA_INIT(&ad, KMOD); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_KMOD); ad.selinux_audit_data = &sad; ad.u.kmod_name = kmod_name; @@ -3793,7 +3793,7 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) if (sksec->sid == SECINITSID_KERNEL) return 0; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = sk; @@ -3901,7 +3901,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in snum, &sid); if (err) goto out; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); @@ -3936,7 +3936,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in if (err) goto out; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); @@ -3998,7 +3998,7 @@ static int selinux_socket_connect(struct socket *sock, struct sockaddr *address, perm = (sksec->sclass == SECCLASS_TCP_SOCKET) ? TCP_SOCKET__NAME_CONNECT : DCCP_SOCKET__NAME_CONNECT; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->dport = htons(snum); @@ -4095,7 +4095,7 @@ static int selinux_socket_unix_stream_connect(struct sock *sock, struct lsm_network_audit net = {0,}; int err; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other; @@ -4128,7 +4128,7 @@ static int selinux_socket_unix_may_send(struct socket *sock, struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other->sk; @@ -4171,7 +4171,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, struct lsm_network_audit net = {0,}; char *addrp; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; @@ -4227,7 +4227,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) if (!secmark_active && !peerlbl_active) return 0; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; @@ -4584,7 +4584,7 @@ static unsigned int selinux_ip_forward(struct sk_buff *skb, int ifindex, if (selinux_skb_peerlbl_sid(skb, family, &peer_sid) != 0) return NF_DROP; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4684,7 +4684,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, return NF_ACCEPT; sksec = sk->sk_security; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4757,7 +4757,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex, secmark_perm = PACKET__SEND; } - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4881,7 +4881,7 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, isec = ipc_perms->security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = ipc_perms->key; @@ -4913,7 +4913,7 @@ static int selinux_msg_queue_alloc_security(struct msg_queue *msq) isec = msq->q_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -4940,7 +4940,7 @@ static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg) isec = msq->q_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5002,7 +5002,7 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, return rc; } - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5035,7 +5035,7 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, isec = msq->q_perm.security; msec = msg->security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5062,7 +5062,7 @@ static int selinux_shm_alloc_security(struct shmid_kernel *shp) isec = shp->shm_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; @@ -5089,7 +5089,7 @@ static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg) isec = shp->shm_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; @@ -5158,7 +5158,7 @@ static int selinux_sem_alloc_security(struct sem_array *sma) isec = sma->sem_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; @@ -5185,7 +5185,7 @@ static int selinux_sem_associate(struct sem_array *sma, int semflg) isec = sma->sem_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; |