summaryrefslogtreecommitdiff
path: root/security/selinux/include/avc.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/include/avc.h')
-rw-r--r--security/selinux/include/avc.h26
1 files changed, 25 insertions, 1 deletions
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index 47fda963495..1931370233d 100644
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -15,7 +15,6 @@
#include <linux/audit.h>
#include <linux/lsm_audit.h>
#include <linux/in6.h>
-#include <asm/system.h>
#include "flask.h"
#include "av_permissions.h"
#include "security.h"
@@ -48,6 +47,31 @@ struct avc_cache_stats {
};
/*
+ * We only need this data after we have decided to send an audit message.
+ */
+struct selinux_late_audit_data {
+ u32 ssid;
+ u32 tsid;
+ u16 tclass;
+ u32 requested;
+ u32 audited;
+ u32 denied;
+ int result;
+};
+
+/*
+ * We collect this at the beginning or during an selinux security operation
+ */
+struct selinux_audit_data {
+ /*
+ * auditdeny is a bit tricky and unintuitive. See the
+ * comments in avc.c for it's meaning and usage.
+ */
+ u32 auditdeny;
+ struct selinux_late_audit_data *slad;
+};
+
+/*
* AVC operations
*/
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-04 12:42:11 +0000