PERFORCE change 141347 for review
Wayne Salamon
wsalamon at FreeBSD.org
Fri May 9 00:52:02 UTC 2008
http://perforce.freebsd.org/chv.cgi?CH=141347
Change 141347 by wsalamon at vh2 on 2008/05/09 00:52:00
Add/move some defines needed for MAC/Audit interplay.
Affected files ...
.. //depot/projects/trustedbsd/audit_mac/src/sys/security/audit/audit.h#5 edit
.. //depot/projects/trustedbsd/audit_mac/src/sys/security/mac/mac_policy.h#5 edit
Differences ...
==== //depot/projects/trustedbsd/audit_mac/src/sys/security/audit/audit.h#5 (text) ====
@@ -184,10 +184,6 @@
void audit_thread_free(struct thread *td);
#ifdef MAC
-/*
- * Arbitrary limit on how much data will be logged by the audit entry points.
- */
-#define MAC_AUDIT_DATA_LIMIT 1024
/*
* audit_mac_data() is the MAC Framework's entry point to the audit subsystem.
==== //depot/projects/trustedbsd/audit_mac/src/sys/security/mac/mac_policy.h#5 (text+ko) ====
@@ -60,6 +60,7 @@
* alphabetically.
*/
#include <sys/acl.h> /* XXX acl_type_t */
+#include <bsm/audit.h> /* au_event_t */
struct acl;
struct auditinfo;
@@ -113,6 +114,20 @@
typedef void (*mpo_placeholder_t)(void);
/*
+ * Arbitrary limit on how much data can be logged by the audit entry points.
+ */
+#define MAC_AUDIT_DATA_LIMIT 1024
+
+/*
+ * Values returned by mac_audit_{pre,post}select. To combine the responses
+ * of the security policies into a single decision,
+ * mac_audit_{pre,post}select() choose the greatest value returned.
+ */
+#define MAC_AUDIT_DEFAULT 0 /* use system behavior */
+#define MAC_AUDIT_NO 1 /* force not auditing this event */
+#define MAC_AUDIT_YES 2 /* force auditing this event */
+
+/*
* Operations sorted alphabetically by primary object type and then method.
*/
typedef int (*mpo_audit_check_preselect_t)(struct ucred *cred,
More information about the p4-projects
mailing list