summaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/avc.c2
-rw-r--r--security/selinux/hooks.c68
2 files changed, 35 insertions, 35 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 1a04247e3a1..c04eea2bdb0 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -469,7 +469,7 @@ noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass,
if (!a) {
a = &stack_data;
- COMMON_AUDIT_DATA_INIT(a, NONE);
+ COMMON_AUDIT_DATA_INIT(a, LSM_AUDIT_DATA_NONE);
a->selinux_audit_data = &sad;
}
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b3bd8e1d268..9f038449300 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1427,7 +1427,7 @@ static int cred_has_capability(const struct cred *cred,
u32 av = CAP_TO_MASK(cap);
int rc;
- COMMON_AUDIT_DATA_INIT(&ad, CAP);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_CAP);
ad.selinux_audit_data = &sad;
ad.tsk = current;
ad.u.cap = cap;
@@ -1499,7 +1499,7 @@ static inline int dentry_has_perm(const struct cred *cred,
struct common_audit_data ad;
struct selinux_audit_data sad = {0,};
- COMMON_AUDIT_DATA_INIT(&ad, DENTRY);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY);
ad.u.dentry = dentry;
ad.selinux_audit_data = &sad;
return inode_has_perm(cred, inode, av, &ad, 0);
@@ -1516,7 +1516,7 @@ static inline int path_has_perm(const struct cred *cred,
struct common_audit_data ad;
struct selinux_audit_data sad = {0,};
- COMMON_AUDIT_DATA_INIT(&ad, PATH);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH);
ad.u.path = *path;
ad.selinux_audit_data = &sad;
return inode_has_perm(cred, inode, av, &ad, 0);
@@ -1541,7 +1541,7 @@ static int file_has_perm(const struct cred *cred,
u32 sid = cred_sid(cred);
int rc;
- COMMON_AUDIT_DATA_INIT(&ad, PATH);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH);
ad.u.path = file->f_path;
ad.selinux_audit_data = &sad;
@@ -1582,7 +1582,7 @@ static int may_create(struct inode *dir,
sid = tsec->sid;
newsid = tsec->create_sid;
- COMMON_AUDIT_DATA_INIT(&ad, DENTRY);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY);
ad.u.dentry = dentry;
ad.selinux_audit_data = &sad;
@@ -1637,7 +1637,7 @@ static int may_link(struct inode *dir,
dsec = dir->i_security;
isec = dentry->d_inode->i_security;
- COMMON_AUDIT_DATA_INIT(&ad, DENTRY);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY);
ad.u.dentry = dentry;
ad.selinux_audit_data = &sad;
@@ -1685,7 +1685,7 @@ static inline int may_rename(struct inode *old_dir,
old_is_dir = S_ISDIR(old_dentry->d_inode->i_mode);
new_dsec = new_dir->i_security;
- COMMON_AUDIT_DATA_INIT(&ad, DENTRY);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY);
ad.selinux_audit_data = &sad;
ad.u.dentry = old_dentry;
@@ -2011,7 +2011,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm)
return rc;
}
- COMMON_AUDIT_DATA_INIT(&ad, PATH);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH);
ad.selinux_audit_data = &sad;
ad.u.path = bprm->file->f_path;
@@ -2135,7 +2135,7 @@ static inline void flush_unauthorized_files(const struct cred *cred,
/* Revalidate access to inherited open files. */
- COMMON_AUDIT_DATA_INIT(&ad, INODE);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE);
ad.selinux_audit_data = &sad;
spin_lock(&files->file_lock);
@@ -2485,7 +2485,7 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data)
if (flags & MS_KERNMOUNT)
return 0;
- COMMON_AUDIT_DATA_INIT(&ad, DENTRY);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY);
ad.selinux_audit_data = &sad;
ad.u.dentry = sb->s_root;
return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);
@@ -2497,7 +2497,7 @@ static int selinux_sb_statfs(struct dentry *dentry)
struct common_audit_data ad;
struct selinux_audit_data sad = {0,};
- COMMON_AUDIT_DATA_INIT(&ad, DENTRY);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY);
ad.selinux_audit_data = &sad;
ad.u.dentry = dentry->d_sb->s_root;
return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);
@@ -2667,7 +2667,7 @@ static noinline int audit_inode_permission(struct inode *inode,
struct inode_security_struct *isec = inode->i_security;
int rc;
- COMMON_AUDIT_DATA_INIT(&ad, INODE);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE);
ad.selinux_audit_data = &sad;
ad.u.inode = inode;
@@ -2797,7 +2797,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
if (!inode_owner_or_capable(inode))
return -EPERM;
- COMMON_AUDIT_DATA_INIT(&ad, DENTRY);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY);
ad.selinux_audit_data = &sad;
ad.u.dentry = dentry;
@@ -3412,7 +3412,7 @@ static int selinux_kernel_module_request(char *kmod_name)
sid = task_sid(current);
- COMMON_AUDIT_DATA_INIT(&ad, KMOD);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_KMOD);
ad.selinux_audit_data = &sad;
ad.u.kmod_name = kmod_name;
@@ -3793,7 +3793,7 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms)
if (sksec->sid == SECINITSID_KERNEL)
return 0;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sk = sk;
@@ -3901,7 +3901,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in
snum, &sid);
if (err)
goto out;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sport = htons(snum);
@@ -3936,7 +3936,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in
if (err)
goto out;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sport = htons(snum);
@@ -3998,7 +3998,7 @@ static int selinux_socket_connect(struct socket *sock, struct sockaddr *address,
perm = (sksec->sclass == SECCLASS_TCP_SOCKET) ?
TCP_SOCKET__NAME_CONNECT : DCCP_SOCKET__NAME_CONNECT;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->dport = htons(snum);
@@ -4095,7 +4095,7 @@ static int selinux_socket_unix_stream_connect(struct sock *sock,
struct lsm_network_audit net = {0,};
int err;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sk = other;
@@ -4128,7 +4128,7 @@ static int selinux_socket_unix_may_send(struct socket *sock,
struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sk = other->sk;
@@ -4171,7 +4171,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb,
struct lsm_network_audit net = {0,};
char *addrp;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
@@ -4227,7 +4227,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
if (!secmark_active && !peerlbl_active)
return 0;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
@@ -4584,7 +4584,7 @@ static unsigned int selinux_ip_forward(struct sk_buff *skb, int ifindex,
if (selinux_skb_peerlbl_sid(skb, family, &peer_sid) != 0)
return NF_DROP;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = ifindex;
@@ -4684,7 +4684,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb,
return NF_ACCEPT;
sksec = sk->sk_security;
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = ifindex;
@@ -4757,7 +4757,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex,
secmark_perm = PACKET__SEND;
}
- COMMON_AUDIT_DATA_INIT(&ad, NET);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET);
ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = ifindex;
@@ -4881,7 +4881,7 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
isec = ipc_perms->security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = ipc_perms->key;
@@ -4913,7 +4913,7 @@ static int selinux_msg_queue_alloc_security(struct msg_queue *msq)
isec = msq->q_perm.security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
@@ -4940,7 +4940,7 @@ static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg)
isec = msq->q_perm.security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
@@ -5002,7 +5002,7 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg,
return rc;
}
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
@@ -5035,7 +5035,7 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg,
isec = msq->q_perm.security;
msec = msg->security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
@@ -5062,7 +5062,7 @@ static int selinux_shm_alloc_security(struct shmid_kernel *shp)
isec = shp->shm_perm.security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = shp->shm_perm.key;
@@ -5089,7 +5089,7 @@ static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg)
isec = shp->shm_perm.security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = shp->shm_perm.key;
@@ -5158,7 +5158,7 @@ static int selinux_sem_alloc_security(struct sem_array *sma)
isec = sma->sem_perm.security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = sma->sem_perm.key;
@@ -5185,7 +5185,7 @@ static int selinux_sem_associate(struct sem_array *sma, int semflg)
isec = sma->sem_perm.security;
- COMMON_AUDIT_DATA_INIT(&ad, IPC);
+ COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC);
ad.selinux_audit_data = &sad;
ad.u.ipc_id = sma->sem_perm.key;