diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/audit.c | 4 | ||||
| -rw-r--r-- | security/lsm_audit.c | 14 | ||||
| -rw-r--r-- | security/selinux/avc.c | 4 | ||||
| -rw-r--r-- | security/smack/smack_access.c | 3 |
4 files changed, 12 insertions, 13 deletions
diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c index 23f7eb6..cc3520d 100644 --- a/security/apparmor/audit.c +++ b/security/apparmor/audit.c @@ -160,9 +160,7 @@ void aa_audit_msg(int type, struct common_audit_data *sa, void (*cb) (struct audit_buffer *, void *)) { sa->aad->type = type; - sa->lsm_pre_audit = audit_pre; - sa->lsm_post_audit = cb; - common_lsm_audit(sa); + common_lsm_audit(sa, audit_pre, cb); } /** diff --git a/security/lsm_audit.c b/security/lsm_audit.c index e96c6aa..90c129b 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@ -378,11 +378,15 @@ static void dump_common_audit_data(struct audit_buffer *ab, /** * common_lsm_audit - generic LSM auditing function * @a: auxiliary audit data + * @pre_audit: lsm-specific pre-audit callback + * @post_audit: lsm-specific post-audit callback * * setup the audit buffer for common security information * uses callback to print LSM specific information */ -void common_lsm_audit(struct common_audit_data *a) +void common_lsm_audit(struct common_audit_data *a, + void (*pre_audit)(struct audit_buffer *, void *), + void (*post_audit)(struct audit_buffer *, void *)) { struct audit_buffer *ab; @@ -394,13 +398,13 @@ void common_lsm_audit(struct common_audit_data *a) if (ab == NULL) return; - if (a->lsm_pre_audit) - a->lsm_pre_audit(ab, a); + if (pre_audit) + pre_audit(ab, a); dump_common_audit_data(ab, a); - if (a->lsm_post_audit) - a->lsm_post_audit(ab, a); + if (post_audit) + post_audit(ab, a); audit_log_end(ab); } diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 36c42bb..8ee42b2 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -492,9 +492,7 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass, slad.denied = denied; a->selinux_audit_data->slad = &slad; - a->lsm_pre_audit = avc_audit_pre_callback; - a->lsm_post_audit = avc_audit_post_callback; - common_lsm_audit(a); + common_lsm_audit(a, avc_audit_pre_callback, avc_audit_post_callback); return 0; } diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index 2af7fcc..c8115f7 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c @@ -321,9 +321,8 @@ void smack_log(char *subject_label, char *object_label, int request, sad->object = object_label; sad->request = request_buffer; sad->result = result; - a->lsm_pre_audit = smack_log_callback; - common_lsm_audit(a); + common_lsm_audit(a, smack_log_callback, NULL); } #else /* #ifdef CONFIG_AUDIT */ void smack_log(char *subject_label, char *object_label, int request, |