X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=security%2Fselinux%2Finclude%2Favc.h;h=1931370233d7b2123dad2947c930c0ecb9722ac5;hb=3f0882c48286e7bdb0bbdec9c4bfa934e0db8e09;hp=47fda963495ddc0c5fa8f0d36468dff014035764;hpb=af4087e0e682df12bdffec5cfafc2fec9208716e;p=~andy%2Flinux

diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index 47fda963495..1931370233d 100644
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -15,7 +15,6 @@
 #include <linux/audit.h>
 #include <linux/lsm_audit.h>
 #include <linux/in6.h>
-#include <asm/system.h>
 #include "flask.h"
 #include "av_permissions.h"
 #include "security.h"
@@ -47,6 +46,31 @@ struct avc_cache_stats {
 	unsigned int frees;
 };
 
+/*
+ * We only need this data after we have decided to send an audit message.
+ */
+struct selinux_late_audit_data {
+	u32 ssid;
+	u32 tsid;
+	u16 tclass;
+	u32 requested;
+	u32 audited;
+	u32 denied;
+	int result;
+};
+
+/*
+ * We collect this at the beginning or during an selinux security operation
+ */
+struct selinux_audit_data {
+	/*
+	 * auditdeny is a bit tricky and unintuitive.  See the
+	 * comments in avc.c for it's meaning and usage.
+	 */
+	u32 auditdeny;
+	struct selinux_late_audit_data *slad;
+};
+
 /*
  * AVC operations
  */