We no longer need the distinction. We only need data after we decide to do an
audit. So turn the "late" audit data into just "data" and remove what we
currently have as "data".
Signed-off-by: Eric Paris <eparis@redhat.com>
{
struct common_audit_data *ad = a;
audit_log_format(ab, "avc: %s ",
{
struct common_audit_data *ad = a;
audit_log_format(ab, "avc: %s ",
- ad->selinux_audit_data->slad->denied ? "denied" : "granted");
- avc_dump_av(ab, ad->selinux_audit_data->slad->tclass,
- ad->selinux_audit_data->slad->audited);
+ ad->selinux_audit_data->denied ? "denied" : "granted");
+ avc_dump_av(ab, ad->selinux_audit_data->tclass,
+ ad->selinux_audit_data->audited);
audit_log_format(ab, " for ");
}
audit_log_format(ab, " for ");
}
{
struct common_audit_data *ad = a;
audit_log_format(ab, " ");
{
struct common_audit_data *ad = a;
audit_log_format(ab, " ");
- avc_dump_query(ab, ad->selinux_audit_data->slad->ssid,
- ad->selinux_audit_data->slad->tsid,
- ad->selinux_audit_data->slad->tclass);
+ avc_dump_query(ab, ad->selinux_audit_data->ssid,
+ ad->selinux_audit_data->tsid,
+ ad->selinux_audit_data->tclass);
}
/* This is the slow part of avc audit with big stack footprint */
}
/* This is the slow part of avc audit with big stack footprint */
unsigned flags)
{
struct common_audit_data stack_data;
unsigned flags)
{
struct common_audit_data stack_data;
- struct selinux_audit_data sad = {0,};
- struct selinux_late_audit_data slad;
+ struct selinux_audit_data sad;
if (!a) {
a = &stack_data;
a->type = LSM_AUDIT_DATA_NONE;
if (!a) {
a = &stack_data;
a->type = LSM_AUDIT_DATA_NONE;
- a->selinux_audit_data = &sad;
(flags & MAY_NOT_BLOCK))
return -ECHILD;
(flags & MAY_NOT_BLOCK))
return -ECHILD;
- slad.tclass = tclass;
- slad.requested = requested;
- slad.ssid = ssid;
- slad.tsid = tsid;
- slad.audited = audited;
- slad.denied = denied;
+ sad.tclass = tclass;
+ sad.requested = requested;
+ sad.ssid = ssid;
+ sad.tsid = tsid;
+ sad.audited = audited;
+ sad.denied = denied;
+
+ a->selinux_audit_data = &sad;
- a->selinux_audit_data->slad = &slad;
common_lsm_audit(a, avc_audit_pre_callback, avc_audit_post_callback);
return 0;
}
common_lsm_audit(a, avc_audit_pre_callback, avc_audit_post_callback);
return 0;
}
int cap, int audit)
{
struct common_audit_data ad;
int cap, int audit)
{
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct av_decision avd;
u16 sclass;
u32 sid = cred_sid(cred);
struct av_decision avd;
u16 sclass;
u32 sid = cred_sid(cred);
int rc;
ad.type = LSM_AUDIT_DATA_CAP;
int rc;
ad.type = LSM_AUDIT_DATA_CAP;
- ad.selinux_audit_data = &sad;
ad.u.cap = cap;
switch (CAP_TO_INDEX(cap)) {
ad.u.cap = cap;
switch (CAP_TO_INDEX(cap)) {
{
struct inode *inode = dentry->d_inode;
struct common_audit_data ad;
{
struct inode *inode = dentry->d_inode;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry;
ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry;
- ad.selinux_audit_data = &sad;
return inode_has_perm(cred, inode, av, &ad, 0);
}
return inode_has_perm(cred, inode, av, &ad, 0);
}
{
struct inode *inode = path->dentry->d_inode;
struct common_audit_data ad;
{
struct inode *inode = path->dentry->d_inode;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
ad.type = LSM_AUDIT_DATA_PATH;
ad.u.path = *path;
ad.type = LSM_AUDIT_DATA_PATH;
ad.u.path = *path;
- ad.selinux_audit_data = &sad;
return inode_has_perm(cred, inode, av, &ad, 0);
}
return inode_has_perm(cred, inode, av, &ad, 0);
}
struct file_security_struct *fsec = file->f_security;
struct inode *inode = file->f_path.dentry->d_inode;
struct common_audit_data ad;
struct file_security_struct *fsec = file->f_security;
struct inode *inode = file->f_path.dentry->d_inode;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = cred_sid(cred);
int rc;
ad.type = LSM_AUDIT_DATA_PATH;
ad.u.path = file->f_path;
u32 sid = cred_sid(cred);
int rc;
ad.type = LSM_AUDIT_DATA_PATH;
ad.u.path = file->f_path;
- ad.selinux_audit_data = &sad;
if (sid != fsec->sid) {
rc = avc_has_perm(sid, fsec->sid,
if (sid != fsec->sid) {
rc = avc_has_perm(sid, fsec->sid,
struct superblock_security_struct *sbsec;
u32 sid, newsid;
struct common_audit_data ad;
struct superblock_security_struct *sbsec;
u32 sid, newsid;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
int rc;
dsec = dir->i_security;
int rc;
dsec = dir->i_security;
ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry;
ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry;
- ad.selinux_audit_data = &sad;
rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR,
DIR__ADD_NAME | DIR__SEARCH,
rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR,
DIR__ADD_NAME | DIR__SEARCH,
{
struct inode_security_struct *dsec, *isec;
struct common_audit_data ad;
{
struct inode_security_struct *dsec, *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
u32 av;
int rc;
u32 sid = current_sid();
u32 av;
int rc;
ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry;
ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry;
- ad.selinux_audit_data = &sad;
av = DIR__SEARCH;
av |= (kind ? DIR__REMOVE_NAME : DIR__ADD_NAME);
av = DIR__SEARCH;
av |= (kind ? DIR__REMOVE_NAME : DIR__ADD_NAME);
{
struct inode_security_struct *old_dsec, *new_dsec, *old_isec, *new_isec;
struct common_audit_data ad;
{
struct inode_security_struct *old_dsec, *new_dsec, *old_isec, *new_isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
u32 av;
int old_is_dir, new_is_dir;
u32 sid = current_sid();
u32 av;
int old_is_dir, new_is_dir;
new_dsec = new_dir->i_security;
ad.type = LSM_AUDIT_DATA_DENTRY;
new_dsec = new_dir->i_security;
ad.type = LSM_AUDIT_DATA_DENTRY;
- ad.selinux_audit_data = &sad;
ad.u.dentry = old_dentry;
rc = avc_has_perm(sid, old_dsec->sid, SECCLASS_DIR,
ad.u.dentry = old_dentry;
rc = avc_has_perm(sid, old_dsec->sid, SECCLASS_DIR,
struct task_security_struct *new_tsec;
struct inode_security_struct *isec;
struct common_audit_data ad;
struct task_security_struct *new_tsec;
struct inode_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct inode *inode = bprm->file->f_path.dentry->d_inode;
int rc;
struct inode *inode = bprm->file->f_path.dentry->d_inode;
int rc;
}
ad.type = LSM_AUDIT_DATA_PATH;
}
ad.type = LSM_AUDIT_DATA_PATH;
- ad.selinux_audit_data = &sad;
ad.u.path = bprm->file->f_path;
if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)
ad.u.path = bprm->file->f_path;
if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)
struct files_struct *files)
{
struct common_audit_data ad;
struct files_struct *files)
{
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct file *file, *devnull = NULL;
struct tty_struct *tty;
struct fdtable *fdt;
struct file *file, *devnull = NULL;
struct tty_struct *tty;
struct fdtable *fdt;
/* Revalidate access to inherited open files. */
ad.type = LSM_AUDIT_DATA_INODE;
/* Revalidate access to inherited open files. */
ad.type = LSM_AUDIT_DATA_INODE;
- ad.selinux_audit_data = &sad;
spin_lock(&files->file_lock);
for (;;) {
spin_lock(&files->file_lock);
for (;;) {
{
const struct cred *cred = current_cred();
struct common_audit_data ad;
{
const struct cred *cred = current_cred();
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
int rc;
rc = superblock_doinit(sb, data);
int rc;
rc = superblock_doinit(sb, data);
return 0;
ad.type = LSM_AUDIT_DATA_DENTRY;
return 0;
ad.type = LSM_AUDIT_DATA_DENTRY;
- ad.selinux_audit_data = &sad;
ad.u.dentry = sb->s_root;
return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);
}
ad.u.dentry = sb->s_root;
return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);
}
{
const struct cred *cred = current_cred();
struct common_audit_data ad;
{
const struct cred *cred = current_cred();
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
ad.type = LSM_AUDIT_DATA_DENTRY;
ad.type = LSM_AUDIT_DATA_DENTRY;
- ad.selinux_audit_data = &sad;
ad.u.dentry = dentry->d_sb->s_root;
return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);
}
ad.u.dentry = dentry->d_sb->s_root;
return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);
}
unsigned flags)
{
struct common_audit_data ad;
unsigned flags)
{
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct inode_security_struct *isec = inode->i_security;
int rc;
ad.type = LSM_AUDIT_DATA_INODE;
struct inode_security_struct *isec = inode->i_security;
int rc;
ad.type = LSM_AUDIT_DATA_INODE;
- ad.selinux_audit_data = &sad;
ad.u.inode = inode;
rc = slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms,
ad.u.inode = inode;
rc = slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms,
struct inode_security_struct *isec = inode->i_security;
struct superblock_security_struct *sbsec;
struct common_audit_data ad;
struct inode_security_struct *isec = inode->i_security;
struct superblock_security_struct *sbsec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 newsid, sid = current_sid();
int rc = 0;
u32 newsid, sid = current_sid();
int rc = 0;
return -EPERM;
ad.type = LSM_AUDIT_DATA_DENTRY;
return -EPERM;
ad.type = LSM_AUDIT_DATA_DENTRY;
- ad.selinux_audit_data = &sad;
ad.u.dentry = dentry;
rc = avc_has_perm(sid, isec->sid, isec->sclass,
ad.u.dentry = dentry;
rc = avc_has_perm(sid, isec->sid, isec->sclass,
{
u32 sid;
struct common_audit_data ad;
{
u32 sid;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
sid = task_sid(current);
ad.type = LSM_AUDIT_DATA_KMOD;
sid = task_sid(current);
ad.type = LSM_AUDIT_DATA_KMOD;
- ad.selinux_audit_data = &sad;
ad.u.kmod_name = kmod_name;
return avc_has_perm(sid, SECINITSID_KERNEL, SECCLASS_SYSTEM,
ad.u.kmod_name = kmod_name;
return avc_has_perm(sid, SECINITSID_KERNEL, SECCLASS_SYSTEM,
{
struct sk_security_struct *sksec = sk->sk_security;
struct common_audit_data ad;
{
struct sk_security_struct *sksec = sk->sk_security;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
u32 tsid = task_sid(task);
struct lsm_network_audit net = {0,};
u32 tsid = task_sid(task);
return 0;
ad.type = LSM_AUDIT_DATA_NET;
return 0;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sk = sk;
ad.u.net = &net;
ad.u.net->sk = sk;
char *addrp;
struct sk_security_struct *sksec = sk->sk_security;
struct common_audit_data ad;
char *addrp;
struct sk_security_struct *sksec = sk->sk_security;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
struct sockaddr_in *addr4 = NULL;
struct sockaddr_in6 *addr6 = NULL;
struct lsm_network_audit net = {0,};
struct sockaddr_in *addr4 = NULL;
struct sockaddr_in6 *addr6 = NULL;
if (err)
goto out;
ad.type = LSM_AUDIT_DATA_NET;
if (err)
goto out;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sport = htons(snum);
ad.u.net->family = family;
ad.u.net = &net;
ad.u.net->sport = htons(snum);
ad.u.net->family = family;
goto out;
ad.type = LSM_AUDIT_DATA_NET;
goto out;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sport = htons(snum);
ad.u.net->family = family;
ad.u.net = &net;
ad.u.net->sport = htons(snum);
ad.u.net->family = family;
if (sksec->sclass == SECCLASS_TCP_SOCKET ||
sksec->sclass == SECCLASS_DCCP_SOCKET) {
struct common_audit_data ad;
if (sksec->sclass == SECCLASS_TCP_SOCKET ||
sksec->sclass == SECCLASS_DCCP_SOCKET) {
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
struct sockaddr_in *addr4 = NULL;
struct sockaddr_in6 *addr6 = NULL;
struct lsm_network_audit net = {0,};
struct sockaddr_in *addr4 = NULL;
struct sockaddr_in6 *addr6 = NULL;
TCP_SOCKET__NAME_CONNECT : DCCP_SOCKET__NAME_CONNECT;
ad.type = LSM_AUDIT_DATA_NET;
TCP_SOCKET__NAME_CONNECT : DCCP_SOCKET__NAME_CONNECT;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->dport = htons(snum);
ad.u.net->family = sk->sk_family;
ad.u.net = &net;
ad.u.net->dport = htons(snum);
ad.u.net->family = sk->sk_family;
struct sk_security_struct *sksec_other = other->sk_security;
struct sk_security_struct *sksec_new = newsk->sk_security;
struct common_audit_data ad;
struct sk_security_struct *sksec_other = other->sk_security;
struct sk_security_struct *sksec_new = newsk->sk_security;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
int err;
ad.type = LSM_AUDIT_DATA_NET;
struct lsm_network_audit net = {0,};
int err;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sk = other;
ad.u.net = &net;
ad.u.net->sk = other;
struct sk_security_struct *ssec = sock->sk->sk_security;
struct sk_security_struct *osec = other->sk->sk_security;
struct common_audit_data ad;
struct sk_security_struct *ssec = sock->sk->sk_security;
struct sk_security_struct *osec = other->sk->sk_security;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
ad.type = LSM_AUDIT_DATA_NET;
struct lsm_network_audit net = {0,};
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->sk = other->sk;
ad.u.net = &net;
ad.u.net->sk = other->sk;
struct sk_security_struct *sksec = sk->sk_security;
u32 sk_sid = sksec->sid;
struct common_audit_data ad;
struct sk_security_struct *sksec = sk->sk_security;
u32 sk_sid = sksec->sid;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
char *addrp;
ad.type = LSM_AUDIT_DATA_NET;
struct lsm_network_audit net = {0,};
char *addrp;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
ad.u.net->family = family;
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
ad.u.net->family = family;
u16 family = sk->sk_family;
u32 sk_sid = sksec->sid;
struct common_audit_data ad;
u16 family = sk->sk_family;
u32 sk_sid = sksec->sid;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
char *addrp;
u8 secmark_active;
struct lsm_network_audit net = {0,};
char *addrp;
u8 secmark_active;
return 0;
ad.type = LSM_AUDIT_DATA_NET;
return 0;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
ad.u.net->family = family;
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
ad.u.net->family = family;
char *addrp;
u32 peer_sid;
struct common_audit_data ad;
char *addrp;
u32 peer_sid;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
u8 secmark_active;
u8 netlbl_active;
struct lsm_network_audit net = {0,};
u8 secmark_active;
u8 netlbl_active;
return NF_DROP;
ad.type = LSM_AUDIT_DATA_NET;
return NF_DROP;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
struct sock *sk = skb->sk;
struct sk_security_struct *sksec;
struct common_audit_data ad;
struct sock *sk = skb->sk;
struct sk_security_struct *sksec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
char *addrp;
u8 proto;
struct lsm_network_audit net = {0,};
char *addrp;
u8 proto;
sksec = sk->sk_security;
ad.type = LSM_AUDIT_DATA_NET;
sksec = sk->sk_security;
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
u32 peer_sid;
struct sock *sk;
struct common_audit_data ad;
u32 peer_sid;
struct sock *sk;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
struct lsm_network_audit net = {0,};
char *addrp;
u8 secmark_active;
struct lsm_network_audit net = {0,};
char *addrp;
u8 secmark_active;
}
ad.type = LSM_AUDIT_DATA_NET;
}
ad.type = LSM_AUDIT_DATA_NET;
- ad.selinux_audit_data = &sad;
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
isec = ipc_perms->security;
ad.type = LSM_AUDIT_DATA_IPC;
u32 sid = current_sid();
isec = ipc_perms->security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = ipc_perms->key;
return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad);
ad.u.ipc_id = ipc_perms->key;
return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad);
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
int rc;
u32 sid = current_sid();
int rc;
isec = msq->q_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
isec = msq->q_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ,
ad.u.ipc_id = msq->q_perm.key;
rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ,
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
isec = msq->q_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
u32 sid = current_sid();
isec = msq->q_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ,
ad.u.ipc_id = msq->q_perm.key;
return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ,
struct ipc_security_struct *isec;
struct msg_security_struct *msec;
struct common_audit_data ad;
struct ipc_security_struct *isec;
struct msg_security_struct *msec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
int rc;
u32 sid = current_sid();
int rc;
}
ad.type = LSM_AUDIT_DATA_IPC;
}
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
/* Can this process write to the queue? */
ad.u.ipc_id = msq->q_perm.key;
/* Can this process write to the queue? */
struct ipc_security_struct *isec;
struct msg_security_struct *msec;
struct common_audit_data ad;
struct ipc_security_struct *isec;
struct msg_security_struct *msec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = task_sid(target);
int rc;
u32 sid = task_sid(target);
int rc;
msec = msg->security;
ad.type = LSM_AUDIT_DATA_IPC;
msec = msg->security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = msq->q_perm.key;
rc = avc_has_perm(sid, isec->sid,
ad.u.ipc_id = msq->q_perm.key;
rc = avc_has_perm(sid, isec->sid,
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
int rc;
u32 sid = current_sid();
int rc;
isec = shp->shm_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
isec = shp->shm_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = shp->shm_perm.key;
rc = avc_has_perm(sid, isec->sid, SECCLASS_SHM,
ad.u.ipc_id = shp->shm_perm.key;
rc = avc_has_perm(sid, isec->sid, SECCLASS_SHM,
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
isec = shp->shm_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
u32 sid = current_sid();
isec = shp->shm_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = shp->shm_perm.key;
return avc_has_perm(sid, isec->sid, SECCLASS_SHM,
ad.u.ipc_id = shp->shm_perm.key;
return avc_has_perm(sid, isec->sid, SECCLASS_SHM,
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
int rc;
u32 sid = current_sid();
int rc;
isec = sma->sem_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
isec = sma->sem_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = sma->sem_perm.key;
rc = avc_has_perm(sid, isec->sid, SECCLASS_SEM,
ad.u.ipc_id = sma->sem_perm.key;
rc = avc_has_perm(sid, isec->sid, SECCLASS_SEM,
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
{
struct ipc_security_struct *isec;
struct common_audit_data ad;
- struct selinux_audit_data sad = {0,};
u32 sid = current_sid();
isec = sma->sem_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
u32 sid = current_sid();
isec = sma->sem_perm.security;
ad.type = LSM_AUDIT_DATA_IPC;
- ad.selinux_audit_data = &sad;
ad.u.ipc_id = sma->sem_perm.key;
return avc_has_perm(sid, isec->sid, SECCLASS_SEM,
ad.u.ipc_id = sma->sem_perm.key;
return avc_has_perm(sid, isec->sid, SECCLASS_SEM,
/*
* We only need this data after we have decided to send an audit message.
*/
/*
* We only need this data after we have decided to send an audit message.
*/
-struct selinux_late_audit_data {
+struct selinux_audit_data {
u32 ssid;
u32 tsid;
u16 tclass;
u32 ssid;
u32 tsid;
u16 tclass;
-/*
- * We collect this at the beginning or during an selinux security operation
- */
-struct selinux_audit_data {
- struct selinux_late_audit_data *slad;
-};
-