*/ #include <linux/audit.h> #include "include/audit.h" #include "include/context.h" #include "include/resource.h" #include "include/policy.h" /* * Table of rlimit names: we generate it from resource.h. */ #include "rlim_names.h" struct aa_fs_entry aa_fs_entry_rlimit[] = { AA_FS_FILE_STRING("mask", AA_FS_RLIMIT_MASK), { } }; /* audit callback for resource specific fields */ static void audit_cb(struct audit_buffer *ab, void *va) { struct common_audit_data *sa = va; audit_log_format(ab, " rlimit=%s value=%lu", rlim_names[sa->aad->rlim.rlim], sa->aad->rlim.max); } /** * audit_resource - audit setting resource limit * @profile: profile being enforced (NOT NULL)
* This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation, version 2 of the * License. */ #include "include/apparmor.h" #include "include/audit.h" #include "include/context.h" #include "include/net.h" #include "include/policy.h" #include "net_names.h" struct aa_fs_entry aa_fs_entry_network[] = { AA_FS_FILE_STRING("af_mask", AA_FS_AF_MASK), { } }; /* audit callback for net specific fields */ static void audit_cb(struct audit_buffer *ab, void *va) { struct common_audit_data *sa = va; audit_log_format(ab, " family="); if (address_family_names[sa->u.net->family]) { audit_log_string(ab, address_family_names[sa->u.net->family]); } else { audit_log_format(ab, "\"unknown(%d)\"", sa->u.net->family); } audit_log_format(ab, " sock_type=");
#include <linux/errno.h> #include <linux/gfp.h> #include "include/apparmor.h" #include "include/capability.h" #include "include/context.h" #include "include/policy.h" #include "include/audit.h" /* * Table of capability names: we generate it from capabilities.h. */ #include "capability_names.h" struct aa_fs_entry aa_fs_entry_caps[] = { AA_FS_FILE_STRING("mask", AA_FS_CAPS_MASK), { } }; struct audit_cache { struct aa_profile *profile; kernel_cap_t caps; }; static DEFINE_PER_CPU(struct audit_cache, audit_cache); /** * audit_cb - call back for capability components of audit struct * @ab - audit buffer (NOT NULL) * @va - audit struct to audit data from (NOT NULL) */