[RFC][PATCH] (#6) filesystem auditing
David Woodhouse
dwmw2 at infradead.org
Thu Mar 17 13:54:06 UTC 2005
On Mon, 2005-03-14 at 17:14 -0600, Timothy R. Chavez wrote:
> @@ -150,6 +186,7 @@ extern void audit_get_stamp(struct audit
> struct timespec *t, int *serial);
> extern int audit_set_loginuid(struct audit_context *ctx, uid_t loginuid);
> extern uid_t audit_get_loginuid(struct audit_context *ctx);
> +extern int audit_notify_watch(struct inode *inode, int mask);
> #else
> #define audit_alloc(t) ({ 0; })
> #define audit_free(t) do { ; } while (0)
You add a real declaration of audit_notify_watch() if
CONFIG_AUDITSYSCALL...
> @@ -161,6 +198,26 @@ extern uid_t audit_get_loginuid(struct a
> #define audit_get_loginuid(c) ({ -1; })
> #endif
>
> +#ifdef CONFIG_AUDITFILESYSTEM
> +extern int audit_receive_watch(int type, int pid, int uid, int seq,
> + struct audit_watch *req);
> +extern int audit_filesystem_init(void);
> +extern void audit_inode_alloc(struct inode *inode);
> +extern void audit_inode_free(struct inode *inode);
> +extern void audit_watch(struct dentry *dentry, int remove);
> +extern void audit_wentry_put(struct audit_wentry *wentry);
> +extern struct audit_wentry *audit_wentry_get(struct audit_wentry *wentry);
> +#else
> +#define audit_receive_watch(t,p,u,s,r) ({ -EOPNOTSUPP; })
> +#define audit_filesystem_init() ({ 0; })
> +#define audit_inode_alloc(i) do { ; } while(0)
> +#define audit_inode_free(i) do { ; } while(0)
> +#define audit_watch(d,r) do { ; } while (0)
> +#define audit_wentry_put(w) do { ; } while(0)
> +#define audit_wentry_get(w) ({ 0; })
> +#define audit_notify_watch(i,m) ({ 0; })
> +#endif
> +
... and the dummy macro if !CONFIG_AUDITFILESYSTEM. I'd already pointed
out that you provide the _implementation_ when CONFIG_AUDITSYSCALL is
set, not just when CONFIG_AUDITFILESYSTEM is set, but this is separate.
--
dwmw2
More information about the Linux-audit
mailing list