summaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2009-02-11 11:12:28 -0500
committerJames Morris <jmorris@namei.org>2009-02-12 09:40:14 +1100
commit523979adfa0b79d4e3aa053220c37a9233294206 (patch)
tree15ff42f935f9d443220edb118f3980432f924360 /include/linux
parented850a52af971528b048812c4215cef298af0d3b (diff)
downloadlinux-523979adfa0b79d4e3aa053220c37a9233294206.tar.gz
linux-523979adfa0b79d4e3aa053220c37a9233294206.tar.bz2
linux-523979adfa0b79d4e3aa053220c37a9233294206.zip
integrity: audit update
Based on discussions on linux-audit, as per Steve Grubb's request http://lkml.org/lkml/2009/2/6/269, the following changes were made: - forced audit result to be either 0 or 1. - made template names const - Added new stand-alone message type: AUDIT_INTEGRITY_RULE Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/audit.h4
1 files changed, 3 insertions, 1 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 930939abfbc6..4fa2810b675e 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -36,7 +36,8 @@
* 1500 - 1599 kernel LSPP events
* 1600 - 1699 kernel crypto events
* 1700 - 1799 kernel anomaly records
- * 1800 - 1999 future kernel use (maybe integrity labels and related events)
+ * 1800 - 1899 kernel integrity events
+ * 1900 - 1999 future kernel use
* 2000 is for otherwise unclassified kernel audit messages (legacy)
* 2001 - 2099 unused (kernel)
* 2100 - 2199 user space anomaly records
@@ -130,6 +131,7 @@
#define AUDIT_INTEGRITY_STATUS 1802 /* Integrity enable status */
#define AUDIT_INTEGRITY_HASH 1803 /* Integrity HASH type */
#define AUDIT_INTEGRITY_PCR 1804 /* PCR invalidation msgs */
+#define AUDIT_INTEGRITY_RULE 1805 /* policy rule */
#define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */