summaryrefslogtreecommitdiff
path: root/include/linux/lsm_audit.h
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2012-04-02 15:48:12 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2012-04-03 09:49:59 -0700
commitb61c37f57988567c84359645f8202a7c84bc798a (patch)
treea808c891711d060060a751f4119198dc06e2c847 /include/linux/lsm_audit.h
parent3f0882c48286e7bdb0bbdec9c4bfa934e0db8e09 (diff)
downloadlwn-b61c37f57988567c84359645f8202a7c84bc798a.tar.gz
lwn-b61c37f57988567c84359645f8202a7c84bc798a.zip
lsm_audit: don't specify the audit pre/post callbacks in 'struct common_audit_data'
It just bloats the audit data structure for no good reason, since the only time those fields are filled are just before calling the common_lsm_audit() function, which is also the only user of those fields. So just make them be the arguments to common_lsm_audit(), rather than bloating that structure that is passed around everywhere, and is initialized in hot paths. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include/linux/lsm_audit.h')
-rw-r--r--include/linux/lsm_audit.h7
1 files changed, 3 insertions, 4 deletions
diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h
index d1b073ffec24..fad48aab893b 100644
--- a/include/linux/lsm_audit.h
+++ b/include/linux/lsm_audit.h
@@ -82,9 +82,6 @@ struct common_audit_data {
struct apparmor_audit_data *apparmor_audit_data;
#endif
}; /* per LSM data pointer union */
- /* these callback will be implemented by a specific LSM */
- void (*lsm_pre_audit)(struct audit_buffer *, void *);
- void (*lsm_post_audit)(struct audit_buffer *, void *);
};
#define v4info fam.v4
@@ -101,6 +98,8 @@ int ipv6_skb_to_auditdata(struct sk_buff *skb,
{ memset((_d), 0, sizeof(struct common_audit_data)); \
(_d)->type = LSM_AUDIT_DATA_##_t; }
-void common_lsm_audit(struct common_audit_data *a);
+void common_lsm_audit(struct common_audit_data *a,
+ void (*pre_audit)(struct audit_buffer *, void *),
+ void (*post_audit)(struct audit_buffer *, void *));
#endif