diff options
author | Ahmed S. Darwish <darwish.07@gmail.com> | 2008-03-01 22:01:11 +0200 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-04-19 09:52:37 +1000 |
commit | d7a96f3a1ae279a2129653d6cb18d722f2f00f91 (patch) | |
tree | fc38736f303133f80912f1640f2d4fac0027fe04 /kernel/audit.c | |
parent | 03d37d25e0f91b28c4b6d002be6221f1af4b19d8 (diff) | |
download | lwn-d7a96f3a1ae279a2129653d6cb18d722f2f00f91.tar.gz lwn-d7a96f3a1ae279a2129653d6cb18d722f2f00f91.zip |
Audit: internally use the new LSM audit hooks
Convert Audit to use the new LSM Audit hooks instead of
the exported SELinux interface.
Basically, use:
security_audit_rule_init
secuirty_audit_rule_free
security_audit_rule_known
security_audit_rule_match
instad of (respectively) :
selinux_audit_rule_init
selinux_audit_rule_free
audit_rule_has_selinux
selinux_audit_rule_match
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/audit.c')
-rw-r--r-- | kernel/audit.c | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 784a48e9f382..a7b16086d36f 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -21,7 +21,7 @@ * * Written by Rickard E. (Rik) Faith <faith@redhat.com> * - * Goals: 1) Integrate fully with SELinux. + * Goals: 1) Integrate fully with Security Modules. * 2) Minimal run-time overhead: * a) Minimal when syscall auditing is disabled (audit_enable=0). * b) Small when syscall auditing is enabled and no audit record @@ -55,7 +55,6 @@ #include <net/netlink.h> #include <linux/skbuff.h> #include <linux/netlink.h> -#include <linux/selinux.h> #include <linux/inotify.h> #include <linux/freezer.h> #include <linux/tty.h> @@ -882,10 +881,6 @@ static int __init audit_init(void) audit_enabled = audit_default; audit_ever_enabled |= !!audit_default; - /* Register the callback with selinux. This callback will be invoked - * when a new policy is loaded. */ - selinux_audit_set_callback(&selinux_audit_rule_update); - audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized"); #ifdef CONFIG_AUDITSYSCALL |