diff options
| author | Dustin Kirkland <[email protected]> | 2005-11-03 16:12:36 +0000 |
|---|---|---|
| committer | Al Viro <[email protected]> | 2006-03-20 19:08:54 +0000 |
| commit | c8edc80c8b8c397c53f4f659a05b9ea6208029bf (patch) | |
| tree | 0b09c0ff9ea28038b711d7368100302a1cc69b6d /security/selinux/hooks.c | |
| parent | [PATCH] Collect more inode information during syscall processing. (diff) | |
| download | kernel-c8edc80c8b8c397c53f4f659a05b9ea6208029bf.tar.gz kernel-c8edc80c8b8c397c53f4f659a05b9ea6208029bf.zip | |
[PATCH] Exclude messages by message type
- Add a new, 5th filter called "exclude".
- And add a new field AUDIT_MSGTYPE.
- Define a new function audit_filter_exclude() that takes a message type
as input and examines all rules in the filter. It returns '1' if the
message is to be excluded, and '0' otherwise.
- Call the audit_filter_exclude() function near the top of
audit_log_start() just after asserting audit_initialized. If the
message type is not to be audited, return NULL very early, before
doing a lot of work.
[combined with followup fix for bug in original patch, Nov 4, same author]
[combined with later renaming AUDIT_FILTER_EXCLUDE->AUDIT_FILTER_TYPE
and audit_filter_exclude() -> audit_filter_type()]
Signed-off-by: Dustin Kirkland <[email protected]>
Signed-off-by: David Woodhouse <[email protected]>
Signed-off-by: Al Viro <[email protected]>
Diffstat (limited to 'security/selinux/hooks.c')
0 files changed, 0 insertions, 0 deletions