On Mar 7, 2025 Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>
> Refactor audit_log_task_context(), creating a new
> audit_log_subject_context(). This is used in netlabel auditing
> to provide multiple subject security contexts as necessary.
>
> Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
> ---
> include/linux/audit.h | 8 ++++++++
> kernel/audit.c | 21 ++++++++++++++-------
> net/netlabel/netlabel_user.c | 9 +--------
> 3 files changed, 23 insertions(+), 15 deletions(-)
>
> diff --git a/include/linux/audit.h b/include/linux/audit.h
> index 0050ef288ab3..ee3e2ce70c45 100644
> --- a/include/linux/audit.h
> +++ b/include/linux/audit.h
> @@ -37,6 +37,7 @@ struct audit_watch;
> struct audit_tree;
> struct sk_buff;
> struct kern_ipc_perm;
> +struct lsm_prop;
>
> struct audit_krule {
> u32 pflags;
> @@ -185,6 +186,8 @@ extern void audit_log_path_denied(int type,
> const char *operation);
> extern void audit_log_lost(const char *message);
>
> +extern int audit_log_subject_context(struct audit_buffer *ab,
> + struct lsm_prop *blob);
Let's try to keep the typing down, how about "audit_log_subj_ctx()"?
--
paul-moore.com
