/*
 * AppArmor security module
 *
 * This file contains AppArmor auditing function definitions.
 *
 * Copyright (C) 1998-2008 Novell/SUSE
 * Copyright 2009-2010 Canonical Ltd.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation, version 2 of the
 * License.
 */

#ifndef __AA_AUDIT_H
#define __AA_AUDIT_H

#include <linux/audit.h>
#include <linux/fs.h>
#include <linux/lsm_audit.h>
#include <linux/sched.h>
#include <linux/slab.h>

#include "file.h"

struct aa_profile;

extern const char *const audit_mode_names[];
#define AUDIT_MAX_INDEX 5
enum audit_mode {
        AUDIT_NORMAL,           /* follow normal auditing of accesses */
        AUDIT_QUIET_DENIED,     /* quiet all denied access messages */
        AUDIT_QUIET,            /* quiet all messages */
        AUDIT_NOQUIET,          /* do not quiet audit messages */
        AUDIT_ALL               /* audit all accesses */
};

enum audit_type {
        AUDIT_APPARMOR_AUDIT,
        AUDIT_APPARMOR_ALLOWED,
        AUDIT_APPARMOR_DENIED,
        AUDIT_APPARMOR_HINT,
        AUDIT_APPARMOR_STATUS,
        AUDIT_APPARMOR_ERROR,
        AUDIT_APPARMOR_KILL,
        AUDIT_APPARMOR_AUTO
};

extern const char *const op_table[];
enum aa_ops {
        OP_NULL,

        OP_SYSCTL,
        OP_CAPABLE,

        OP_UNLINK,
        OP_MKDIR,
        OP_RMDIR,
        OP_MKNOD,
        OP_TRUNC,
        OP_LINK,
        OP_SYMLINK,
        OP_RENAME_SRC,
        OP_RENAME_DEST,
        OP_CHMOD,
        OP_CHOWN,
        OP_GETATTR,
        OP_OPEN,

        OP_FPERM,
        OP_FLOCK,
        OP_FMMAP,
        OP_FMPROT,

        OP_CREATE,
        OP_POST_CREATE,
        OP_BIND,
        OP_CONNECT,
        OP_LISTEN,
        OP_ACCEPT,
        OP_SENDMSG,
        OP_RECVMSG,
        OP_GETSOCKNAME,
        OP_GETPEERNAME,
        OP_GETSOCKOPT,
        OP_SETSOCKOPT,
        OP_SOCK_SHUTDOWN,

        OP_PTRACE,

        OP_EXEC,
        OP_CHANGE_HAT,
        OP_CHANGE_PROFILE,
        OP_CHANGE_ONEXEC,

        OP_SETPROCATTR,
        OP_SETRLIMIT,

        OP_PROF_REPL,
        OP_PROF_LOAD,
        OP_PROF_RM,
};


struct apparmor_audit_data {
        int error;
        int op;
        int type;
        void *profile;
        const char *name;
        const char *info;
        struct task_struct *tsk;
        union {
                void *target;
                struct {
                        long pos;
                        void *target;
                } iface;
                struct {
                        int rlim;
                        unsigned long max;
                } rlim;
                struct {
                        const char *target;
                        u32 request;
                        u32 denied;
                        kuid_t ouid;
                } fs;
        };
};

/* define a short hand for apparmor_audit_data structure */
#define aad apparmor_audit_data

void aa_audit_msg(int type, struct common_audit_data *sa,
                  void (*cb) (struct audit_buffer *, void *));
int aa_audit(int type, struct aa_profile *profile, gfp_t gfp,
             struct common_audit_data *sa,
             void (*cb) (struct audit_buffer *, void *));

static inline int complain_error(int error)
{
        if (error == -EPERM || error == -EACCES)
                return 0;
        return error;
}

#endif /* __AA_AUDIT_H */