Audit: collect sessionid in netlink messages

[pandora-kernel.git] / include / net / xfrm.h

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index baa9f37..d1350bc 100644 (file)
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -597,8 +597,9 @@ struct xfrm_spi_skb_cb {
 /* Audit Information */
 struct xfrm_audit
 {
-       u32     loginuid;
        u32     secid;
+       uid_t   loginuid;
+       u32     sessionid;
 };
 
 #ifdef CONFIG_AUDITSYSCALL
@@ -616,13 +617,13 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op)
        return audit_buf;
 }
 
-static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid,
+static inline void xfrm_audit_helper_usrinfo(uid_t auid, u32 ses, u32 secid,
                                             struct audit_buffer *audit_buf)
 {
        char *secctx;
        u32 secctx_len;
 
-       audit_log_format(audit_buf, " auid=%u", auid);
+       audit_log_format(audit_buf, " auid=%u ses=%u", auid, ses);
        if (secid != 0 &&
            security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) {
                audit_log_format(audit_buf, " subj=%s", secctx);
@@ -632,13 +633,13 @@ static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid,
 }
 
 extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
-                                 u32 auid, u32 secid);
+                                 u32 auid, u32 ses, u32 secid);
 extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
-                                 u32 auid, u32 secid);
+                                 u32 auid, u32 ses, u32 secid);
 extern void xfrm_audit_state_add(struct xfrm_state *x, int result,
-                                u32 auid, u32 secid);
+                                u32 auid, u32 ses, u32 secid);
 extern void xfrm_audit_state_delete(struct xfrm_state *x, int result,
-                                   u32 auid, u32 secid);
+                                   u32 auid, u32 ses, u32 secid);
 extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
                                             struct sk_buff *skb);
 extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family);
@@ -647,10 +648,10 @@ extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family,
 extern void xfrm_audit_state_icvfail(struct xfrm_state *x,
                                     struct sk_buff *skb, u8 proto);
 #else
-#define xfrm_audit_policy_add(x, r, a, s)      do { ; } while (0)
-#define xfrm_audit_policy_delete(x, r, a, s)   do { ; } while (0)
-#define xfrm_audit_state_add(x, r, a, s)       do { ; } while (0)
-#define xfrm_audit_state_delete(x, r, a, s)    do { ; } while (0)
+#define xfrm_audit_policy_add(x, r, a, se, s)  do { ; } while (0)
+#define xfrm_audit_policy_delete(x, r, a, se, s)       do { ; } while (0)
+#define xfrm_audit_state_add(x, r, a, se, s)   do { ; } while (0)
+#define xfrm_audit_state_delete(x, r, a, se, s)        do { ; } while (0)
 #define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0)
 #define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0)
 #define xfrm_audit_state_notfound(s, f, sp, sq)        do { ; } while (0)