1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/* audit.h -- Auditing support
3 *
4 * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
5 * All Rights Reserved.
6 *
7 * Written by Rickard E. (Rik) Faith <faith@redhat.com>
8 */
9#ifndef _LINUX_AUDIT_H_
10#define _LINUX_AUDIT_H_
11
12#include <linux/sched.h>
13#include <linux/ptrace.h>
14#include <linux/audit_arch.h>
15#include <uapi/linux/audit.h>
16#include <uapi/linux/netfilter/nf_tables.h>
17
18#define AUDIT_INO_UNSET ((unsigned long)-1)
19#define AUDIT_DEV_UNSET ((dev_t)-1)
20
21struct audit_sig_info {
22 uid_t uid;
23 pid_t pid;
24 char ctx[];
25};
26
27struct audit_buffer;
28struct audit_context;
29struct inode;
30struct netlink_skb_parms;
31struct path;
32struct linux_binprm;
33struct mq_attr;
34struct mqstat;
35struct audit_watch;
36struct audit_tree;
37struct sk_buff;
38
39struct audit_krule {
40 u32 pflags;
41 u32 flags;
42 u32 listnr;
43 u32 action;
44 u32 mask[AUDIT_BITMASK_SIZE];
45 u32 buflen; /* for data alloc on list rules */
46 u32 field_count;
47 char *filterkey; /* ties events to rules */
48 struct audit_field *fields;
49 struct audit_field *arch_f; /* quick access to arch field */
50 struct audit_field *inode_f; /* quick access to an inode field */
51 struct audit_watch *watch; /* associated watch */
52 struct audit_tree *tree; /* associated watched tree */
53 struct audit_fsnotify_mark *exe;
54 struct list_head rlist; /* entry in audit_{watch,tree}.rules list */
55 struct list_head list; /* for AUDIT_LIST* purposes only */
56 u64 prio;
57};
58
59/* Flag to indicate legacy AUDIT_LOGINUID unset usage */
60#define AUDIT_LOGINUID_LEGACY 0x1
61
62struct audit_field {
63 u32 type;
64 union {
65 u32 val;
66 kuid_t uid;
67 kgid_t gid;
68 struct {
69 char *lsm_str;
70 void *lsm_rule;
71 };
72 };
73 u32 op;
74};
75
76enum audit_ntp_type {
77 AUDIT_NTP_OFFSET,
78 AUDIT_NTP_FREQ,
79 AUDIT_NTP_STATUS,
80 AUDIT_NTP_TAI,
81 AUDIT_NTP_TICK,
82 AUDIT_NTP_ADJUST,
83
84 AUDIT_NTP_NVALS /* count */
85};
86
87#ifdef CONFIG_AUDITSYSCALL
88struct audit_ntp_val {
89 long long oldval, newval;
90};
91
92struct audit_ntp_data {
93 struct audit_ntp_val vals[AUDIT_NTP_NVALS];
94};
95#else
96struct audit_ntp_data {};
97#endif
98
99enum audit_nfcfgop {
100 AUDIT_XT_OP_REGISTER,
101 AUDIT_XT_OP_REPLACE,
102 AUDIT_XT_OP_UNREGISTER,
103 AUDIT_NFT_OP_TABLE_REGISTER,
104 AUDIT_NFT_OP_TABLE_UNREGISTER,
105 AUDIT_NFT_OP_CHAIN_REGISTER,
106 AUDIT_NFT_OP_CHAIN_UNREGISTER,
107 AUDIT_NFT_OP_RULE_REGISTER,
108 AUDIT_NFT_OP_RULE_UNREGISTER,
109 AUDIT_NFT_OP_SET_REGISTER,
110 AUDIT_NFT_OP_SET_UNREGISTER,
111 AUDIT_NFT_OP_SETELEM_REGISTER,
112 AUDIT_NFT_OP_SETELEM_UNREGISTER,
113 AUDIT_NFT_OP_GEN_REGISTER,
114 AUDIT_NFT_OP_OBJ_REGISTER,
115 AUDIT_NFT_OP_OBJ_UNREGISTER,
116 AUDIT_NFT_OP_OBJ_RESET,
117 AUDIT_NFT_OP_FLOWTABLE_REGISTER,
118 AUDIT_NFT_OP_FLOWTABLE_UNREGISTER,
119 AUDIT_NFT_OP_INVALID,
120};
121
122extern int __init audit_register_class(int class, unsigned *list);
123extern int audit_classify_syscall(int abi, unsigned syscall);
124extern int audit_classify_arch(int arch);
125/* only for compat system calls */
126extern unsigned compat_write_class[];
127extern unsigned compat_read_class[];
128extern unsigned compat_dir_class[];
129extern unsigned compat_chattr_class[];
130extern unsigned compat_signal_class[];
131
132extern int audit_classify_compat_syscall(int abi, unsigned syscall);
133
134/* audit_names->type values */
135#define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */
136#define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */
137#define AUDIT_TYPE_PARENT 2 /* a parent audit record */
138#define AUDIT_TYPE_CHILD_DELETE 3 /* a child being deleted */
139#define AUDIT_TYPE_CHILD_CREATE 4 /* a child being created */
140
141/* maximized args number that audit_socketcall can process */
142#define AUDITSC_ARGS 6
143
144/* bit values for ->signal->audit_tty */
145#define AUDIT_TTY_ENABLE BIT(0)
146#define AUDIT_TTY_LOG_PASSWD BIT(1)
147
148struct filename;
149
150#define AUDIT_OFF 0
151#define AUDIT_ON 1
152#define AUDIT_LOCKED 2
153#ifdef CONFIG_AUDIT
154/* These are defined in audit.c */
155 /* Public API */
156extern __printf(4, 5)
157void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
158 const char *fmt, ...);
159
160extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type);
161extern __printf(2, 3)
162void audit_log_format(struct audit_buffer *ab, const char *fmt, ...);
163extern void audit_log_end(struct audit_buffer *ab);
164extern bool audit_string_contains_control(const char *string,
165 size_t len);
166extern void audit_log_n_hex(struct audit_buffer *ab,
167 const unsigned char *buf,
168 size_t len);
169extern void audit_log_n_string(struct audit_buffer *ab,
170 const char *buf,
171 size_t n);
172extern void audit_log_n_untrustedstring(struct audit_buffer *ab,
173 const char *string,
174 size_t n);
175extern void audit_log_untrustedstring(struct audit_buffer *ab,
176 const char *string);
177extern void audit_log_d_path(struct audit_buffer *ab,
178 const char *prefix,
179 const struct path *path);
180extern void audit_log_key(struct audit_buffer *ab,
181 char *key);
182extern void audit_log_path_denied(int type,
183 const char *operation);
184extern void audit_log_lost(const char *message);
185
186extern int audit_log_task_context(struct audit_buffer *ab);
187extern void audit_log_task_info(struct audit_buffer *ab);
188
189extern int audit_update_lsm_rules(void);
190
191 /* Private API (for audit.c only) */
192extern int audit_rule_change(int type, int seq, void *data, size_t datasz);
193extern int audit_list_rules_send(struct sk_buff *request_skb, int seq);
194
195extern int audit_set_loginuid(kuid_t loginuid);
196
197static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
198{
199 return tsk->loginuid;
200}
201
202static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
203{
204 return tsk->sessionid;
205}
206
207extern u32 audit_enabled;
208
209extern int audit_signal_info(int sig, struct task_struct *t);
210
211#else /* CONFIG_AUDIT */
212static inline __printf(4, 5)
213void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
214 const char *fmt, ...)
215{ }
216static inline struct audit_buffer *audit_log_start(struct audit_context *ctx,
217 gfp_t gfp_mask, int type)
218{
219 return NULL;
220}
221static inline __printf(2, 3)
222void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
223{ }
224static inline void audit_log_end(struct audit_buffer *ab)
225{ }
226static inline void audit_log_n_hex(struct audit_buffer *ab,
227 const unsigned char *buf, size_t len)
228{ }
229static inline void audit_log_n_string(struct audit_buffer *ab,
230 const char *buf, size_t n)
231{ }
232static inline void audit_log_n_untrustedstring(struct audit_buffer *ab,
233 const char *string, size_t n)
234{ }
235static inline void audit_log_untrustedstring(struct audit_buffer *ab,
236 const char *string)
237{ }
238static inline void audit_log_d_path(struct audit_buffer *ab,
239 const char *prefix,
240 const struct path *path)
241{ }
242static inline void audit_log_key(struct audit_buffer *ab, char *key)
243{ }
244static inline void audit_log_path_denied(int type, const char *operation)
245{ }
246static inline int audit_log_task_context(struct audit_buffer *ab)
247{
248 return 0;
249}
250static inline void audit_log_task_info(struct audit_buffer *ab)
251{ }
252
253static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
254{
255 return INVALID_UID;
256}
257
258static inline unsigned int audit_get_sessionid(struct task_struct *tsk)
259{
260 return AUDIT_SID_UNSET;
261}
262
263#define audit_enabled AUDIT_OFF
264
265static inline int audit_signal_info(int sig, struct task_struct *t)
266{
267 return 0;
268}
269
270#endif /* CONFIG_AUDIT */
271
272#ifdef CONFIG_AUDIT_COMPAT_GENERIC
273#define audit_is_compat(arch) (!((arch) & __AUDIT_ARCH_64BIT))
274#else
275#define audit_is_compat(arch) false
276#endif
277
278#define AUDIT_INODE_PARENT 1 /* dentry represents the parent */
279#define AUDIT_INODE_HIDDEN 2 /* audit record should be hidden */
280#define AUDIT_INODE_NOEVAL 4 /* audit record incomplete */
281
282#ifdef CONFIG_AUDITSYSCALL
283#include <asm/syscall.h> /* for syscall_get_arch() */
284
285/* These are defined in auditsc.c */
286 /* Public API */
287extern int audit_alloc(struct task_struct *task);
288extern void __audit_free(struct task_struct *task);
289extern void __audit_uring_entry(u8 op);
290extern void __audit_uring_exit(int success, long code);
291extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1,
292 unsigned long a2, unsigned long a3);
293extern void __audit_syscall_exit(int ret_success, long ret_value);
294extern struct filename *__audit_reusename(const __user char *uptr);
295extern void __audit_getname(struct filename *name);
296extern void __audit_inode(struct filename *name, const struct dentry *dentry,
297 unsigned int flags);
298extern void __audit_file(const struct file *);
299extern void __audit_inode_child(struct inode *parent,
300 const struct dentry *dentry,
301 const unsigned char type);
302extern void audit_seccomp(unsigned long syscall, long signr, int code);
303extern void audit_seccomp_actions_logged(const char *names,
304 const char *old_names, int res);
305extern void __audit_ptrace(struct task_struct *t);
306
307static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
308{
309 task->audit_context = ctx;
310}
311
312static inline struct audit_context *audit_context(void)
313{
314 return current->audit_context;
315}
316
317static inline bool audit_dummy_context(void)
318{
319 void *p = audit_context();
320 return !p || *(int *)p;
321}
322static inline void audit_free(struct task_struct *task)
323{
324 if (unlikely(task->audit_context))
325 __audit_free(task);
326}
327static inline void audit_uring_entry(u8 op)
328{
329 /*
330 * We intentionally check audit_context() before audit_enabled as most
331 * Linux systems (as of ~2021) rely on systemd which forces audit to
332 * be enabled regardless of the user's audit configuration.
333 */
334 if (unlikely(audit_context() && audit_enabled))
335 __audit_uring_entry(op);
336}
337static inline void audit_uring_exit(int success, long code)
338{
339 if (unlikely(audit_context()))
340 __audit_uring_exit(success, code);
341}
342static inline void audit_syscall_entry(int major, unsigned long a0,
343 unsigned long a1, unsigned long a2,
344 unsigned long a3)
345{
346 if (unlikely(audit_context()))
347 __audit_syscall_entry(major, a0, a1, a2, a3);
348}
349static inline void audit_syscall_exit(void *pt_regs)
350{
351 if (unlikely(audit_context())) {
352 int success = is_syscall_success(pt_regs);
353 long return_code = regs_return_value(pt_regs);
354
355 __audit_syscall_exit(success, return_code);
356 }
357}
358static inline struct filename *audit_reusename(const __user char *name)
359{
360 if (unlikely(!audit_dummy_context()))
361 return __audit_reusename(name);
362 return NULL;
363}
364static inline void audit_getname(struct filename *name)
365{
366 if (unlikely(!audit_dummy_context()))
367 __audit_getname(name);
368}
369static inline void audit_inode(struct filename *name,
370 const struct dentry *dentry,
371 unsigned int aflags) {
372 if (unlikely(!audit_dummy_context()))
373 __audit_inode(name, dentry, aflags);
374}
375static inline void audit_file(struct file *file)
376{
377 if (unlikely(!audit_dummy_context()))
378 __audit_file(file);
379}
380static inline void audit_inode_parent_hidden(struct filename *name,
381 const struct dentry *dentry)
382{
383 if (unlikely(!audit_dummy_context()))
384 __audit_inode(name, dentry,
385 AUDIT_INODE_PARENT | AUDIT_INODE_HIDDEN);
386}
387static inline void audit_inode_child(struct inode *parent,
388 const struct dentry *dentry,
389 const unsigned char type) {
390 if (unlikely(!audit_dummy_context()))
391 __audit_inode_child(parent, dentry, type);
392}
393void audit_core_dumps(long signr);
394
395static inline void audit_ptrace(struct task_struct *t)
396{
397 if (unlikely(!audit_dummy_context()))
398 __audit_ptrace(t);
399}
400
401 /* Private API (for audit.c only) */
402extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
403extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
404extern void __audit_bprm(struct linux_binprm *bprm);
405extern int __audit_socketcall(int nargs, unsigned long *args);
406extern int __audit_sockaddr(int len, void *addr);
407extern void __audit_fd_pair(int fd1, int fd2);
408extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
409extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout);
410extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification);
411extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
412extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
413 const struct cred *new,
414 const struct cred *old);
415extern void __audit_log_capset(const struct cred *new, const struct cred *old);
416extern void __audit_mmap_fd(int fd, int flags);
417extern void __audit_openat2_how(struct open_how *how);
418extern void __audit_log_kern_module(char *name);
419extern void __audit_fanotify(unsigned int response);
420extern void __audit_tk_injoffset(struct timespec64 offset);
421extern void __audit_ntp_log(const struct audit_ntp_data *ad);
422extern void __audit_log_nfcfg(const char *name, u8 af, unsigned int nentries,
423 enum audit_nfcfgop op, gfp_t gfp);
424
425static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
426{
427 if (unlikely(!audit_dummy_context()))
428 __audit_ipc_obj(ipcp);
429}
430static inline void audit_fd_pair(int fd1, int fd2)
431{
432 if (unlikely(!audit_dummy_context()))
433 __audit_fd_pair(fd1, fd2);
434}
435static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode)
436{
437 if (unlikely(!audit_dummy_context()))
438 __audit_ipc_set_perm(qbytes, uid, gid, mode);
439}
440static inline void audit_bprm(struct linux_binprm *bprm)
441{
442 if (unlikely(!audit_dummy_context()))
443 __audit_bprm(bprm);
444}
445static inline int audit_socketcall(int nargs, unsigned long *args)
446{
447 if (unlikely(!audit_dummy_context()))
448 return __audit_socketcall(nargs, args);
449 return 0;
450}
451
452static inline int audit_socketcall_compat(int nargs, u32 *args)
453{
454 unsigned long a[AUDITSC_ARGS];
455 int i;
456
457 if (audit_dummy_context())
458 return 0;
459
460 for (i = 0; i < nargs; i++)
461 a[i] = (unsigned long)args[i];
462 return __audit_socketcall(nargs, a);
463}
464
465static inline int audit_sockaddr(int len, void *addr)
466{
467 if (unlikely(!audit_dummy_context()))
468 return __audit_sockaddr(len, addr);
469 return 0;
470}
471static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
472{
473 if (unlikely(!audit_dummy_context()))
474 __audit_mq_open(oflag, mode, attr);
475}
476static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout)
477{
478 if (unlikely(!audit_dummy_context()))
479 __audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout);
480}
481static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
482{
483 if (unlikely(!audit_dummy_context()))
484 __audit_mq_notify(mqdes, notification);
485}
486static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
487{
488 if (unlikely(!audit_dummy_context()))
489 __audit_mq_getsetattr(mqdes, mqstat);
490}
491
492static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
493 const struct cred *new,
494 const struct cred *old)
495{
496 if (unlikely(!audit_dummy_context()))
497 return __audit_log_bprm_fcaps(bprm, new, old);
498 return 0;
499}
500
501static inline void audit_log_capset(const struct cred *new,
502 const struct cred *old)
503{
504 if (unlikely(!audit_dummy_context()))
505 __audit_log_capset(new, old);
506}
507
508static inline void audit_mmap_fd(int fd, int flags)
509{
510 if (unlikely(!audit_dummy_context()))
511 __audit_mmap_fd(fd, flags);
512}
513
514static inline void audit_openat2_how(struct open_how *how)
515{
516 if (unlikely(!audit_dummy_context()))
517 __audit_openat2_how(how);
518}
519
520static inline void audit_log_kern_module(char *name)
521{
522 if (!audit_dummy_context())
523 __audit_log_kern_module(name);
524}
525
526static inline void audit_fanotify(unsigned int response)
527{
528 if (!audit_dummy_context())
529 __audit_fanotify(response);
530}
531
532static inline void audit_tk_injoffset(struct timespec64 offset)
533{
534 /* ignore no-op events */
535 if (offset.tv_sec == 0 && offset.tv_nsec == 0)
536 return;
537
538 if (!audit_dummy_context())
539 __audit_tk_injoffset(offset);
540}
541
542static inline void audit_ntp_init(struct audit_ntp_data *ad)
543{
544 memset(ad, 0, sizeof(*ad));
545}
546
547static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
548 enum audit_ntp_type type, long long val)
549{
550 ad->vals[type].oldval = val;
551}
552
553static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
554 enum audit_ntp_type type, long long val)
555{
556 ad->vals[type].newval = val;
557}
558
559static inline void audit_ntp_log(const struct audit_ntp_data *ad)
560{
561 if (!audit_dummy_context())
562 __audit_ntp_log(ad);
563}
564
565static inline void audit_log_nfcfg(const char *name, u8 af,
566 unsigned int nentries,
567 enum audit_nfcfgop op, gfp_t gfp)
568{
569 if (audit_enabled)
570 __audit_log_nfcfg(name, af, nentries, op, gfp);
571}
572
573extern int audit_n_rules;
574extern int audit_signals;
575#else /* CONFIG_AUDITSYSCALL */
576static inline int audit_alloc(struct task_struct *task)
577{
578 return 0;
579}
580static inline void audit_free(struct task_struct *task)
581{ }
582static inline void audit_uring_entry(u8 op)
583{ }
584static inline void audit_uring_exit(int success, long code)
585{ }
586static inline void audit_syscall_entry(int major, unsigned long a0,
587 unsigned long a1, unsigned long a2,
588 unsigned long a3)
589{ }
590static inline void audit_syscall_exit(void *pt_regs)
591{ }
592static inline bool audit_dummy_context(void)
593{
594 return true;
595}
596static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx)
597{ }
598static inline struct audit_context *audit_context(void)
599{
600 return NULL;
601}
602static inline struct filename *audit_reusename(const __user char *name)
603{
604 return NULL;
605}
606static inline void audit_getname(struct filename *name)
607{ }
608static inline void audit_inode(struct filename *name,
609 const struct dentry *dentry,
610 unsigned int aflags)
611{ }
612static inline void audit_file(struct file *file)
613{
614}
615static inline void audit_inode_parent_hidden(struct filename *name,
616 const struct dentry *dentry)
617{ }
618static inline void audit_inode_child(struct inode *parent,
619 const struct dentry *dentry,
620 const unsigned char type)
621{ }
622static inline void audit_core_dumps(long signr)
623{ }
624static inline void audit_seccomp(unsigned long syscall, long signr, int code)
625{ }
626static inline void audit_seccomp_actions_logged(const char *names,
627 const char *old_names, int res)
628{ }
629static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
630{ }
631static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid,
632 gid_t gid, umode_t mode)
633{ }
634static inline void audit_bprm(struct linux_binprm *bprm)
635{ }
636static inline int audit_socketcall(int nargs, unsigned long *args)
637{
638 return 0;
639}
640
641static inline int audit_socketcall_compat(int nargs, u32 *args)
642{
643 return 0;
644}
645
646static inline void audit_fd_pair(int fd1, int fd2)
647{ }
648static inline int audit_sockaddr(int len, void *addr)
649{
650 return 0;
651}
652static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
653{ }
654static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len,
655 unsigned int msg_prio,
656 const struct timespec64 *abs_timeout)
657{ }
658static inline void audit_mq_notify(mqd_t mqdes,
659 const struct sigevent *notification)
660{ }
661static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
662{ }
663static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
664 const struct cred *new,
665 const struct cred *old)
666{
667 return 0;
668}
669static inline void audit_log_capset(const struct cred *new,
670 const struct cred *old)
671{ }
672static inline void audit_mmap_fd(int fd, int flags)
673{ }
674
675static inline void audit_openat2_how(struct open_how *how)
676{ }
677
678static inline void audit_log_kern_module(char *name)
679{
680}
681
682static inline void audit_fanotify(unsigned int response)
683{ }
684
685static inline void audit_tk_injoffset(struct timespec64 offset)
686{ }
687
688static inline void audit_ntp_init(struct audit_ntp_data *ad)
689{ }
690
691static inline void audit_ntp_set_old(struct audit_ntp_data *ad,
692 enum audit_ntp_type type, long long val)
693{ }
694
695static inline void audit_ntp_set_new(struct audit_ntp_data *ad,
696 enum audit_ntp_type type, long long val)
697{ }
698
699static inline void audit_ntp_log(const struct audit_ntp_data *ad)
700{ }
701
702static inline void audit_ptrace(struct task_struct *t)
703{ }
704
705static inline void audit_log_nfcfg(const char *name, u8 af,
706 unsigned int nentries,
707 enum audit_nfcfgop op, gfp_t gfp)
708{ }
709
710#define audit_n_rules 0
711#define audit_signals 0
712#endif /* CONFIG_AUDITSYSCALL */
713
714static inline bool audit_loginuid_set(struct task_struct *tsk)
715{
716 return uid_valid(audit_get_loginuid(tsk));
717}
718
719#endif
720

source code of linux/include/linux/audit.h