0001
0002
0003
0004
0005
0006 #undef TRACE_SYSTEM
0007 #define TRACE_SYSTEM avc
0008
0009 #if !defined(_TRACE_SELINUX_H) || defined(TRACE_HEADER_MULTI_READ)
0010 #define _TRACE_SELINUX_H
0011
0012 #include <linux/tracepoint.h>
0013
0014 TRACE_EVENT(selinux_audited,
0015
0016 TP_PROTO(struct selinux_audit_data *sad,
0017 char *scontext,
0018 char *tcontext,
0019 const char *tclass
0020 ),
0021
0022 TP_ARGS(sad, scontext, tcontext, tclass),
0023
0024 TP_STRUCT__entry(
0025 __field(u32, requested)
0026 __field(u32, denied)
0027 __field(u32, audited)
0028 __field(int, result)
0029 __string(scontext, scontext)
0030 __string(tcontext, tcontext)
0031 __string(tclass, tclass)
0032 ),
0033
0034 TP_fast_assign(
0035 __entry->requested = sad->requested;
0036 __entry->denied = sad->denied;
0037 __entry->audited = sad->audited;
0038 __entry->result = sad->result;
0039 __assign_str(tcontext, tcontext);
0040 __assign_str(scontext, scontext);
0041 __assign_str(tclass, tclass);
0042 ),
0043
0044 TP_printk("requested=0x%x denied=0x%x audited=0x%x result=%d scontext=%s tcontext=%s tclass=%s",
0045 __entry->requested, __entry->denied, __entry->audited, __entry->result,
0046 __get_str(scontext), __get_str(tcontext), __get_str(tclass)
0047 )
0048 );
0049
0050 #endif
0051
0052
0053 #include <trace/define_trace.h>
