/*-
- * Copyright (c) 2004-2016 Apple Inc.
+ * Copyright (c) 2004-2019 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
void audit_mach_syscall_enter(unsigned short audit_event);
void audit_mach_syscall_exit(int retval, struct uthread *uthread);
+void audit_subcall_enter(au_event_t event,
+ struct proc *proc, struct uthread *uthread);
+void audit_subcall_exit(int error,
+ struct uthread *uthread);
+
extern struct auditinfo_addr *audit_default_aia_p;
/*
audit_syscall_exit(code, error, proc, uthread); \
} while (0)
+#define AUDIT_SUBCALL_ENTER(event, proc, uthread) do { \
+ if (AUDIT_ENABLED()) \
+ audit_subcall_enter(AUE_ ## event, proc, uthread); \
+} while (0)
+
+#define AUDIT_SUBCALL_EXIT(uthread, error) do { \
+ if (AUDIT_AUDITING(uthread->uu_ar)) \
+ audit_subcall_exit(error, uthread); \
+} while (0)
+
/*
* Wrap the audit_mach_syscall_enter() and audit_mach_syscall_exit()
* functions in a manner similar to other system call enter/exit functions.
#define AUDIT_SYSCALL_EXIT(code, proc, uthread, error) do { \
} while (0)
+#define AUDIT_SUBCALL_ENTER(event, proc, uthread) do { \
+} while (0)
+
+#define AUDIT_SUBCALL_EXIT(uthread, error) do { \
+} while (0)
+
#define AUDIT_MACH_SYSCALL_ENTER(args...) do { \
} while (0)
projects / apple / xnu.git / blobdiff