+static inline struct audit_buffer *xfrm_audit_start(const char *op)
+{
+ struct audit_buffer *audit_buf = NULL;
+
+ if (audit_enabled == 0)
+ return NULL;
+ audit_buf = audit_log_start(current->audit_context, GFP_ATOMIC,
+ AUDIT_MAC_IPSEC_EVENT);
+ if (audit_buf == NULL)
+ return NULL;
+ audit_log_format(audit_buf, "op=%s", op);
+ return audit_buf;
+}
+
+static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid,
+ struct audit_buffer *audit_buf)
+{
+ char *secctx;
+ u32 secctx_len;
+
+ audit_log_format(audit_buf, " auid=%u", auid);
+ if (secid != 0 &&
+ security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) {
+ audit_log_format(audit_buf, " subj=%s", secctx);
+ security_release_secctx(secctx, secctx_len);
+ } else
+ audit_log_task_context(audit_buf);
+}
+
+extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
+ u32 auid, u32 secid);
+extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
+ u32 auid, u32 secid);
+extern void xfrm_audit_state_add(struct xfrm_state *x, int result,
+ u32 auid, u32 secid);
+extern void xfrm_audit_state_delete(struct xfrm_state *x, int result,
+ u32 auid, u32 secid);
+extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
+ struct sk_buff *skb);
+extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family);
+extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family,
+ __be32 net_spi, __be32 net_seq);
+extern void xfrm_audit_state_icvfail(struct xfrm_state *x,
+ struct sk_buff *skb, u8 proto);