summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2012-01-03 14:23:05 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2012-01-17 16:16:54 -0500
commit5ef30ee53b187786e64bdc1f8109e39d17f2ce58 (patch)
tree05c5f2aebedfdaf1dc81afa0a50271a1a581a069
parent9fc5c3e3237e02a94f41cd1d2b4291593d29791d (diff)
downloadlwn-5ef30ee53b187786e64bdc1f8109e39d17f2ce58.tar.gz
lwn-5ef30ee53b187786e64bdc1f8109e39d17f2ce58.zip
audit: make filetype matching consistent with other filters
Every other filter that matches part of the inodes list collected by audit will match against any of the inodes on that list. The filetype matching however had a strange way of doing things. It allowed userspace to indicated if it should match on the first of the second name collected by the kernel. Name collection ordering seems like a kernel internal and making userspace rules get that right just seems like a bad idea. As it turns out the userspace audit writers had no idea it was doing this and thus never overloaded the value field. The kernel always checked the first name collected which for the tested rules was always correct. This patch just makes the filetype matching like the major, minor, inode, and LSM rules in that it will match against any of the names collected. It also changes the rule validation to reject the old unused rule types. Noone knew it was there. Noone used it. Why keep around the extra code? Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r--kernel/auditfilter.c4
-rw-r--r--kernel/auditsc.c19
2 files changed, 11 insertions, 12 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index f8277c80d678..d94dde82c3c8 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -385,7 +385,7 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
goto exit_free;
break;
case AUDIT_FILETYPE:
- if ((f->val & ~S_IFMT) > S_IFMT)
+ if (f->val & ~S_IFMT)
goto exit_free;
break;
case AUDIT_INODE:
@@ -536,7 +536,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
goto exit_free;
break;
case AUDIT_FILETYPE:
- if ((f->val & ~S_IFMT) > S_IFMT)
+ if (f->val & ~S_IFMT)
goto exit_free;
break;
default:
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index e7fe2b0d29b3..a09c50317059 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -305,21 +305,20 @@ static int audit_match_perm(struct audit_context *ctx, int mask)
}
}
-static int audit_match_filetype(struct audit_context *ctx, int which)
+static int audit_match_filetype(struct audit_context *ctx, int val)
{
- unsigned index = which & ~S_IFMT;
- umode_t mode = which & S_IFMT;
+ int index;
+ umode_t mode = (umode_t)val;
if (unlikely(!ctx))
return 0;
- if (index >= ctx->name_count)
- return 0;
- if (ctx->names[index].ino == -1)
- return 0;
- if ((ctx->names[index].mode ^ mode) & S_IFMT)
- return 0;
- return 1;
+ for (index = 0; index < ctx->name_count; index++) {
+ if ((ctx->names[index].ino != -1) &&
+ ((ctx->names[index].mode & S_IFMT) == mode))
+ return 1;
+ }
+ return 0;
}
/*