fixing audit rule ordering mess, part 1

Problem: ordering between the rules on exit chain is currently lost; all watch and inode rules are listed after everything else _and_ exit,never on one kind doesn't stop exit,always on another from being matched. Solution: assign priorities to rules, keep track of the current highest-priority matching rule and its result (always/never). Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-12-14 23:45:27 -05:00
parent 1a9d0797b8
commit 0590b9335a
4 changed files with 59 additions and 43 deletions
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@ -373,6 +373,7 @@ struct audit_krule {
 	struct audit_watch	*watch;	/* associated watch */
 	struct audit_tree	*tree;	/* associated watched tree */
 	struct list_head	rlist;	/* entry in audit_{watch,tree}.rules list */
+	u64			prio;
 };

 struct audit_field {