lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[PATCH] new predicate - AUDIT_FILETYPE

Browse Source 
Argument is S_IF... | <index>, where index is normally 0 or 1.
Triggers if chosen element of ctx->names[] is present and the
mode of object in question matches the upper bits of argument.
I.e. for things like "is the argument of that chmod a directory",
etc.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro
2008-04-28 04:15:49 -04:00
parent 4a761b8c1d
commit 8b67dca942
3 changed files with 25 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
kernel/auditfilter.c
View File

@@ -478,6 +478,10 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
if (f->val & ~15)
goto exit_free;
break;
case AUDIT_FILETYPE:
if ((f->val & ~S_IFMT) > S_IFMT)
goto exit_free;
break;
case AUDIT_INODE:
err = audit_to_inode(&entry->rule, f);
if (err)
@@ -649,6 +653,10 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
if (f->val & ~15)
goto exit_free;
break;
case AUDIT_FILETYPE:
if ((f->val & ~S_IFMT) > S_IFMT)
goto exit_free;
break;
default:
goto exit_free;
}