projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a4ff8db)
audit: reject entry,always rules
authorEric Paris <eparis@redhat.com>
Tue, 3 Jan 2012 19:23:07 +0000 (14:23 -0500)
committerAl Viro <viro@zeniv.linux.org.uk>
Tue, 17 Jan 2012 21:16:58 +0000 (16:16 -0500)
We deprecated entry,always rules a long time ago.  Reject those rules as
invalid.

Signed-off-by: Eric Paris <eparis@redhat.com>
kernel/auditfilter.c patch | blob | blame | history

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index d94dde82c3c8a5663dc6c038b5d10d813cf10abf..903caa269b5c5172d4df23bc559ac7152ff5a9d2 100644 (file)
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -235,13 +235,15 @@ static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule)
        switch(listnr) {
        default:
                goto exit_err;
-       case AUDIT_FILTER_USER:
-       case AUDIT_FILTER_TYPE:
 #ifdef CONFIG_AUDITSYSCALL
        case AUDIT_FILTER_ENTRY:
+               if (rule->action == AUDIT_ALWAYS)
+                       goto exit_err;
        case AUDIT_FILTER_EXIT:
        case AUDIT_FILTER_TASK:
 #endif
+       case AUDIT_FILTER_USER:
+       case AUDIT_FILTER_TYPE:
                ;
        }
        if (unlikely(rule->action == AUDIT_POSSIBLE)) {