aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2008-04-28 04:15:49 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2008-04-28 06:28:37 -0400
commit8b67dca9420474623709e00d72a066068a502b20 (patch)
tree9d4dc19d849dd23cf00cee0851fd402062cdf1ea
parent4a761b8c1d7a3a4ee7ccf92ce255d986f601e067 (diff)
[PATCH] new predicate - AUDIT_FILETYPE
Argument is S_IF... | <index>, where index is normally 0 or 1. Triggers if chosen element of ctx->names[] is present and the mode of object in question matches the upper bits of argument. I.e. for things like "is the argument of that chmod a directory", etc. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--include/linux/audit.h1
-rw-r--r--kernel/auditfilter.c8
-rw-r--r--kernel/auditsc.c16
3 files changed, 25 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index dcd5395b400d..63c3bb98558f 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -209,6 +209,7 @@
209#define AUDIT_WATCH 105 209#define AUDIT_WATCH 105
210#define AUDIT_PERM 106 210#define AUDIT_PERM 106
211#define AUDIT_DIR 107 211#define AUDIT_DIR 107
212#define AUDIT_FILETYPE 108
212 213
213#define AUDIT_ARG0 200 214#define AUDIT_ARG0 200
214#define AUDIT_ARG1 (AUDIT_ARG0+1) 215#define AUDIT_ARG1 (AUDIT_ARG0+1)
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 7c3450d063fe..9435d9392df5 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -478,6 +478,10 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
478 if (f->val & ~15) 478 if (f->val & ~15)
479 goto exit_free; 479 goto exit_free;
480 break; 480 break;
481 case AUDIT_FILETYPE:
482 if ((f->val & ~S_IFMT) > S_IFMT)
483 goto exit_free;
484 break;
481 case AUDIT_INODE: 485 case AUDIT_INODE:
482 err = audit_to_inode(&entry->rule, f); 486 err = audit_to_inode(&entry->rule, f);
483 if (err) 487 if (err)
@@ -649,6 +653,10 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
649 if (f->val & ~15) 653 if (f->val & ~15)
650 goto exit_free; 654 goto exit_free;
651 break; 655 break;
656 case AUDIT_FILETYPE:
657 if ((f->val & ~S_IFMT) > S_IFMT)
658 goto exit_free;
659 break;
652 default: 660 default:
653 goto exit_free; 661 goto exit_free;
654 } 662 }
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 091409996577..c10e7aae04d7 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -280,6 +280,19 @@ static int audit_match_perm(struct audit_context *ctx, int mask)
280 } 280 }
281} 281}
282 282
283static int audit_match_filetype(struct audit_context *ctx, int which)
284{
285 unsigned index = which & ~S_IFMT;
286 mode_t mode = which & S_IFMT;
287 if (index >= ctx->name_count)
288 return 0;
289 if (ctx->names[index].ino == -1)
290 return 0;
291 if ((ctx->names[index].mode ^ mode) & S_IFMT)
292 return 0;
293 return 1;
294}
295
283/* 296/*
284 * We keep a linked list of fixed-sized (31 pointer) arrays of audit_chunk *; 297 * We keep a linked list of fixed-sized (31 pointer) arrays of audit_chunk *;
285 * ->first_trees points to its beginning, ->trees - to the current end of data. 298 * ->first_trees points to its beginning, ->trees - to the current end of data.
@@ -589,6 +602,9 @@ static int audit_filter_rules(struct task_struct *tsk,
589 case AUDIT_PERM: 602 case AUDIT_PERM:
590 result = audit_match_perm(ctx, f->val); 603 result = audit_match_perm(ctx, f->val);
591 break; 604 break;
605 case AUDIT_FILETYPE:
606 result = audit_match_filetype(ctx, f->val);
607 break;
592 } 608 }
593 609
594 if (!result) 610 if (!result)