audit: validate comparison operations, store them in sane form

Don't store the field->op in the messy (and very inconvenient for e.g. audit_comparator()) form; translate to dense set of values and do full validation of userland-submitted value while we are at it. ->audit_init_rule() and ->audit_match_rule() get new values now; in-tree instances updated. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
author: Al Viro <viro@zeniv.linux.org.uk> 2008-12-16 05:59:26 -0500
committer: Al Viro <viro@zeniv.linux.org.uk> 2009-01-04 15:14:42 -0500
commit: 5af75d8d58d0f9f7b7c0515b35786b22892d5f12 (patch)
tree: 65707c5309133a33140c39145ae91b7c1679a877 /include/linux/audit.h
parent: 36c4f1b18c8a7d0adb4085e7f531860b837bb6b0 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index cc71fdb56ae2..67e5dbfc2961 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -247,6 +247,18 @@
 #define AUDIT_GREATER_THAN_OR_EQUAL     (AUDIT_GREATER_THAN|AUDIT_EQUAL)
 #define AUDIT_OPERATORS                 (AUDIT_EQUAL|AUDIT_NOT_EQUAL|AUDIT_BIT_MASK)
+enum {
+        Audit_equal,
+        Audit_not_equal,
+        Audit_bitmask,
+        Audit_bittest,
+        Audit_lt,
+        Audit_gt,
+        Audit_le,
+        Audit_ge,
+        Audit_bad
+};
 /* Status symbols */
                                /* Mask values */
 #define AUDIT_STATUS_ENABLED            0x0001
author	Al Viro <viro@zeniv.linux.org.uk>	2008-12-16 05:59:26 -0500
committer	Al Viro <viro@zeniv.linux.org.uk>	2009-01-04 15:14:42 -0500
commit	5af75d8d58d0f9f7b7c0515b35786b22892d5f12 (patch)
tree	65707c5309133a33140c39145ae91b7c1679a877 /include/linux/audit.h
parent	36c4f1b18c8a7d0adb4085e7f531860b837bb6b0 (diff)

diff --git a/include/linux/audit.h b/include/linux/audit.h index cc71fdb56ae2..67e5dbfc2961 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -247,6 +247,18 @@
247	#define AUDIT_GREATER_THAN_OR_EQUAL (AUDIT_GREATER_THAN\|AUDIT_EQUAL)	247	#define AUDIT_GREATER_THAN_OR_EQUAL (AUDIT_GREATER_THAN\|AUDIT_EQUAL)
248	#define AUDIT_OPERATORS (AUDIT_EQUAL\|AUDIT_NOT_EQUAL\|AUDIT_BIT_MASK)	248	#define AUDIT_OPERATORS (AUDIT_EQUAL\|AUDIT_NOT_EQUAL\|AUDIT_BIT_MASK)
249		249
		250	enum {
		251	Audit_equal,
		252	Audit_not_equal,
		253	Audit_bitmask,
		254	Audit_bittest,
		255	Audit_lt,
		256	Audit_gt,
		257	Audit_le,
		258	Audit_ge,
		259	Audit_bad
		260	};
		261
250	/* Status symbols */	262	/* Status symbols */
251	/* Mask values */	263	/* Mask values */
252	#define AUDIT_STATUS_ENABLED 0x0001	264	#define AUDIT_STATUS_ENABLED 0x0001