diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2008-12-14 23:45:27 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2009-01-04 15:14:41 -0500 |
commit | 0590b9335a1c72a3f0defcc6231287f7817e07c8 (patch) | |
tree | 289fa4668ae304f79f7484ac31b2cab0ab8894c1 /include/linux/audit.h | |
parent | 1a9d0797b8977d413435277bf9661efbbd584693 (diff) |
fixing audit rule ordering mess, part 1
Problem: ordering between the rules on exit chain is currently lost;
all watch and inode rules are listed after everything else _and_
exit,never on one kind doesn't stop exit,always on another from
being matched.
Solution: assign priorities to rules, keep track of the current
highest-priority matching rule and its result (always/never).
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux/audit.h')
-rw-r--r-- | include/linux/audit.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 7ddcb6a29eb1..5b47eeb00d53 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -373,6 +373,7 @@ struct audit_krule { | |||
373 | struct audit_watch *watch; /* associated watch */ | 373 | struct audit_watch *watch; /* associated watch */ |
374 | struct audit_tree *tree; /* associated watched tree */ | 374 | struct audit_tree *tree; /* associated watched tree */ |
375 | struct list_head rlist; /* entry in audit_{watch,tree}.rules list */ | 375 | struct list_head rlist; /* entry in audit_{watch,tree}.rules list */ |
376 | u64 prio; | ||
376 | }; | 377 | }; |
377 | 378 | ||
378 | struct audit_field { | 379 | struct audit_field { |