diff options
| author | Klaus Weidner <klaus@atsec.com> | 2007-05-16 18:45:42 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2007-07-22 09:57:02 -0400 |
| commit | c926e4f432af0f61ac2b9b637fb51a4871a3fc91 (patch) | |
| tree | 732a5e76f2405ed84915997b59f8bad921d7ac04 /kernel | |
| parent | 5b9a4262232d632c28990fcdf4f36d0e0ade5f18 (diff) | |
[PATCH] audit: fix broken class-based syscall audit
The sanity check in audit_match_class() is wrong. We are able to audit
2048 syscalls but in audit_match_class() we were accidentally using
sizeof(_u32) instead of number of bits in _u32 when deciding how many
syscalls were valid. On ia64 in particular we were hitting syscall
numbers over the (wrong) limit of 256. Fixing the audit_match_class
check takes care of the problem.
Signed-off-by: Klaus Weidner <klaus@atsec.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/auditfilter.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 1bf093dcffe0..0ea96bab91cc 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -304,7 +304,7 @@ int __init audit_register_class(int class, unsigned *list) | |||
| 304 | 304 | ||
| 305 | int audit_match_class(int class, unsigned syscall) | 305 | int audit_match_class(int class, unsigned syscall) |
| 306 | { | 306 | { |
| 307 | if (unlikely(syscall >= AUDIT_BITMASK_SIZE * sizeof(__u32))) | 307 | if (unlikely(syscall >= AUDIT_BITMASK_SIZE * 32)) |
| 308 | return 0; | 308 | return 0; |
| 309 | if (unlikely(class >= AUDIT_SYSCALL_CLASSES || !classes[class])) | 309 | if (unlikely(class >= AUDIT_SYSCALL_CLASSES || !classes[class])) |
| 310 | return 0; | 310 | return 0; |