aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorPeter Moody <pmoody@google.com>2012-01-04 15:24:31 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2012-01-17 16:17:03 -0500
commit10d68360871657204885371cdf2594412675d2f9 (patch)
tree85a4fa8d3b0dc0a7bc525475325f955f75d3881d /kernel
parent4a6633ed08af5ba67790b4d1adcdeb8ceb55677e (diff)
audit: comparison on interprocess fields
This allows audit to specify rules in which we compare two fields of a process. Such as is the running process uid != to the running process euid? Signed-off-by: Peter Moody <pmoody@google.com> Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/auditsc.c39
1 files changed, 39 insertions, 0 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index b8cee462b99e..593237e3654d 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -545,6 +545,45 @@ static int audit_field_compare(struct task_struct *tsk,
545 return audit_compare_id(cred->fsgid, 545 return audit_compare_id(cred->fsgid,
546 name, offsetof(struct audit_names, gid), 546 name, offsetof(struct audit_names, gid),
547 f, ctx); 547 f, ctx);
548 /* uid comparisons */
549 case AUDIT_COMPARE_UID_TO_AUID:
550 return audit_comparator(cred->uid, f->op, tsk->loginuid);
551 case AUDIT_COMPARE_UID_TO_EUID:
552 return audit_comparator(cred->uid, f->op, cred->euid);
553 case AUDIT_COMPARE_UID_TO_SUID:
554 return audit_comparator(cred->uid, f->op, cred->suid);
555 case AUDIT_COMPARE_UID_TO_FSUID:
556 return audit_comparator(cred->uid, f->op, cred->fsuid);
557 /* auid comparisons */
558 case AUDIT_COMPARE_AUID_TO_EUID:
559 return audit_comparator(tsk->loginuid, f->op, cred->euid);
560 case AUDIT_COMPARE_AUID_TO_SUID:
561 return audit_comparator(tsk->loginuid, f->op, cred->suid);
562 case AUDIT_COMPARE_AUID_TO_FSUID:
563 return audit_comparator(tsk->loginuid, f->op, cred->fsuid);
564 /* euid comparisons */
565 case AUDIT_COMPARE_EUID_TO_SUID:
566 return audit_comparator(cred->euid, f->op, cred->suid);
567 case AUDIT_COMPARE_EUID_TO_FSUID:
568 return audit_comparator(cred->euid, f->op, cred->fsuid);
569 /* suid comparisons */
570 case AUDIT_COMPARE_SUID_TO_FSUID:
571 return audit_comparator(cred->suid, f->op, cred->fsuid);
572 /* gid comparisons */
573 case AUDIT_COMPARE_GID_TO_EGID:
574 return audit_comparator(cred->gid, f->op, cred->egid);
575 case AUDIT_COMPARE_GID_TO_SGID:
576 return audit_comparator(cred->gid, f->op, cred->sgid);
577 case AUDIT_COMPARE_GID_TO_FSGID:
578 return audit_comparator(cred->gid, f->op, cred->fsgid);
579 /* egid comparisons */
580 case AUDIT_COMPARE_EGID_TO_SGID:
581 return audit_comparator(cred->egid, f->op, cred->sgid);
582 case AUDIT_COMPARE_EGID_TO_FSGID:
583 return audit_comparator(cred->egid, f->op, cred->fsgid);
584 /* sgid comparison */
585 case AUDIT_COMPARE_SGID_TO_FSGID:
586 return audit_comparator(cred->sgid, f->op, cred->fsgid);
548 default: 587 default:
549 WARN(1, "Missing AUDIT_COMPARE define. Report as a bug\n"); 588 WARN(1, "Missing AUDIT_COMPARE define. Report as a bug\n");
550 return 0; 589 return 0;