3 files changed, 14 insertions, 0 deletions

diff --git a/include/linux/audit.h b/include/linux/audit.h
index 55cb3daaf474..e36aa37c88af 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -224,6 +224,7 @@
 #define AUDIT_DIR       107
 #define AUDIT_FILETYPE  108
 #define AUDIT_OBJ_UID   109
+#define AUDIT_OBJ_GID   110
 
 #define AUDIT_ARG0      200
 #define AUDIT_ARG1      (AUDIT_ARG0+1)
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 13e997423dcd..f10605c787e6 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -462,6 +462,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
                 case AUDIT_ARG2:
                 case AUDIT_ARG3:
                 case AUDIT_OBJ_UID:
+                case AUDIT_OBJ_GID:
                         break;
                 case AUDIT_ARCH:
                         entry->rule.arch_f = f;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 5cf3ecc01517..87b375fb12ff 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -598,6 +598,18 @@ static int audit_filter_rules(struct task_struct *tsk,
                                 }
                         }
                         break;
+                case AUDIT_OBJ_GID:
+                        if (name) {
+                                result = audit_comparator(name->gid, f->op, f->val);
+                        } else if (ctx) {
+                                list_for_each_entry(n, &ctx->names_list, list) {
+                                        if (audit_comparator(n->gid, f->op, f->val)) {
+                                                ++result;
+                                                break;
+                                        }
+                                }
+                        }
+                        break;
                 case AUDIT_WATCH:
                         if (name)
                                 result = audit_watch_compare(rule->watch, name->ino, name->dev);