1 files changed, 48 insertions, 9 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 03a6919103d4..9f985dd5e937 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -348,17 +348,31 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
                f->val = rule->values[i];
                err = -EINVAL;
-                if (f->type & AUDIT_UNUSED_BITS)
-                        goto exit_free;
                switch(f->type) {
-                case AUDIT_SE_USER:
+                default:
-                case AUDIT_SE_ROLE:
-                case AUDIT_SE_TYPE:
-                case AUDIT_SE_SEN:
-                case AUDIT_SE_CLR:
-                case AUDIT_WATCH:
                        goto exit_free;
+                case AUDIT_PID:
+                case AUDIT_UID:
+                case AUDIT_EUID:
+                case AUDIT_SUID:
+                case AUDIT_FSUID:
+                case AUDIT_GID:
+                case AUDIT_EGID:
+                case AUDIT_SGID:
+                case AUDIT_FSGID:
+                case AUDIT_LOGINUID:
+                case AUDIT_PERS:
+                case AUDIT_ARCH:
+                case AUDIT_MSGTYPE:
+                case AUDIT_DEVMAJOR:
+                case AUDIT_DEVMINOR:
+                case AUDIT_EXIT:
+                case AUDIT_SUCCESS:
+                case AUDIT_ARG0:
+                case AUDIT_ARG1:
+                case AUDIT_ARG2:
+                case AUDIT_ARG3:
+                        break;
                case AUDIT_INODE:
                        err = audit_to_inode(&entry->rule, f);
                        if (err)
@@ -432,6 +446,29 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
                f->se_str = NULL;
                f->se_rule = NULL;
                switch(f->type) {
+                case AUDIT_PID:
+                case AUDIT_UID:
+                case AUDIT_EUID:
+                case AUDIT_SUID:
+                case AUDIT_FSUID:
+                case AUDIT_GID:
+                case AUDIT_EGID:
+                case AUDIT_SGID:
+                case AUDIT_FSGID:
+                case AUDIT_LOGINUID:
+                case AUDIT_PERS:
+                case AUDIT_ARCH:
+                case AUDIT_MSGTYPE:
+                case AUDIT_PPID:
+                case AUDIT_DEVMAJOR:
+                case AUDIT_DEVMINOR:
+                case AUDIT_EXIT:
+                case AUDIT_SUCCESS:
+                case AUDIT_ARG0:
+                case AUDIT_ARG1:
+                case AUDIT_ARG2:
+                case AUDIT_ARG3:
+                        break;
                case AUDIT_SE_USER:
                case AUDIT_SE_ROLE:
                case AUDIT_SE_TYPE:
@@ -474,6 +511,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
                        if (err)
                                goto exit_free;
                        break;
+                default:
+                        goto exit_free;
                }
        }

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 03a6919103d4..9f985dd5e937 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c
@@ -348,17 +348,31 @@ static struct audit_entry audit_rule_to_entry(struct audit_rule rule)
348	f->val = rule->values[i];	348	f->val = rule->values[i];
349		349
350	err = -EINVAL;	350	err = -EINVAL;
351	if (f->type & AUDIT_UNUSED_BITS)
352	goto exit_free;
353
354	switch(f->type) {	351	switch(f->type) {
355	case AUDIT_SE_USER:	352	default:
356	case AUDIT_SE_ROLE:
357	case AUDIT_SE_TYPE:
358	case AUDIT_SE_SEN:
359	case AUDIT_SE_CLR:
360	case AUDIT_WATCH:
361	goto exit_free;	353	goto exit_free;
		354	case AUDIT_PID:
		355	case AUDIT_UID:
		356	case AUDIT_EUID:
		357	case AUDIT_SUID:
		358	case AUDIT_FSUID:
		359	case AUDIT_GID:
		360	case AUDIT_EGID:
		361	case AUDIT_SGID:
		362	case AUDIT_FSGID:
		363	case AUDIT_LOGINUID:
		364	case AUDIT_PERS:
		365	case AUDIT_ARCH:
		366	case AUDIT_MSGTYPE:
		367	case AUDIT_DEVMAJOR:
		368	case AUDIT_DEVMINOR:
		369	case AUDIT_EXIT:
		370	case AUDIT_SUCCESS:
		371	case AUDIT_ARG0:
		372	case AUDIT_ARG1:
		373	case AUDIT_ARG2:
		374	case AUDIT_ARG3:
		375	break;
362	case AUDIT_INODE:	376	case AUDIT_INODE:
363	err = audit_to_inode(&entry->rule, f);	377	err = audit_to_inode(&entry->rule, f);
364	if (err)	378	if (err)
@@ -432,6 +446,29 @@ static struct audit_entry audit_data_to_entry(struct audit_rule_data data,
432	f->se_str = NULL;	446	f->se_str = NULL;
433	f->se_rule = NULL;	447	f->se_rule = NULL;
434	switch(f->type) {	448	switch(f->type) {
		449	case AUDIT_PID:
		450	case AUDIT_UID:
		451	case AUDIT_EUID:
		452	case AUDIT_SUID:
		453	case AUDIT_FSUID:
		454	case AUDIT_GID:
		455	case AUDIT_EGID:
		456	case AUDIT_SGID:
		457	case AUDIT_FSGID:
		458	case AUDIT_LOGINUID:
		459	case AUDIT_PERS:
		460	case AUDIT_ARCH:
		461	case AUDIT_MSGTYPE:
		462	case AUDIT_PPID:
		463	case AUDIT_DEVMAJOR:
		464	case AUDIT_DEVMINOR:
		465	case AUDIT_EXIT:
		466	case AUDIT_SUCCESS:
		467	case AUDIT_ARG0:
		468	case AUDIT_ARG1:
		469	case AUDIT_ARG2:
		470	case AUDIT_ARG3:
		471	break;
435	case AUDIT_SE_USER:	472	case AUDIT_SE_USER:
436	case AUDIT_SE_ROLE:	473	case AUDIT_SE_ROLE:
437	case AUDIT_SE_TYPE:	474	case AUDIT_SE_TYPE:
@@ -474,6 +511,8 @@ static struct audit_entry audit_data_to_entry(struct audit_rule_data data,
474	if (err)	511	if (err)
475	goto exit_free;	512	goto exit_free;
476	break;	513	break;
		514	default:
		515	goto exit_free;
477	}	516	}
478	}	517	}
479		518