diff options
| -rw-r--r-- | kernel/auditfilter.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 35f8fa82bb8b..b85fd8cce11f 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -160,11 +160,17 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) | |||
| 160 | f->val = rule->values[i]; | 160 | f->val = rule->values[i]; |
| 161 | 161 | ||
| 162 | entry->rule.vers_ops = (f->op & AUDIT_OPERATORS) ? 2 : 1; | 162 | entry->rule.vers_ops = (f->op & AUDIT_OPERATORS) ? 2 : 1; |
| 163 | |||
| 164 | /* Support for legacy operators where | ||
| 165 | * AUDIT_NEGATE bit signifies != and otherwise assumes == */ | ||
| 163 | if (f->op & AUDIT_NEGATE) | 166 | if (f->op & AUDIT_NEGATE) |
| 164 | f->op |= AUDIT_NOT_EQUAL; | 167 | f->op = AUDIT_NOT_EQUAL; |
| 165 | else if (!(f->op & AUDIT_OPERATORS)) | 168 | else if (!f->op) |
| 166 | f->op |= AUDIT_EQUAL; | 169 | f->op = AUDIT_EQUAL; |
| 167 | f->op &= ~AUDIT_NEGATE; | 170 | else if (f->op == AUDIT_OPERATORS) { |
| 171 | err = -EINVAL; | ||
| 172 | goto exit_free; | ||
| 173 | } | ||
| 168 | } | 174 | } |
| 169 | 175 | ||
| 170 | exit_nofree: | 176 | exit_nofree: |
| @@ -533,9 +539,9 @@ int audit_comparator(const u32 left, const u32 op, const u32 right) | |||
| 533 | return (left > right); | 539 | return (left > right); |
| 534 | case AUDIT_GREATER_THAN_OR_EQUAL: | 540 | case AUDIT_GREATER_THAN_OR_EQUAL: |
| 535 | return (left >= right); | 541 | return (left >= right); |
| 536 | default: | ||
| 537 | return -EINVAL; | ||
| 538 | } | 542 | } |
| 543 | BUG(); | ||
| 544 | return 0; | ||
| 539 | } | 545 | } |
| 540 | 546 | ||
| 541 | 547 | ||