diff options
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/auditfilter.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 0ea96bab91cc..359645cff5b2 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
@@ -456,6 +456,13 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) | |||
456 | case AUDIT_DEVMINOR: | 456 | case AUDIT_DEVMINOR: |
457 | case AUDIT_EXIT: | 457 | case AUDIT_EXIT: |
458 | case AUDIT_SUCCESS: | 458 | case AUDIT_SUCCESS: |
459 | /* bit ops are only useful on syscall args */ | ||
460 | if (f->op == AUDIT_BIT_MASK || | ||
461 | f->op == AUDIT_BIT_TEST) { | ||
462 | err = -EINVAL; | ||
463 | goto exit_free; | ||
464 | } | ||
465 | break; | ||
459 | case AUDIT_ARG0: | 466 | case AUDIT_ARG0: |
460 | case AUDIT_ARG1: | 467 | case AUDIT_ARG1: |
461 | case AUDIT_ARG2: | 468 | case AUDIT_ARG2: |
@@ -1566,6 +1573,10 @@ int audit_comparator(const u32 left, const u32 op, const u32 right) | |||
1566 | return (left > right); | 1573 | return (left > right); |
1567 | case AUDIT_GREATER_THAN_OR_EQUAL: | 1574 | case AUDIT_GREATER_THAN_OR_EQUAL: |
1568 | return (left >= right); | 1575 | return (left >= right); |
1576 | case AUDIT_BIT_MASK: | ||
1577 | return (left & right); | ||
1578 | case AUDIT_BIT_TEST: | ||
1579 | return ((left & right) == right); | ||
1569 | } | 1580 | } |
1570 | BUG(); | 1581 | BUG(); |
1571 | return 0; | 1582 | return 0; |