diff options
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/auditfilter.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 0ea96bab91cc..359645cff5b2 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -456,6 +456,13 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) | |||
| 456 | case AUDIT_DEVMINOR: | 456 | case AUDIT_DEVMINOR: |
| 457 | case AUDIT_EXIT: | 457 | case AUDIT_EXIT: |
| 458 | case AUDIT_SUCCESS: | 458 | case AUDIT_SUCCESS: |
| 459 | /* bit ops are only useful on syscall args */ | ||
| 460 | if (f->op == AUDIT_BIT_MASK || | ||
| 461 | f->op == AUDIT_BIT_TEST) { | ||
| 462 | err = -EINVAL; | ||
| 463 | goto exit_free; | ||
| 464 | } | ||
| 465 | break; | ||
| 459 | case AUDIT_ARG0: | 466 | case AUDIT_ARG0: |
| 460 | case AUDIT_ARG1: | 467 | case AUDIT_ARG1: |
| 461 | case AUDIT_ARG2: | 468 | case AUDIT_ARG2: |
| @@ -1566,6 +1573,10 @@ int audit_comparator(const u32 left, const u32 op, const u32 right) | |||
| 1566 | return (left > right); | 1573 | return (left > right); |
| 1567 | case AUDIT_GREATER_THAN_OR_EQUAL: | 1574 | case AUDIT_GREATER_THAN_OR_EQUAL: |
| 1568 | return (left >= right); | 1575 | return (left >= right); |
| 1576 | case AUDIT_BIT_MASK: | ||
| 1577 | return (left & right); | ||
| 1578 | case AUDIT_BIT_TEST: | ||
| 1579 | return ((left & right) == right); | ||
| 1569 | } | 1580 | } |
| 1570 | BUG(); | 1581 | BUG(); |
| 1571 | return 0; | 1582 | return 0; |