1 files changed, 14 insertions, 0 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index a371f857a0a9..77c705c302f7 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -633,9 +633,23 @@ static int audit_filter_rules(struct task_struct *tsk,
                        break;
                case AUDIT_GID:
                        result = audit_gid_comparator(cred->gid, f->op, f->gid);
+                        if (f->op == Audit_equal) {
+                                if (!result)
+                                        result = in_group_p(f->gid);
+                        } else if (f->op == Audit_not_equal) {
+                                if (result)
+                                        result = !in_group_p(f->gid);
+                        }
                        break;
                case AUDIT_EGID:
                        result = audit_gid_comparator(cred->egid, f->op, f->gid);
+                        if (f->op == Audit_equal) {
+                                if (!result)
+                                        result = in_egroup_p(f->gid);
+                        } else if (f->op == Audit_not_equal) {
+                                if (result)
+                                        result = !in_egroup_p(f->gid);
+                        }
                        break;
                case AUDIT_SGID:
                        result = audit_gid_comparator(cred->sgid, f->op, f->gid);

diff --git a/kernel/auditsc.c b/kernel/auditsc.c index a371f857a0a9..77c705c302f7 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c
@@ -633,9 +633,23 @@ static int audit_filter_rules(struct task_struct *tsk,
633	break;	633	break;
634	case AUDIT_GID:	634	case AUDIT_GID:
635	result = audit_gid_comparator(cred->gid, f->op, f->gid);	635	result = audit_gid_comparator(cred->gid, f->op, f->gid);
		636	if (f->op == Audit_equal) {
		637	if (!result)
		638	result = in_group_p(f->gid);
		639	} else if (f->op == Audit_not_equal) {
		640	if (result)
		641	result = !in_group_p(f->gid);
		642	}
636	break;	643	break;
637	case AUDIT_EGID:	644	case AUDIT_EGID:
638	result = audit_gid_comparator(cred->egid, f->op, f->gid);	645	result = audit_gid_comparator(cred->egid, f->op, f->gid);
		646	if (f->op == Audit_equal) {
		647	if (!result)
		648	result = in_egroup_p(f->gid);
		649	} else if (f->op == Audit_not_equal) {
		650	if (result)
		651	result = !in_egroup_p(f->gid);
		652	}
639	break;	653	break;
640	case AUDIT_SGID:	654	case AUDIT_SGID:
641	result = audit_gid_comparator(cred->sgid, f->op, f->gid);	655	result = audit_gid_comparator(cred->sgid, f->op, f->gid);