git.openpandora.org
/
pandora-kernel.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
qd65xx: convert to use ide_timing_find_mode()
[pandora-kernel.git]
/
kernel
/
auditfilter.c
diff --git
a/kernel/auditfilter.c
b/kernel/auditfilter.c
index
1343017
..
98c50cc
100644
(file)
--- a/
kernel/auditfilter.c
+++ b/
kernel/auditfilter.c
@@
-89,14
+89,9
@@
struct list_head audit_filter_list[AUDIT_NR_FILTERS] = {
DEFINE_MUTEX(audit_filter_mutex);
DEFINE_MUTEX(audit_filter_mutex);
-/* Inotify handle */
-extern struct inotify_handle *audit_ih;
-
/* Inotify events we care about. */
#define AUDIT_IN_WATCH IN_MOVE|IN_CREATE|IN_DELETE|IN_DELETE_SELF|IN_MOVE_SELF
/* Inotify events we care about. */
#define AUDIT_IN_WATCH IN_MOVE|IN_CREATE|IN_DELETE|IN_DELETE_SELF|IN_MOVE_SELF
-extern int audit_enabled;
-
void audit_free_parent(struct inotify_watch *i_watch)
{
struct audit_parent *parent;
void audit_free_parent(struct inotify_watch *i_watch)
{
struct audit_parent *parent;
@@
-422,7
+417,7
@@
exit_err:
static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
{
struct audit_entry *entry;
static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
{
struct audit_entry *entry;
- struct audit_field *f;
+ struct audit_field *
ino_
f;
int err = 0;
int i;
int err = 0;
int i;
@@
-483,6
+478,10
@@
static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
if (f->val & ~15)
goto exit_free;
break;
if (f->val & ~15)
goto exit_free;
break;
+ case AUDIT_FILETYPE:
+ if ((f->val & ~S_IFMT) > S_IFMT)
+ goto exit_free;
+ break;
case AUDIT_INODE:
err = audit_to_inode(&entry->rule, f);
if (err)
case AUDIT_INODE:
err = audit_to_inode(&entry->rule, f);
if (err)
@@
-504,9
+503,9
@@
static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
}
}
}
}
- f = entry->rule.inode_f;
- if (f) {
- switch(f->op) {
+
ino_
f = entry->rule.inode_f;
+ if (
ino_
f) {
+ switch(
ino_
f->op) {
case AUDIT_NOT_EQUAL:
entry->rule.inode_f = NULL;
case AUDIT_EQUAL:
case AUDIT_NOT_EQUAL:
entry->rule.inode_f = NULL;
case AUDIT_EQUAL:
@@
-531,7
+530,7
@@
static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
{
int err = 0;
struct audit_entry *entry;
{
int err = 0;
struct audit_entry *entry;
- struct audit_field *f;
+ struct audit_field *
ino_
f;
void *bufp;
size_t remain = datasz - sizeof(struct audit_rule_data);
int i;
void *bufp;
size_t remain = datasz - sizeof(struct audit_rule_data);
int i;
@@
-654,14
+653,18
@@
static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
if (f->val & ~15)
goto exit_free;
break;
if (f->val & ~15)
goto exit_free;
break;
+ case AUDIT_FILETYPE:
+ if ((f->val & ~S_IFMT) > S_IFMT)
+ goto exit_free;
+ break;
default:
goto exit_free;
}
}
default:
goto exit_free;
}
}
- f = entry->rule.inode_f;
- if (f) {
- switch(f->op) {
+
ino_
f = entry->rule.inode_f;
+ if (
ino_
f) {
+ switch(
ino_
f->op) {
case AUDIT_NOT_EQUAL:
entry->rule.inode_f = NULL;
case AUDIT_EQUAL:
case AUDIT_NOT_EQUAL:
entry->rule.inode_f = NULL;
case AUDIT_EQUAL:
@@
-1500,8
+1503,9
@@
static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
}
/* Log rule additions and removals */
}
/* Log rule additions and removals */
-static void audit_log_rule_change(uid_t loginuid, u32 sid, char *action,
- struct audit_krule *rule, int res)
+static void audit_log_rule_change(uid_t loginuid, u32 sessionid, u32 sid,
+ char *action, struct audit_krule *rule,
+ int res)
{
struct audit_buffer *ab;
{
struct audit_buffer *ab;
@@
-1511,7
+1515,7
@@
static void audit_log_rule_change(uid_t loginuid, u32 sid, char *action,
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
if (!ab)
return;
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
if (!ab)
return;
- audit_log_format(ab, "auid=%u
", loginu
id);
+ audit_log_format(ab, "auid=%u
ses=%u", loginuid, session
id);
if (sid) {
char *ctx = NULL;
u32 len;
if (sid) {
char *ctx = NULL;
u32 len;
@@
-1540,10
+1544,11
@@
static void audit_log_rule_change(uid_t loginuid, u32 sid, char *action,
* @data: payload data
* @datasz: size of payload data
* @loginuid: loginuid of sender
* @data: payload data
* @datasz: size of payload data
* @loginuid: loginuid of sender
+ * @sessionid: sessionid for netlink audit message
* @sid: SE Linux Security ID of sender
*/
int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
* @sid: SE Linux Security ID of sender
*/
int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
- size_t datasz, uid_t loginuid, u32 sid)
+ size_t datasz, uid_t loginuid, u32 s
essionid, u32 s
id)
{
struct task_struct *tsk;
struct audit_netlink_list *dest;
{
struct task_struct *tsk;
struct audit_netlink_list *dest;
@@
-1590,7
+1595,8
@@
int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
err = audit_add_rule(entry,
&audit_filter_list[entry->rule.listnr]);
err = audit_add_rule(entry,
&audit_filter_list[entry->rule.listnr]);
- audit_log_rule_change(loginuid, sid, "add", &entry->rule, !err);
+ audit_log_rule_change(loginuid, sessionid, sid, "add",
+ &entry->rule, !err);
if (err)
audit_free_rule(entry);
if (err)
audit_free_rule(entry);
@@
-1606,8
+1612,8
@@
int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
err = audit_del_rule(entry,
&audit_filter_list[entry->rule.listnr]);
err = audit_del_rule(entry,
&audit_filter_list[entry->rule.listnr]);
- audit_log_rule_change(loginuid, s
id, "remove", &entry->rule
,
- !err);
+ audit_log_rule_change(loginuid, s
essionid, sid, "remove"
,
+
&entry->rule,
!err);
audit_free_rule(entry);
break;
audit_free_rule(entry);
break;
@@
-1715,7
+1721,7
@@
static int audit_filter_user_rules(struct netlink_skb_parms *cb,
return 1;
}
return 1;
}
-int audit_filter_user(struct netlink_skb_parms *cb
, int type
)
+int audit_filter_user(struct netlink_skb_parms *cb)
{
enum audit_state state = AUDIT_DISABLED;
struct audit_entry *e;
{
enum audit_state state = AUDIT_DISABLED;
struct audit_entry *e;