Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7ff68e53 authored by Eric Paris's avatar Eric Paris Committed by Al Viro
Browse files

audit: reject entry,always rules 



We deprecated entry,always rules a long time ago.  Reject those rules as
invalid.

Signed-off-by: default avatarEric Paris <eparis@redhat.com>
parent a4ff8dba

kernel/auditfilter.c

+4 −2
Original line number Diff line number Diff line
@@ -235,13 +235,15 @@ static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule) 
	switch(listnr) {

	default:

		goto exit_err;

	case AUDIT_FILTER_USER:

	case AUDIT_FILTER_TYPE:

#ifdef CONFIG_AUDITSYSCALL

	case AUDIT_FILTER_ENTRY:

		if (rule->action == AUDIT_ALWAYS)

			goto exit_err;

	case AUDIT_FILTER_EXIT:

	case AUDIT_FILTER_TASK:

#endif

	case AUDIT_FILTER_USER:

	case AUDIT_FILTER_TYPE:

		;

	}

	if (unlikely(rule->action == AUDIT_POSSIBLE)) {