Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 66b4b5d5 authored by Linux Build Service Account's avatar Linux Build Service Account Committed by Gerrit - the friendly Code Review server
Browse files

Merge "audit: fix error handling in audit_data_to_entry()"

parents 34692c6e c3395347

kernel/auditfilter.c

+39 −32
Original line number Diff line number Diff line
@@ -434,6 +434,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, 
	bufp = data->buf;

	for (i = 0; i < data->field_count; i++) {

		struct audit_field *f = &entry->rule.fields[i];

		u32 f_val;



		err = -EINVAL;
@@ -442,12 +443,12 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, 
			goto exit_free;



		f->type = data->fields[i];

		f->val = data->values[i];

		f_val = data->values[i];



		/* Support legacy tests for a valid loginuid */

		if ((f->type == AUDIT_LOGINUID) && (f->val == AUDIT_UID_UNSET)) {

		if ((f->type == AUDIT_LOGINUID) && (f_val == AUDIT_UID_UNSET)) {

			f->type = AUDIT_LOGINUID_SET;

			f->val = 0;

			f_val = 0;

			entry->rule.pflags |= AUDIT_LOGINUID_LEGACY;

		}
@@ -463,7 +464,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, 
		case AUDIT_SUID:

		case AUDIT_FSUID:

		case AUDIT_OBJ_UID:

			f->uid = make_kuid(current_user_ns(), f->val);

			f->uid = make_kuid(current_user_ns(), f_val);

			if (!uid_valid(f->uid))

				goto exit_free;

			break;
@@ -472,11 +473,12 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, 
		case AUDIT_SGID:

		case AUDIT_FSGID:

		case AUDIT_OBJ_GID:

			f->gid = make_kgid(current_user_ns(), f->val);

			f->gid = make_kgid(current_user_ns(), f_val);

			if (!gid_valid(f->gid))

				goto exit_free;

			break;

		case AUDIT_ARCH:

			f->val = f_val;

			entry->rule.arch_f = f;

			break;

		case AUDIT_SUBJ_USER:
@@ -489,11 +491,13 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, 
		case AUDIT_OBJ_TYPE:

		case AUDIT_OBJ_LEV_LOW:

		case AUDIT_OBJ_LEV_HIGH:

			str = audit_unpack_string(&bufp, &remain, f->val);

			if (IS_ERR(str))

			str = audit_unpack_string(&bufp, &remain, f_val);

			if (IS_ERR(str)) {

				err = PTR_ERR(str);

				goto exit_free;

			entry->rule.buflen += f->val;



			}

			entry->rule.buflen += f_val;

			f->lsm_str = str;

			err = security_audit_rule_init(f->type, f->op, str,

						       (void **)&f->lsm_rule);

			/* Keep currently invalid fields around in case they
@@ -502,68 +506,71 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, 
				pr_warn("audit rule for LSM \'%s\' is invalid\n",

					str);

				err = 0;

			}

			if (err) {

				kfree(str);

			} else if (err)

				goto exit_free;

			} else

				f->lsm_str = str;

			break;

		case AUDIT_WATCH:

			str = audit_unpack_string(&bufp, &remain, f->val);

			if (IS_ERR(str))

			str = audit_unpack_string(&bufp, &remain, f_val);

			if (IS_ERR(str)) {

				err = PTR_ERR(str);

				goto exit_free;

			entry->rule.buflen += f->val;



			err = audit_to_watch(&entry->rule, str, f->val, f->op);

			}

			err = audit_to_watch(&entry->rule, str, f_val, f->op);

			if (err) {

				kfree(str);

				goto exit_free;

			}

			entry->rule.buflen += f_val;

			break;

		case AUDIT_DIR:

			str = audit_unpack_string(&bufp, &remain, f->val);

			if (IS_ERR(str))

			str = audit_unpack_string(&bufp, &remain, f_val);

			if (IS_ERR(str)) {

				err = PTR_ERR(str);

				goto exit_free;

			entry->rule.buflen += f->val;



			}

			err = audit_make_tree(&entry->rule, str, f->op);

			kfree(str);

			if (err)

				goto exit_free;

			entry->rule.buflen += f_val;

			break;

		case AUDIT_INODE:

			f->val = f_val;

			err = audit_to_inode(&entry->rule, f);

			if (err)

				goto exit_free;

			break;

		case AUDIT_FILTERKEY:

			if (entry->rule.filterkey || f->val > AUDIT_MAX_KEY_LEN)

			if (entry->rule.filterkey || f_val > AUDIT_MAX_KEY_LEN)

				goto exit_free;

			str = audit_unpack_string(&bufp, &remain, f->val);

			if (IS_ERR(str))

			str = audit_unpack_string(&bufp, &remain, f_val);

			if (IS_ERR(str)) {

				err = PTR_ERR(str);

				goto exit_free;

			entry->rule.buflen += f->val;

			}

			entry->rule.buflen += f_val;

			entry->rule.filterkey = str;

			break;

		case AUDIT_EXE:

			if (entry->rule.exe || f->val > PATH_MAX)

			if (entry->rule.exe || f_val > PATH_MAX)

				goto exit_free;

			str = audit_unpack_string(&bufp, &remain, f->val);

			str = audit_unpack_string(&bufp, &remain, f_val);

			if (IS_ERR(str)) {

				err = PTR_ERR(str);

				goto exit_free;

			}

			entry->rule.buflen += f->val;



			audit_mark = audit_alloc_mark(&entry->rule, str, f->val);

			audit_mark = audit_alloc_mark(&entry->rule, str, f_val);

			if (IS_ERR(audit_mark)) {

				kfree(str);

				err = PTR_ERR(audit_mark);

				goto exit_free;

			}

			entry->rule.buflen += f_val;

			entry->rule.exe = audit_mark;

			break;

		default:

			f->val = f_val;

			break;

		}

	}