[PATCH] new predicate - AUDIT_FILETYPE (8b67dca9) · Commits · e / devices / android_kernel_teracube_emerald

include/linux/audit.h

+1 −0

+8 −0

Original line number	Diff line number	Diff line
		@@ -478,6 +478,10 @@ static struct audit_entry audit_rule_to_entry(struct audit_rule rule)
		if (f->val & ~15)
		goto exit_free;
		break;
		case AUDIT_FILETYPE:
		if ((f->val & ~S_IFMT) > S_IFMT)
		goto exit_free;
		break;
		case AUDIT_INODE:
		err = audit_to_inode(&entry->rule, f);
		if (err)
		@@ -649,6 +653,10 @@ static struct audit_entry audit_data_to_entry(struct audit_rule_data data,
		if (f->val & ~15)
		goto exit_free;
		break;
		case AUDIT_FILETYPE:
		if ((f->val & ~S_IFMT) > S_IFMT)
		goto exit_free;
		break;
		default:
		goto exit_free;
		}

+16 −0

Original line number	Diff line number	Diff line
		@@ -280,6 +280,19 @@ static int audit_match_perm(struct audit_context *ctx, int mask)
		}
		}

		static int audit_match_filetype(struct audit_context *ctx, int which)
		{
		unsigned index = which & ~S_IFMT;
		mode_t mode = which & S_IFMT;
		if (index >= ctx->name_count)
		return 0;
		if (ctx->names[index].ino == -1)
		return 0;
		if ((ctx->names[index].mode ^ mode) & S_IFMT)
		return 0;
		return 1;
		}

		/*
		* We keep a linked list of fixed-sized (31 pointer) arrays of audit_chunk *;
		* ->first_trees points to its beginning, ->trees - to the current end of data.
		@@ -589,6 +602,9 @@ static int audit_filter_rules(struct task_struct *tsk,
		case AUDIT_PERM:
		result = audit_match_perm(ctx, f->val);
		break;
		case AUDIT_FILETYPE:
		result = audit_match_filetype(ctx, f->val);
		break;
		}

		if (!result)