Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8b67dca9 authored by Al Viro's avatar Al Viro
Browse files

[PATCH] new predicate - AUDIT_FILETYPE



Argument is S_IF... | <index>, where index is normally 0 or 1.
Triggers if chosen element of ctx->names[] is present and the
mode of object in question matches the upper bits of argument.
I.e. for things like "is the argument of that chmod a directory",
etc.

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 4a761b8c
Loading
Loading
Loading
Loading
+1 −0
Original line number Diff line number Diff line
@@ -209,6 +209,7 @@
#define AUDIT_WATCH	105
#define AUDIT_PERM	106
#define AUDIT_DIR	107
#define AUDIT_FILETYPE	108

#define AUDIT_ARG0      200
#define AUDIT_ARG1      (AUDIT_ARG0+1)
+8 −0
Original line number Diff line number Diff line
@@ -478,6 +478,10 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
			if (f->val & ~15)
				goto exit_free;
			break;
		case AUDIT_FILETYPE:
			if ((f->val & ~S_IFMT) > S_IFMT)
				goto exit_free;
			break;
		case AUDIT_INODE:
			err = audit_to_inode(&entry->rule, f);
			if (err)
@@ -649,6 +653,10 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
			if (f->val & ~15)
				goto exit_free;
			break;
		case AUDIT_FILETYPE:
			if ((f->val & ~S_IFMT) > S_IFMT)
				goto exit_free;
			break;
		default:
			goto exit_free;
		}
+16 −0
Original line number Diff line number Diff line
@@ -280,6 +280,19 @@ static int audit_match_perm(struct audit_context *ctx, int mask)
	}
}

static int audit_match_filetype(struct audit_context *ctx, int which)
{
	unsigned index = which & ~S_IFMT;
	mode_t mode = which & S_IFMT;
	if (index >= ctx->name_count)
		return 0;
	if (ctx->names[index].ino == -1)
		return 0;
	if ((ctx->names[index].mode ^ mode) & S_IFMT)
		return 0;
	return 1;
}

/*
 * We keep a linked list of fixed-sized (31 pointer) arrays of audit_chunk *;
 * ->first_trees points to its beginning, ->trees - to the current end of data.
@@ -589,6 +602,9 @@ static int audit_filter_rules(struct task_struct *tsk,
		case AUDIT_PERM:
			result = audit_match_perm(ctx, f->val);
			break;
		case AUDIT_FILETYPE:
			result = audit_match_filetype(ctx, f->val);
			break;
		}

		if (!result)