Merge branch 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit...

[linux-2.6] / kernel / auditfilter.c
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c

index 03a6919103d4df8368cda70a3a151b593f77548d..4c99d2c586edcb2549f27e3e0d18f68e77c48763 100644 (file)
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -348,17 +348,31 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
                 f->val = rule->values[i];
  
                 err = -EINVAL;
-               if (f->type & AUDIT_UNUSED_BITS)
-                       goto exit_free;
-
                 switch(f->type) {
-               case AUDIT_SE_USER:
-               case AUDIT_SE_ROLE:
-               case AUDIT_SE_TYPE:
-               case AUDIT_SE_SEN:
-               case AUDIT_SE_CLR:
-               case AUDIT_WATCH:
+               default:
                         goto exit_free;
+               case AUDIT_PID:
+               case AUDIT_UID:
+               case AUDIT_EUID:
+               case AUDIT_SUID:
+               case AUDIT_FSUID:
+               case AUDIT_GID:
+               case AUDIT_EGID:
+               case AUDIT_SGID:
+               case AUDIT_FSGID:
+               case AUDIT_LOGINUID:
+               case AUDIT_PERS:
+               case AUDIT_ARCH:
+               case AUDIT_MSGTYPE:
+               case AUDIT_DEVMAJOR:
+               case AUDIT_DEVMINOR:
+               case AUDIT_EXIT:
+               case AUDIT_SUCCESS:
+               case AUDIT_ARG0:
+               case AUDIT_ARG1:
+               case AUDIT_ARG2:
+               case AUDIT_ARG3:
+                       break;
                 case AUDIT_INODE:
                         err = audit_to_inode(&entry->rule, f);
                         if (err)
@@ -432,6 +446,29 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
                 f->se_str = NULL;
                 f->se_rule = NULL;
                 switch(f->type) {
+               case AUDIT_PID:
+               case AUDIT_UID:
+               case AUDIT_EUID:
+               case AUDIT_SUID:
+               case AUDIT_FSUID:
+               case AUDIT_GID:
+               case AUDIT_EGID:
+               case AUDIT_SGID:
+               case AUDIT_FSGID:
+               case AUDIT_LOGINUID:
+               case AUDIT_PERS:
+               case AUDIT_ARCH:
+               case AUDIT_MSGTYPE:
+               case AUDIT_PPID:
+               case AUDIT_DEVMAJOR:
+               case AUDIT_DEVMINOR:
+               case AUDIT_EXIT:
+               case AUDIT_SUCCESS:
+               case AUDIT_ARG0:
+               case AUDIT_ARG1:
+               case AUDIT_ARG2:
+               case AUDIT_ARG3:
+                       break;
                 case AUDIT_SE_USER:
                 case AUDIT_SE_ROLE:
                 case AUDIT_SE_TYPE:
@@ -474,6 +511,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
                         if (err)
                                 goto exit_free;
                         break;
+               default:
+                       goto exit_free;
                 }
         }
  
@@ -748,7 +787,7 @@ static void audit_update_watch(struct audit_parent *parent,
  
         mutex_lock(&audit_filter_mutex);
         list_for_each_entry_safe(owatch, nextw, &parent->watches, wlist) {
-               if (audit_compare_dname_path(dname, owatch->path))
+               if (audit_compare_dname_path(dname, owatch->path, NULL))
                         continue;
  
                 /* If the update involves invalidating rules, do the inode-based
@@ -1044,6 +1083,7 @@ static inline int audit_add_rule(struct audit_entry *entry,
  
         if (entry->rule.flags & AUDIT_FILTER_PREPEND) {
                 list_add_rcu(&entry->list, list);
+               entry->rule.flags &= ~AUDIT_FILTER_PREPEND;
         } else {
                 list_add_tail_rcu(&entry->list, list);
         }
@@ -1347,7 +1387,8 @@ int audit_comparator(const u32 left, const u32 op, const u32 right)
  
  /* Compare given dentry name with last component in given path,
   * return of 0 indicates a match. */
-int audit_compare_dname_path(const char *dname, const char *path)
+int audit_compare_dname_path(const char *dname, const char *path,
+                            int *dirlen)
  {
         int dlen, plen;
         const char *p;
@@ -1376,6 +1417,9 @@ int audit_compare_dname_path(const char *dname, const char *path)
                         p++;
         }
  
+       /* return length of path's directory component */
+       if (dirlen)
+               *dirlen = p - path;
         return strncmp(p, dname, dlen);
  }