]> err.no Git - linux-2.6/commit
[PATCH] audit: fix broken class-based syscall audit
authorKlaus Weidner <klaus@atsec.com>
Wed, 16 May 2007 22:45:42 +0000 (17:45 -0500)
committerAl Viro <viro@zeniv.linux.org.uk>
Sun, 22 Jul 2007 13:57:02 +0000 (09:57 -0400)
commitc926e4f432af0f61ac2b9b637fb51a4871a3fc91
tree732a5e76f2405ed84915997b59f8bad921d7ac04
parent5b9a4262232d632c28990fcdf4f36d0e0ade5f18
[PATCH] audit: fix broken class-based syscall audit

The sanity check in audit_match_class() is wrong.  We are able to audit
2048 syscalls but in audit_match_class() we were accidentally using
sizeof(_u32) instead of number of bits in _u32 when deciding how many
syscalls were valid.  On ia64 in particular we were hitting syscall
numbers over the (wrong) limit of 256.  Fixing the audit_match_class
check takes care of the problem.

Signed-off-by: Klaus Weidner <klaus@atsec.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
kernel/auditfilter.c