]> err.no Git - linux-2.6/commitdiff
[PATCH] add filtering by ppid
authorAl Viro <viro@zeniv.linux.org.uk>
Sat, 6 May 2006 12:26:27 +0000 (08:26 -0400)
committerAl Viro <viro@zeniv.linux.org.uk>
Tue, 20 Jun 2006 09:25:22 +0000 (05:25 -0400)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
include/linux/audit.h
kernel/auditsc.c

index 1057e90bd3e3e72839bf864b229c9f38affe3ffb..8f6424f2b6040ff99afac2fbc9d25ee8ed969130 100644 (file)
 #define AUDIT_SE_TYPE  15      /* security label type */
 #define AUDIT_SE_SEN   16      /* security label sensitivity label */
 #define AUDIT_SE_CLR   17      /* security label clearance label */
+#define AUDIT_PPID     18
 
                                /* These are ONLY useful when checking
                                 * at syscall exit time (AUDIT_AT_EXIT). */
index 4fc3867fa25afcaf4d6f3d795409d4573e0788c7..e4551659ad79a6da003a3fc424ddf3cabea03c7c 100644 (file)
@@ -188,6 +188,10 @@ static int audit_filter_rules(struct task_struct *tsk,
                case AUDIT_PID:
                        result = audit_comparator(tsk->pid, f->op, f->val);
                        break;
+               case AUDIT_PPID:
+                       if (ctx)
+                               result = audit_comparator(ctx->ppid, f->op, f->val);
+                       break;
                case AUDIT_UID:
                        result = audit_comparator(tsk->uid, f->op, f->val);
                        break;