Google Git
Sign in
kunit/linux/8b67dca9420474623709e00d72a066068a502b20^!/./kernel/auditfilter.c
commit
8b67dca9420474623709e00d72a066068a502b20
[log]
author
Al Viro <viro@zeniv.linux.org.uk>
Mon Apr 28 04:15:49 2008 -0400
committer
Al Viro <viro@zeniv.linux.org.uk>
Mon Apr 28 06:28:37 2008 -0400
tree
9d4dc19d849dd23cf00cee0851fd402062cdf1ea
parent
4a761b8c1d7a3a4ee7ccf92ce255d986f601e067 [diff] [blame]
[PATCH] new predicate - AUDIT_FILETYPE

Argument is S_IF... | <index>, where index is normally 0 or 1.
Triggers if chosen element of ctx->names[] is present and the
mode of object in question matches the upper bits of argument.
I.e. for things like "is the argument of that chmod a directory",
etc.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 7c3450d..9435d93 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c

@@ -478,6 +478,10 @@
 			if (f->val & ~15)
 				goto exit_free;
 			break;
+		case AUDIT_FILETYPE:
+			if ((f->val & ~S_IFMT) > S_IFMT)
+				goto exit_free;
+			break;
 		case AUDIT_INODE:
 			err = audit_to_inode(&entry->rule, f);
 			if (err)
@@ -649,6 +653,10 @@
 			if (f->val & ~15)
 				goto exit_free;
 			break;
+		case AUDIT_FILETYPE:
+			if ((f->val & ~S_IFMT) > S_IFMT)
+				goto exit_free;
+			break;
 		default:
 			goto exit_free;
 		}