summaryrefslogtreecommitdiffstats
path: root/kernel/audit_tree.c
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2008-12-16 11:59:26 +0100
committerAl Viro <viro@zeniv.linux.org.uk>2009-01-04 21:14:42 +0100
commit5af75d8d58d0f9f7b7c0515b35786b22892d5f12 (patch)
tree65707c5309133a33140c39145ae91b7c1679a877 /kernel/audit_tree.c
parentclean up audit_rule_{add,del} a bit (diff)
downloadlinux-5af75d8d58d0f9f7b7c0515b35786b22892d5f12.tar.xz
linux-5af75d8d58d0f9f7b7c0515b35786b22892d5f12.zip
audit: validate comparison operations, store them in sane form
Don't store the field->op in the messy (and very inconvenient for e.g. audit_comparator()) form; translate to dense set of values and do full validation of userland-submitted value while we are at it. ->audit_init_rule() and ->audit_match_rule() get new values now; in-tree instances updated. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel/audit_tree.c')
-rw-r--r--kernel/audit_tree.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c
index 48bddad2a3dc..8ad9545b8db9 100644
--- a/kernel/audit_tree.c
+++ b/kernel/audit_tree.c
@@ -618,7 +618,7 @@ int audit_make_tree(struct audit_krule *rule, char *pathname, u32 op)
if (pathname[0] != '/' ||
rule->listnr != AUDIT_FILTER_EXIT ||
- op & ~AUDIT_EQUAL ||
+ op != Audit_equal ||
rule->inode_f || rule->watch || rule->tree)
return -EINVAL;
rule->tree = alloc_tree(pathname);