tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
audit: allow interfield comparison between gid and ogid
Allow audit rules to compare the gid of the running task to the gid of the
inode in question.
Signed-off-by: Eric Paris <eparis@redhat.com>
authored by
Eric Paris
and committed by
Al Viro
c9fe685f
b34b0393
+8
-1
+2
-1
include/linux/audit.h
+2
-1
include/linux/audit.h
···
184
184
185
185
/* AUDIT_FIELD_COMPARE rule list */
186
186
#define AUDIT_COMPARE_UID_TO_OBJ_UID 1
187
+
#define AUDIT_COMPARE_GID_TO_OBJ_GID 2
187
188
188
-
#define AUDIT_MAX_FIELD_COMPARE AUDIT_COMPARE_UID_TO_OBJ_UID
189
+
#define AUDIT_MAX_FIELD_COMPARE AUDIT_COMPARE_GID_TO_OBJ_GID
189
190
/* Rule fields */
190
191
/* These are useful when checking the
191
192
* task structure at task creation time
+6
kernel/auditsc.c
+6
kernel/auditsc.c
···
474
474
uid_t uid2;
475
475
int rc;
476
476
477
+
BUILD_BUG_ON(sizeof(uid_t) != sizeof(gid_t));
478
+
477
479
if (name) {
478
480
addr = (unsigned long)name;
479
481
addr += name_offset;
···
511
509
case AUDIT_COMPARE_UID_TO_OBJ_UID:
512
510
return audit_compare_id(cred->uid,
513
511
name, offsetof(struct audit_names, uid),
512
+
f, ctx);
513
+
case AUDIT_COMPARE_GID_TO_OBJ_GID:
514
+
return audit_compare_id(cred->gid,
515
+
name, offsetof(struct audit_names, gid),
514
516
f, ctx);
515
517
default:
516
518
WARN(1, "Missing AUDIT_COMPARE define. Report as a bug\n");