aboutsummaryrefslogtreecommitdiff
path: root/kernel
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2012-01-03 14:23:07 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2012-01-17 16:16:58 -0500
commit7ff68e53ece8c175d2951bb8a30b3cce8f9c5579 (patch)
treecde525e879e2e2434b0e3b23248588f015f5df04 /kernel
parenta4ff8dba7d8ce5ceb43fb27df66292251cc73bdc (diff)
audit: reject entry,always rules
We deprecated entry,always rules a long time ago. Reject those rules as invalid. Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/auditfilter.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index d94dde82c3c..903caa269b5 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -235,13 +235,15 @@ static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule)
switch(listnr) {
default:
goto exit_err;
- case AUDIT_FILTER_USER:
- case AUDIT_FILTER_TYPE:
#ifdef CONFIG_AUDITSYSCALL
case AUDIT_FILTER_ENTRY:
+ if (rule->action == AUDIT_ALWAYS)
+ goto exit_err;
case AUDIT_FILTER_EXIT:
case AUDIT_FILTER_TASK:
#endif
+ case AUDIT_FILTER_USER:
+ case AUDIT_FILTER_TYPE:
;
}
if (unlikely(rule->action == AUDIT_POSSIBLE)) {