lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 27 Jun 2017 14:47:02 -0400
From:   Richard Guy Briggs <rgb@...hat.com>
To:     linux-kernel@...r.kernel.org, linux-audit@...hat.com
Cc:     Richard Guy Briggs <rgb@...hat.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Eric Paris <eparis@...hat.com>, Paul Moore <pmoore@...hat.com>,
        Steve Grubb <sgrubb@...hat.com>
Subject: [PATCH] audit: convert AUDIT_FILTER_PATH to AUDIT_FILTER_FS

Switch from AUDIT_FILTER_PATH to AUDIT_FILTER_FS to align with the userspace
request to avoid a name collision with the path record and path field option.

Also update the corresponding feature bitmap macros.

See: https://github.com/linux-audit/audit-kernel/issues/8
See: https://github.com/linux-audit/audit-userspace/issues/15

Signed-off-by: Richard Guy Briggs <rgb@...hat.com>
---
 include/uapi/linux/audit.h |    6 +++---
 kernel/auditfilter.c       |   10 +++++-----
 kernel/auditsc.c           |    2 +-
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 0464910..cfaf346 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -155,7 +155,7 @@
 #define AUDIT_FILTER_WATCH	0x03	/* Apply rule to file system watches */
 #define AUDIT_FILTER_EXIT	0x04	/* Apply rule at syscall exit */
 #define AUDIT_FILTER_TYPE	0x05	/* Apply rule at audit_log_start */
-#define AUDIT_FILTER_PATH	0x06	/* Apply rule at __audit_inode_child */
+#define AUDIT_FILTER_FS		0x06	/* Apply rule at __audit_inode_child */
 
 #define AUDIT_NR_FILTERS	7
 
@@ -336,14 +336,14 @@ enum {
 #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH	0x00000004
 #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER	0x00000010
 #define AUDIT_FEATURE_BITMAP_LOST_RESET		0x00000020
-#define AUDIT_FEATURE_BITMAP_FILTER_PATH	0x00000040
+#define AUDIT_FEATURE_BITMAP_FILTER_FS		0x00000040
 
 #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \
 				  AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \
 				  AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \
 				  AUDIT_FEATURE_BITMAP_SESSIONID_FILTER | \
 				  AUDIT_FEATURE_BITMAP_LOST_RESET | \
-				  AUDIT_FEATURE_BITMAP_FILTER_PATH)
+				  AUDIT_FEATURE_BITMAP_FILTER_FS)
 
 /* deprecated: AUDIT_VERSION_* */
 #define AUDIT_VERSION_LATEST 		AUDIT_FEATURE_BITMAP_ALL
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 3e0ccf2..0fe34ce 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -265,7 +265,7 @@ static inline struct audit_entry *audit_to_entry_common(struct audit_rule_data *
 #endif
 	case AUDIT_FILTER_USER:
 	case AUDIT_FILTER_TYPE:
-	case AUDIT_FILTER_PATH:
+	case AUDIT_FILTER_FS:
 		;
 	}
 	if (unlikely(rule->action == AUDIT_POSSIBLE)) {
@@ -342,13 +342,13 @@ static int audit_field_valid(struct audit_entry *entry, struct audit_field *f)
 			return -EINVAL;
 		break;
 	case AUDIT_FSTYPE:
-		if (entry->rule.listnr != AUDIT_FILTER_PATH)
+		if (entry->rule.listnr != AUDIT_FILTER_FS)
 			return -EINVAL;
 		break;
 	}
 
 	switch(entry->rule.listnr) {
-	case AUDIT_FILTER_PATH:
+	case AUDIT_FILTER_FS:
 		switch(f->type) {
 		case AUDIT_FSTYPE:
 		case AUDIT_FILTERKEY:
@@ -933,7 +933,7 @@ static inline int audit_add_rule(struct audit_entry *entry)
 	switch(entry->rule.listnr) {
 	case AUDIT_FILTER_USER:
 	case AUDIT_FILTER_TYPE:
-	case AUDIT_FILTER_PATH:
+	case AUDIT_FILTER_FS:
 		dont_count = 1;
 	}
 #endif
@@ -1015,7 +1015,7 @@ int audit_del_rule(struct audit_entry *entry)
 	switch(entry->rule.listnr) {
 	case AUDIT_FILTER_USER:
 	case AUDIT_FILTER_TYPE:
-	case AUDIT_FILTER_PATH:
+	case AUDIT_FILTER_FS:
 		dont_count = 1;
 	}
 #endif
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index a12531f..7f369b2 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1869,7 +1869,7 @@ void __audit_inode_child(struct inode *parent,
 	const char *dname = dentry->d_name.name;
 	struct audit_names *n, *found_parent = NULL, *found_child = NULL;
 	struct audit_entry *e;
-	struct list_head *list = &audit_filter_list[AUDIT_FILTER_PATH];
+	struct list_head *list = &audit_filter_list[AUDIT_FILTER_FS];
 	int i;
 
 	if (!context->in_syscall)
-- 
1.7.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ