[PATCH 1/2] audit string fields interface + consumer
Steve Grubb
sgrubb at redhat.com
Tue Feb 14 14:31:56 UTC 2006
On Tuesday 07 February 2006 12:05, Amy Griffis wrote:
> @@ -221,41 +466,48 @@ int audit_receive_filter(int type, int p
> dest[0] = pid;
> dest[1] = seq;
>
> - tsk = kthread_run(audit_list_rules, dest,
> "audit_list_rules"); + if (type == AUDIT_LIST)
> + tsk = kthread_run(audit_list, dest, "audit_list");
> + else
> + tsk = kthread_run(audit_list_rules, dest,
> + "audit_list_rules");
> if (IS_ERR(tsk)) {
> kfree(dest);
> err = PTR_ERR(tsk);
> }
> break;
> case AUDIT_ADD:
> - listnr = ((struct audit_rule *)data)->flags &
> ~AUDIT_FILTER_PREPEND; - switch(listnr) {
> - default:
> - return -EINVAL;
> + case AUDIT_ADD_RULE:
> + if (type == AUDIT_ADD)
> + entry = audit_rule_to_entry(data);
> + else
> + entry = audit_data_to_entry(data, datasz);
> + if (IS_ERR(entry))
> + return PTR_ERR(entry);
>
> - case AUDIT_FILTER_USER:
> - case AUDIT_FILTER_TYPE:
> -#ifdef CONFIG_AUDITSYSCALL
> - case AUDIT_FILTER_ENTRY:
> - case AUDIT_FILTER_EXIT:
> - case AUDIT_FILTER_TASK:
> -#endif
> - ;
> - }
> - err = audit_add_rule(data, &audit_filter_list[listnr]);
> + err = audit_add_rule(entry,
> + &audit_filter_list[entry->rule.listnr]);
> if (!err)
> audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
> "auid=%u added an audit rule\n", loginuid);
> + else
> + audit_free_rule(entry);
This patch blows up here when applying to rc3 kernel. I do not have any
patch that adds the "if (!err)". Where did that come from?
Thanks,
-Steve
More information about the Linux-audit
mailing list