From dc9fbb4d301c7803a402e1194e8414834d64bcc7 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Jan 2012 14:23:07 -0500 Subject: [PATCH] --- yaml --- r: 286061 b: refs/heads/master c: 54d3218b31aee5bc9c859ae60fbde933d922448b h: refs/heads/master i: 286059: da631b3764f3d99ddbb8b37fa130127fce62f34d v: v3 --- [refs] | 2 +- trunk/include/linux/audit.h | 1 + trunk/kernel/auditfilter.c | 1 + trunk/kernel/auditsc.c | 12 ++++++++++++ 4 files changed, 15 insertions(+), 1 deletion(-) diff --git a/[refs] b/[refs] index 5870d3d0f42d..180a58b22c58 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: efaffd6e4417860c67576ac760dd6e8bbd15f006 +refs/heads/master: 54d3218b31aee5bc9c859ae60fbde933d922448b diff --git a/trunk/include/linux/audit.h b/trunk/include/linux/audit.h index 55cb3daaf474..e36aa37c88af 100644 --- a/trunk/include/linux/audit.h +++ b/trunk/include/linux/audit.h @@ -224,6 +224,7 @@ #define AUDIT_DIR 107 #define AUDIT_FILETYPE 108 #define AUDIT_OBJ_UID 109 +#define AUDIT_OBJ_GID 110 #define AUDIT_ARG0 200 #define AUDIT_ARG1 (AUDIT_ARG0+1) diff --git a/trunk/kernel/auditfilter.c b/trunk/kernel/auditfilter.c index 13e997423dcd..f10605c787e6 100644 --- a/trunk/kernel/auditfilter.c +++ b/trunk/kernel/auditfilter.c @@ -462,6 +462,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, case AUDIT_ARG2: case AUDIT_ARG3: case AUDIT_OBJ_UID: + case AUDIT_OBJ_GID: break; case AUDIT_ARCH: entry->rule.arch_f = f; diff --git a/trunk/kernel/auditsc.c b/trunk/kernel/auditsc.c index 5cf3ecc01517..87b375fb12ff 100644 --- a/trunk/kernel/auditsc.c +++ b/trunk/kernel/auditsc.c @@ -598,6 +598,18 @@ static int audit_filter_rules(struct task_struct *tsk, } } break; + case AUDIT_OBJ_GID: + if (name) { + result = audit_comparator(name->gid, f->op, f->val); + } else if (ctx) { + list_for_each_entry(n, &ctx->names_list, list) { + if (audit_comparator(n->gid, f->op, f->val)) { + ++result; + break; + } + } + } + break; case AUDIT_WATCH: if (name) result = audit_watch_compare(rule->watch, name->ino, name->dev);