[PATCH 3/3] kernel/auditsc: use correct blob for files in security_audit_rule_match call
Dmitry Mastykin
dmastykin at astralinux.ru
Fri Aug 6 07:02:45 UTC 2021
File audit didn't work. Uninitialized local structure was passed
to security_audit_rule_match instead of audit_names oblob.
Signed-off-by: Dmitry Mastykin <dmastykin at astralinux.ru>
---
kernel/auditsc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index c314533dd220..3b1afdb5cda4 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -689,14 +689,14 @@ static int audit_filter_rules(struct task_struct *tsk,
/* Find files that match */
if (name) {
result = security_audit_rule_match(
- &blob,
+ &name->oblob,
f->type,
f->op,
f->lsm_rules);
} else if (ctx) {
list_for_each_entry(n, &ctx->names_list, list) {
if (security_audit_rule_match(
- &blob,
+ &n->oblob,
f->type,
f->op,
f->lsm_rules)) {
--
2.11.0
More information about the Linux-security-module-archive
mailing list