lsm-stacking: fix broken lsm audit

Dmitry Mastykin dmastykin at astralinux.ru
Mon Oct 25 08:17:47 UTC 2021


Hello Casey,

 > On 8/6/21 11:01 PM, Casey Schaufler wrote:
>> On 8/6/2021 12:02 AM, Dmitry Mastykin wrote:
>> Hello,
>> These patches address the problem of not processing LSM audit rules.
>> Problem was introduced in lsm stacking series.
> 
> Thank you. I will incorporate these changes in v29.
> 
thank you for the v29.
I think the following fix is still required:

---
  security/security.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/security.c b/security/security.c
index e33c8ccc06a0..fd14064e9106 100644
--- a/security/security.c
+++ b/security/security.c
@@ -2934,7 +2934,7 @@ int security_audit_rule_match(struct lsmblob 
*blob, u32 field, u32 op,
  			continue;
  		rc = hp->hook.audit_rule_match(blob->secid[hp->lsmid->slot],
  					       field, op,
-					       &lsmrule[hp->lsmid->slot]);
+					       lsmrule[hp->lsmid->slot]);
  		if (rc)
  			return rc;
  	}


Kind regards,
Dmitry Mastykin



More information about the Linux-security-module-archive mailing list