lsm-stacking: fix broken lsm audit

Casey Schaufler casey at schaufler-ca.com
Mon Oct 25 15:01:24 UTC 2021


On 10/25/2021 1:17 AM, Dmitry Mastykin wrote:
> Hello Casey,
>
> > On 8/6/21 11:01 PM, Casey Schaufler wrote:
>>> On 8/6/2021 12:02 AM, Dmitry Mastykin wrote:
>>> Hello,
>>> These patches address the problem of not processing LSM audit rules.
>>> Problem was introduced in lsm stacking series.
>>
>> Thank you. I will incorporate these changes in v29.
>>
> thank you for the v29.
> I think the following fix is still required:
>
> ---
>  security/security.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/security.c b/security/security.c
> index e33c8ccc06a0..fd14064e9106 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2934,7 +2934,7 @@ int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op,
>              continue;
>          rc = hp->hook.audit_rule_match(blob->secid[hp->lsmid->slot],
>                             field, op,
> -                           &lsmrule[hp->lsmid->slot]);
> +                           lsmrule[hp->lsmid->slot]);

The code has the correct indirection as written. With your change
it dies horribly. The interface is not very attractive.

> if (rc)
>              return rc;
>      }
>
>
> Kind regards,
> Dmitry Mastykin
>



More information about the Linux-security-module-archive mailing list