lsm-stacking: fix broken lsm audit
Casey Schaufler
casey at schaufler-ca.com
Mon Oct 25 15:01:24 UTC 2021
On 10/25/2021 1:17 AM, Dmitry Mastykin wrote:
> Hello Casey,
>
> > On 8/6/21 11:01 PM, Casey Schaufler wrote:
>>> On 8/6/2021 12:02 AM, Dmitry Mastykin wrote:
>>> Hello,
>>> These patches address the problem of not processing LSM audit rules.
>>> Problem was introduced in lsm stacking series.
>>
>> Thank you. I will incorporate these changes in v29.
>>
> thank you for the v29.
> I think the following fix is still required:
>
> ---
> security/security.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/security.c b/security/security.c
> index e33c8ccc06a0..fd14064e9106 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2934,7 +2934,7 @@ int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op,
> continue;
> rc = hp->hook.audit_rule_match(blob->secid[hp->lsmid->slot],
> field, op,
> - &lsmrule[hp->lsmid->slot]);
> + lsmrule[hp->lsmid->slot]);
The code has the correct indirection as written. With your change
it dies horribly. The interface is not very attractive.
> if (rc)
> return rc;
> }
>
>
> Kind regards,
> Dmitry Mastykin
>
More information about the Linux-security-module-archive
mailing list