adulau/aha
1
0
Fork 0
mirror of https://github.com/adulau/aha.git synced 2024-12-28 03:36:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

[PATCH] audit: fix broken class-based syscall audit

Browse source 
The sanity check in audit_match_class() is wrong.  We are able to audit
2048 syscalls but in audit_match_class() we were accidentally using
sizeof(_u32) instead of number of bits in _u32 when deciding how many
syscalls were valid.  On ia64 in particular we were hitting syscall
numbers over the (wrong) limit of 256.  Fixing the audit_match_class
check takes care of the problem.

Signed-off-by: Klaus Weidner <klaus@atsec.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Klaus Weidner 2007-05-16 17:45:42 -05:00 committed by Al Viro
parent 5b9a426223
commit c926e4f432
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
kernel/auditfilter.c
View file

@ -304,7 +304,7 @@ int __init audit_register_class(int class, unsigned *list)
int audit_match_class(int class, unsigned syscall) int audit_match_class(int class, unsigned syscall)
{ {
if (unlikely(syscall >= AUDIT_BITMASK_SIZE * sizeof(__u32))) if (unlikely(syscall >= AUDIT_BITMASK_SIZE * 32))
return 0; return 0;
if (unlikely(class >= AUDIT_SYSCALL_CLASSES || !classes[class])) if (unlikely(class >= AUDIT_SYSCALL_CLASSES || !classes[class]))
return 0; return 0;