Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[PATCH] introduce audit rules counter

Browse source 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro 2006-07-10 08:29:24 -04:00
parent 5422e01ac1
commit 471a5c7c83
3 changed files with 29 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
include/linux/audit.h
View file

@ -410,6 +410,7 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
return __audit_mq_getsetattr(mqdes, mqstat); return __audit_mq_getsetattr(mqdes, mqstat);
return 0; return 0;
} }
extern int audit_n_rules;
#else #else
#define audit_alloc(t) ({ 0; }) #define audit_alloc(t) ({ 0; })
#define audit_free(t) do { ; } while (0) #define audit_free(t) do { ; } while (0)
@ -437,6 +438,7 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
#define audit_mq_timedreceive(d,l,p,t) ({ 0; }) #define audit_mq_timedreceive(d,l,p,t) ({ 0; })
#define audit_mq_notify(d,n) ({ 0; }) #define audit_mq_notify(d,n) ({ 0; })
#define audit_mq_getsetattr(d,s) ({ 0; }) #define audit_mq_getsetattr(d,s) ({ 0; })
#define audit_n_rules 0
#endif #endif
#ifdef CONFIG_AUDIT #ifdef CONFIG_AUDIT

24
kernel/auditfilter.c
View file

@ -1136,6 +1136,14 @@ static inline int audit_add_rule(struct audit_entry *entry,
struct audit_watch *watch = entry->rule.watch; struct audit_watch *watch = entry->rule.watch;
struct nameidata *ndp, *ndw; struct nameidata *ndp, *ndw;
int h, err, putnd_needed = 0; int h, err, putnd_needed = 0;
#ifdef CONFIG_AUDITSYSCALL
int dont_count = 0;
/* If either of these, don't count towards total */
if (entry->rule.listnr == AUDIT_FILTER_USER ||
entry->rule.listnr == AUDIT_FILTER_TYPE)
dont_count = 1;
#endif
if (inode_f) { if (inode_f) {
h = audit_hash_ino(inode_f->val); h = audit_hash_ino(inode_f->val);
@ -1176,6 +1184,10 @@ static inline int audit_add_rule(struct audit_entry *entry,
} else { } else {
list_add_tail_rcu(&entry->list, list); list_add_tail_rcu(&entry->list, list);
} }
#ifdef CONFIG_AUDITSYSCALL
if (!dont_count)
audit_n_rules++;
#endif
mutex_unlock(&audit_filter_mutex); mutex_unlock(&audit_filter_mutex);
if (putnd_needed) if (putnd_needed)
@ -1200,6 +1212,14 @@ static inline int audit_del_rule(struct audit_entry *entry,
struct audit_watch *watch, *tmp_watch = entry->rule.watch; struct audit_watch *watch, *tmp_watch = entry->rule.watch;
LIST_HEAD(inotify_list); LIST_HEAD(inotify_list);
int h, ret = 0; int h, ret = 0;
#ifdef CONFIG_AUDITSYSCALL
int dont_count = 0;
/* If either of these, don't count towards total */
if (entry->rule.listnr == AUDIT_FILTER_USER ||
entry->rule.listnr == AUDIT_FILTER_TYPE)
dont_count = 1;
#endif
if (inode_f) { if (inode_f) {
h = audit_hash_ino(inode_f->val); h = audit_hash_ino(inode_f->val);
@ -1237,6 +1257,10 @@ static inline int audit_del_rule(struct audit_entry *entry,
list_del_rcu(&e->list); list_del_rcu(&e->list);
call_rcu(&e->rcu, audit_free_rule_rcu); call_rcu(&e->rcu, audit_free_rule_rcu);
#ifdef CONFIG_AUDITSYSCALL
if (!dont_count)
audit_n_rules--;
#endif
mutex_unlock(&audit_filter_mutex); mutex_unlock(&audit_filter_mutex);
if (!list_empty(&inotify_list)) if (!list_empty(&inotify_list))

3
kernel/auditsc.c
View file

@ -85,6 +85,9 @@ extern int audit_enabled;
/* Indicates that audit should log the full pathname. */ /* Indicates that audit should log the full pathname. */
#define AUDIT_NAME_FULL -1 #define AUDIT_NAME_FULL -1
/* number of audit rules */
int audit_n_rules;
/* When fs/namei.c:getname() is called, we store the pointer in name and /* When fs/namei.c:getname() is called, we store the pointer in name and
* we don't let putname() free it (instead we free all of the saved * we don't let putname() free it (instead we free all of the saved
* pointers at syscall exit time). * pointers at syscall exit time).