summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGaosheng Cui <cuigaosheng1@huawei.com>2021-10-16 15:23:51 +0800
committerPaul Moore <paul@paul-moore.com>2021-10-18 18:34:37 -0400
commitd9516f346e8b8e9c7dd37976a06a5bde1a871d6f (patch)
tree0aba70364c97f813187391fb16cc08fae0c151cb
parent571e5c0efcb29c5dac8cf2949d3eed84ec43056c (diff)
audit: return early if the filter rule has a lower priority
It is not necessary for audit_filter_rules() functions to check audit fileds of the rule with a lower priority, and if we did, there might be some unintended effects, such as the ctx->ppid may be changed unexpectedly, so return early if the rule has a lower priority. Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com> [PM: slight tweak to the subject line] Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r--kernel/auditsc.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index a4ba53f5354e..6efb0bb909d0 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -470,6 +470,9 @@ static int audit_filter_rules(struct task_struct *tsk,
u32 sid;
unsigned int sessionid;
+ if (ctx && rule->prio <= ctx->prio)
+ return 0;
+
cred = rcu_dereference_check(tsk->cred, tsk == current || task_creation);
for (i = 0; i < rule->field_count; i++) {
@@ -737,8 +740,6 @@ static int audit_filter_rules(struct task_struct *tsk,
}
if (ctx) {
- if (rule->prio <= ctx->prio)
- return 0;
if (rule->filterkey) {
kfree(ctx->filterkey);
ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC);