提交 8ba8e0fb 编写于 作者: D Darrel Goeddel 提交者: Al Viro

[PATCH] fix se_sen audit filter

Fix a broken comparison that causes the process clearance to be checked for
both se_clr and se_sen audit filters.
Signed-off-by: NDarrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
上级 014149cc
...@@ -1980,7 +1980,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, ...@@ -1980,7 +1980,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
break; break;
case AUDIT_SE_SEN: case AUDIT_SE_SEN:
case AUDIT_SE_CLR: case AUDIT_SE_CLR:
level = (op == AUDIT_SE_SEN ? level = (field == AUDIT_SE_SEN ?
&ctxt->range.level[0] : &ctxt->range.level[1]); &ctxt->range.level[0] : &ctxt->range.level[1]);
switch (op) { switch (op) {
case AUDIT_EQUAL: case AUDIT_EQUAL:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册