提交 20c6aaa3 编写于 作者: Z zhangxiliang 提交者: Al Viro

[PATCH] Fix the bug of using AUDIT_STATUS_RATE_LIMIT when set fail, no error output.

When the "status_get->mask" is "AUDIT_STATUS_RATE_LIMIT || AUDIT_STATUS_BACKLOG_LIMIT".
If "audit_set_rate_limit" fails and "audit_set_backlog_limit" succeeds, the "err" value
will be greater than or equal to 0. It will miss the failure of rate set.
Signed-off-by: NZhang Xiliang <zhangxiliang@cn.fujitsu.com>
Acked-by: NEric Paris <eparis@redhat.com>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
上级 980dfb0d
...@@ -707,12 +707,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) ...@@ -707,12 +707,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
if (status_get->mask & AUDIT_STATUS_ENABLED) { if (status_get->mask & AUDIT_STATUS_ENABLED) {
err = audit_set_enabled(status_get->enabled, err = audit_set_enabled(status_get->enabled,
loginuid, sessionid, sid); loginuid, sessionid, sid);
if (err < 0) return err; if (err < 0)
return err;
} }
if (status_get->mask & AUDIT_STATUS_FAILURE) { if (status_get->mask & AUDIT_STATUS_FAILURE) {
err = audit_set_failure(status_get->failure, err = audit_set_failure(status_get->failure,
loginuid, sessionid, sid); loginuid, sessionid, sid);
if (err < 0) return err; if (err < 0)
return err;
} }
if (status_get->mask & AUDIT_STATUS_PID) { if (status_get->mask & AUDIT_STATUS_PID) {
int new_pid = status_get->pid; int new_pid = status_get->pid;
...@@ -725,9 +727,12 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) ...@@ -725,9 +727,12 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
audit_pid = new_pid; audit_pid = new_pid;
audit_nlk_pid = NETLINK_CB(skb).pid; audit_nlk_pid = NETLINK_CB(skb).pid;
} }
if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {
err = audit_set_rate_limit(status_get->rate_limit, err = audit_set_rate_limit(status_get->rate_limit,
loginuid, sessionid, sid); loginuid, sessionid, sid);
if (err < 0)
return err;
}
if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
err = audit_set_backlog_limit(status_get->backlog_limit, err = audit_set_backlog_limit(status_get->backlog_limit,
loginuid, sessionid, sid); loginuid, sessionid, sid);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册