git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Richard Guy Briggs <rgb@redhat.com>
	Tue, 23 Dec 2014 18:02:04 +0000 (13:02 -0500)
committer	Jiri Slaby <jslaby@suse.cz>
	Wed, 7 Jan 2015 16:55:16 +0000 (17:55 +0100)
commit	5055918c73271c6c52aadeae2adf1920a13e1e36
tree	92c356da44a0c8e0e0cb8777b36bcf820d16b235	tree
parent	dc7a80cc0095cd6d8a69d79eace72b2c6ed48364	commit \| diff

audit: restore AUDIT_LOGINUID unset ABI

commit 041d7b98ffe59c59fdd639931dea7d74f9aa9a59 upstream.

A regression was caused by commit 780a7654cee8:
audit: Make testing for a valid loginuid explicit.
(which in turn attempted to fix a regression caused by e1760bd)

When audit_krule_to_data() fills in the rules to get a listing, there was a
missing clause to convert back from AUDIT_LOGINUID_SET to AUDIT_LOGINUID.

This broke userspace by not returning the same information that was sent and
expected.

The rule:
auditctl -a exit,never -F auid=-1
gives:
auditctl -l
LIST_RULES: exit,never f24=0 syscall=all
when it should give:
LIST_RULES: exit,never auid=-1 (0xffffffff) syscall=all

Tag it so that it is reported the same way it was set. Create a new
private flags audit_krule field (pflags) to store it that won't interact with
the public one from the API.

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>

include/linux/audit.h		diff \| blob \| blame \| history
kernel/auditfilter.c		diff \| blob \| blame \| history