fixing audit rule ordering mess, part 1

Problem: ordering between the rules on exit chain is currently lost; all watch and inode rules are listed after everything else _and_ exit,never on one kind doesn't stop exit,always on another from being matched. Solution: assign priorities to rules, keep track of the current highest-priority matching rule and its result (always/never). Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
author: Al Viro <viro@zeniv.linux.org.uk> 2008-12-14 23:45:27 -0500
committer: Al Viro <viro@zeniv.linux.org.uk> 2009-01-04 15:14:41 -0500
commit: 0590b9335a1c72a3f0defcc6231287f7817e07c8 (patch)
tree: 289fa4668ae304f79f7484ac31b2cab0ab8894c1 /include/linux/audit.h
parent: audit_update_lsm_rules() misses the audit_inode_hash[] ones (diff)
download: linux-dev-0590b9335a1c72a3f0defcc6231287f7817e07c8.tar.xz
linux-dev-0590b9335a1c72a3f0defcc6231287f7817e07c8.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 7ddcb6a29eb1..5b47eeb00d53 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -373,6 +373,7 @@ struct audit_krule {
 	struct audit_watch	*watch;	/* associated watch */
 	struct audit_tree	*tree;	/* associated watched tree */
 	struct list_head	rlist;	/* entry in audit_{watch,tree}.rules list */
+	u64			prio;
 };
 
 struct audit_field {
author	Al Viro <viro@zeniv.linux.org.uk>	2008-12-14 23:45:27 -0500
committer	Al Viro <viro@zeniv.linux.org.uk>	2009-01-04 15:14:41 -0500
commit	0590b9335a1c72a3f0defcc6231287f7817e07c8 (patch)
tree	289fa4668ae304f79f7484ac31b2cab0ab8894c1 /include/linux/audit.h
parent	audit_update_lsm_rules() misses the audit_inode_hash[] ones (diff)
download	linux-dev-0590b9335a1c72a3f0defcc6231287f7817e07c8.tar.xz linux-dev-0590b9335a1c72a3f0defcc6231287f7817e07c8.zip