• Eric W. Biederman's avatar
    audit: Add typespecific uid and gid comparators · ca57ec0f
    Eric W. Biederman authored
    The audit filter code guarantees that uid are always compared with
    uids and gids are always compared with gids, as the comparason
    operations are type specific.  Take advantage of this proper to define
    audit_uid_comparator and audit_gid_comparator which use the type safe
    comparasons from uidgid.h.
    
    Build on audit_uid_comparator and audit_gid_comparator and replace
    audit_compare_id with audit_compare_uid and audit_compare_gid.  This
    is one of those odd cases where being type safe and duplicating code
    leads to simpler shorter and more concise code.
    
    Don't allow bitmask operations in uid and gid comparisons in
    audit_data_to_entry.  Bitmask operations are already denined in
    audit_rule_to_entry.
    
    Convert constants in audit_rule_to_entry and audit_data_to_entry into
    kuids and kgids when appropriate.
    
    Convert the uid and gid field in struct audit_names to be of type
    kuid_t and kgid_t respectively, so that the new uid and gid comparators
    can be applied in a type safe manner.
    
    Cc: Al Viro <viro@zeniv.linux.org.uk>
    Cc: Eric Paris <eparis@redhat.com>
    Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
    ca57ec0f
auditsc.c 71.4 KB