[apparmor] [PATCH] apparmor: Add support for audit rule filtering
Seth Arnold
seth.arnold at canonical.com
Sat Apr 14 01:24:01 UTC 2018
On Fri, Apr 13, 2018 at 11:22:11AM -0700, Matthew Garrett wrote:
> +int aa_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
> +{
> + struct aa_audit_rule *rule;
> +
> + switch (field) {
> + case AUDIT_SUBJ_ROLE:
> + if (op != Audit_equal && op != Audit_not_equal)
> + return -EINVAL;
> + break;
> + default:
> + return -EINVAL;
> + }
> +
> + rule = kzalloc(sizeof(struct aa_audit_rule), GFP_KERNEL);
> +
> + if (!rule)
> + return -ENOMEM;
> +
> + rule->profile = kstrdup(rulestr, GFP_KERNEL);
Hi Matthew, if this allocation fails, 'rule' is returned malformed; is
this intentional?
> + *vrule = rule;
> +
> + return 0;
> +}
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20180413/763a186e/attachment.sig>
More information about the AppArmor
mailing list