Commit 5b713886 authored by Ondrej Mosnáček's avatar Ondrej Mosnáček Committed by Paul Moore
Browse files

audit: Fix wrong task in comparison of session ID 

The audit_filter_rules() function in auditsc.c compared the session ID
with the credentials of the current task, while it should use the
credentials of the task given to audit_filter_rules() as a parameter
(tsk).

GitHub issue:
https://github.com/linux-audit/audit-kernel/issues/82



Fixes: 8fae4770 ("audit: add support for session ID user filter")
Signed-off-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
Reviewed-by: default avatarRichard Guy Briggs <rgb@redhat.com>
[PM: not user visible, dropped stable]
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 5c5b8d8b

kernel/auditsc.c

+1 −1
Original line number Diff line number Diff line
@@ -517,7 +517,7 @@ static int audit_filter_rules(struct task_struct *tsk, 
			result = audit_gid_comparator(cred->fsgid, f->op, f->gid);

			break;

		case AUDIT_SESSIONID:

			sessionid = audit_get_sessionid(current);

			sessionid = audit_get_sessionid(tsk);

			result = audit_comparator(sessionid, f->op, f->val);

			break;

		case AUDIT_PERS:

CRA Git | Maintained and supported by SUSTech CRA and CCSE