[SPARC64]: Document the instruction checks we do in do_sparc64_fault().

[safe/jmp/linux-2.6] / kernel / auditfilter.c

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 686d514..d3a8539 100644 (file)
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -160,11 +160,17 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
                f->val = rule->values[i];
 
                entry->rule.vers_ops = (f->op & AUDIT_OPERATORS) ? 2 : 1;
+
+               /* Support for legacy operators where
+                * AUDIT_NEGATE bit signifies != and otherwise assumes == */
                if (f->op & AUDIT_NEGATE)
-                       f->op |= AUDIT_NOT_EQUAL;
-               else if (!(f->op & AUDIT_OPERATORS))
-                       f->op |= AUDIT_EQUAL;
-               f->op &= ~AUDIT_NEGATE;
+                       f->op = AUDIT_NOT_EQUAL;
+               else if (!f->op)
+                       f->op = AUDIT_EQUAL;
+               else if (f->op == AUDIT_OPERATORS) {
+                       err = -EINVAL;
+                       goto exit_free;
+               }
        }
 
 exit_nofree:
@@ -323,7 +329,7 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
 }
 
 /* Add rule to given filterlist if not a duplicate.  Protected by
- * audit_netlink_sem. */
+ * audit_netlink_mutex. */
 static inline int audit_add_rule(struct audit_entry *entry,
                                  struct list_head *list)
 {
@@ -346,7 +352,7 @@ static inline int audit_add_rule(struct audit_entry *entry,
 }
 
 /* Remove an existing rule from filterlist.  Protected by
- * audit_netlink_sem. */
+ * audit_netlink_mutex. */
 static inline int audit_del_rule(struct audit_entry *entry,
                                 struct list_head *list)
 {
@@ -377,10 +383,10 @@ static int audit_list(void *_dest)
        seq = dest[1];
        kfree(dest);
 
-       down(&audit_netlink_sem);
+       mutex_lock(&audit_netlink_mutex);
 
        /* The *_rcu iterators not needed here because we are
-          always called with audit_netlink_sem held. */
+          always called with audit_netlink_mutex held. */
        for (i=0; i<AUDIT_NR_FILTERS; i++) {
                list_for_each_entry(entry, &audit_filter_list[i], list) {
                        struct audit_rule *rule;
@@ -395,7 +401,7 @@ static int audit_list(void *_dest)
        }
        audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
        
-       up(&audit_netlink_sem);
+       mutex_unlock(&audit_netlink_mutex);
        return 0;
 }
 
@@ -411,10 +417,10 @@ static int audit_list_rules(void *_dest)
        seq = dest[1];
        kfree(dest);
 
-       down(&audit_netlink_sem);
+       mutex_lock(&audit_netlink_mutex);
 
        /* The *_rcu iterators not needed here because we are
-          always called with audit_netlink_sem held. */
+          always called with audit_netlink_mutex held. */
        for (i=0; i<AUDIT_NR_FILTERS; i++) {
                list_for_each_entry(e, &audit_filter_list[i], list) {
                        struct audit_rule_data *data;
@@ -429,7 +435,7 @@ static int audit_list_rules(void *_dest)
        }
        audit_send_reply(pid, seq, AUDIT_LIST_RULES, 1, 1, NULL, 0);
 
-       up(&audit_netlink_sem);
+       mutex_unlock(&audit_netlink_mutex);
        return 0;
 }
 
@@ -487,10 +493,11 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
 
                err = audit_add_rule(entry,
                                     &audit_filter_list[entry->rule.listnr]);
-               if (!err)
-                       audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
-                                 "auid=%u added an audit rule\n", loginuid);
-               else
+               audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
+                       "auid=%u add rule to list=%d res=%d\n",
+                       loginuid, entry->rule.listnr, !err);
+
+               if (err)
                        audit_free_rule(entry);
                break;
        case AUDIT_DEL:
@@ -504,9 +511,10 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
 
                err = audit_del_rule(entry,
                                     &audit_filter_list[entry->rule.listnr]);
-               if (!err)
-                       audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
-                                 "auid=%u removed an audit rule\n", loginuid);
+               audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
+                       "auid=%u remove rule from list=%d res=%d\n",
+                       loginuid, entry->rule.listnr, !err);
+
                audit_free_rule(entry);
                break;
        default:
@@ -531,9 +539,9 @@ int audit_comparator(const u32 left, const u32 op, const u32 right)
                return (left > right);
        case AUDIT_GREATER_THAN_OR_EQUAL:
                return (left >= right);
-       default:
-               return -EINVAL;
        }
+       BUG();
+       return 0;
 }