fixing audit rule ordering mess, part 1 Problem: ordering between the rules on exit chain is currently lost; all watch and inode rules are listed after everything else _and_ exit,never on one kind doesn't stop exit,always on another from being matched. Solution: assign priorities to rules, keep track of the current highest-priority matching rule and its result (always/never). Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

commit: 0590b9335a1c72a3f0defcc6231287f7817e07c8 [log] [tgz]
author: Al Viro <viro@zeniv.linux.org.uk> Sun Dec 14 23:45:27 2008 -0500
committer: Al Viro <viro@zeniv.linux.org.uk> Sun Jan 04 15:14:41 2009 -0500
tree: 289fa4668ae304f79f7484ac31b2cab0ab8894c1
parent: 1a9d0797b8977d413435277bf9661efbbd584693 [diff] [blame]
diff --git a/kernel/audit.h b/kernel/audit.h
index 9d67174..16f18ca 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h

@@ -159,11 +159,8 @@
 		return __audit_signal_info(sig, t);
 	return 0;
 }
-extern enum audit_state audit_filter_inodes(struct task_struct *,
-					    struct audit_context *);
-extern void audit_set_auditable(struct audit_context *);
+extern void audit_filter_inodes(struct task_struct *, struct audit_context *);
 #else
 #define audit_signal_info(s,t) AUDIT_DISABLED
 #define audit_filter_inodes(t,c) AUDIT_DISABLED
-#define audit_set_auditable(c)
 #endif
commit	0590b9335a1c72a3f0defcc6231287f7817e07c8	[log] [tgz]
author	Al Viro <viro@zeniv.linux.org.uk>	Sun Dec 14 23:45:27 2008 -0500
committer	Al Viro <viro@zeniv.linux.org.uk>	Sun Jan 04 15:14:41 2009 -0500
tree	289fa4668ae304f79f7484ac31b2cab0ab8894c1
parent	1a9d0797b8977d413435277bf9661efbbd584693 [diff] [blame]