audit: seperate audit inode watches into a subfile

[mirror_ubuntu-jammy-kernel.git] / kernel / auditsc.c

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 7d6ac7c1f414479ada4a58af0c4b9e241051062e..0b862cac6ca2e3f77b3dffe152e97c9f6575cce8 100644 (file)
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -548,9 +548,9 @@ static int audit_filter_rules(struct task_struct *tsk,
                        }
                        break;
                case AUDIT_WATCH:
-                       if (name && rule->watch->ino != (unsigned long)-1)
-                               result = (name->dev == rule->watch->dev &&
-                                         name->ino == rule->watch->ino);
+                       if (name && audit_watch_inode(rule->watch) != (unsigned long)-1)
+                               result = (name->dev == audit_watch_dev(rule->watch) &&
+                                         name->ino == audit_watch_inode(rule->watch));
                        break;
                case AUDIT_DIR:
                        if (ctx)
@@ -1024,8 +1024,8 @@ static int audit_log_single_execve_arg(struct audit_context *context,
 {
        char arg_num_len_buf[12];
        const char __user *tmp_p = p;
-       /* how many digits are in arg_num? 3 is the length of " a=" */
-       size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 3;
+       /* how many digits are in arg_num? 5 is the length of ' a=""' */
+       size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 5;
        size_t len, len_left, to_send;
        size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN;
        unsigned int i, has_cntl = 0, too_long = 0;