UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match

[mirror_ubuntu-jammy-kernel.git] / security / security.c

diff --git a/security/security.c b/security/security.c
index de841cfe99bfab371c549592fe9cf194b29c15a3..673dd6536ce7bdb1cebaf24cf9ea792e079d49f8 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -2629,11 +2629,14 @@ void security_audit_rule_free(void **lsmrule)
        hlist_for_each_entry(hp, &security_hook_heads.audit_rule_free, list) {
                if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
                        continue;
+               if (lsmrule[hp->lsmid->slot] == NULL)
+                       continue;
                hp->hook.audit_rule_free(lsmrule[hp->lsmid->slot]);
        }
 }
 
-int security_audit_rule_match(u32 secid, u32 field, u32 op, void **lsmrule)
+int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op,
+                             void **lsmrule)
 {
        struct security_hook_list *hp;
        int rc;
@@ -2641,7 +2644,10 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, void **lsmrule)
        hlist_for_each_entry(hp, &security_hook_heads.audit_rule_match, list) {
                if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
                        continue;
-               rc = hp->hook.audit_rule_match(secid, field, op,
+               if (lsmrule[hp->lsmid->slot] == NULL)
+                       continue;
+               rc = hp->hook.audit_rule_match(blob->secid[hp->lsmid->slot],
+                                              field, op,
                                               &lsmrule[hp->lsmid->slot]);
                if (rc)
                        return rc;