On 2018-05-17 17:31, Ondrej Mosnacek wrote: > The audit_filter_rules() function in auditsc.c compared the session ID > with the credentials of the current task, while it should use the > credentials of the task given to audit_filter_rules() as a parameter > (tsk). > > GitHub issue: > https://github.com/linux-audit/audit-kernel/issues/82 > > Fixes: 8fae47705685 ("audit: add support for session ID user filter") > Cc: stable@xxxxxxxxxxxxxxx > Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> Reviewed-by: Richard Guy Briggs <rgb@xxxxxxxxxx> > --- > kernel/auditsc.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index ec38e4d97c23..6d577a34b16b 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -513,7 +513,7 @@ static int audit_filter_rules(struct task_struct *tsk, > result = audit_gid_comparator(cred->fsgid, f->op, f->gid); > break; > case AUDIT_SESSIONID: > - sessionid = audit_get_sessionid(current); > + sessionid = audit_get_sessionid(tsk); > result = audit_comparator(sessionid, f->op, f->val); > break; > case AUDIT_PERS: > -- > 2.17.0 > - RGB -- Richard Guy Briggs <rgb@xxxxxxxxxx> Sr. S/W Engineer, Kernel Security, Base Operating Systems Remote, Ottawa, Red Hat Canada IRC: rgb, SunRaycer Voice: +1.647.777.2635, Internal: (81) 32635
