mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2026-03-03 18:28:01 +01:00
bcb90a2834
The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class. Signed-off-by: Jeffrey Bencteux <jeff@bencteux.fr> Signed-off-by: Paul Moore <paul@paul-moore.com>
21 lines
337 B
C
21 lines
337 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifdef __NR_readlink
|
|
__NR_readlink,
|
|
#endif
|
|
__NR_quotactl,
|
|
__NR_listxattr,
|
|
#ifdef __NR_listxattrat
|
|
__NR_listxattrat,
|
|
#endif
|
|
__NR_llistxattr,
|
|
__NR_flistxattr,
|
|
__NR_getxattr,
|
|
#ifdef __NR_getxattrat
|
|
__NR_getxattrat,
|
|
#endif
|
|
__NR_lgetxattr,
|
|
__NR_fgetxattr,
|
|
#ifdef __NR_readlinkat
|
|
__NR_readlinkat,
|
|
#endif
|