Merge tag 'audit-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit

}

/**

 * audit_filter_uring - apply filters to an io_uring operation

 * __audit_filter_op - common filter helper for operations (syscall/uring/etc)

 * @tsk: associated task

 * @ctx: audit context

 * @list: audit filter list

 * @name: audit_name (can be NULL)

 * @op: current syscall/uring_op

 *

 * Run the udit filters specified in @list against @tsk using @ctx,

 * @name, and @op, as necessary; the caller is responsible for ensuring

 * that the call is made while the RCU read lock is held. The @name

 * parameter can be NULL, but all others must be specified.

 * Returns 1/true if the filter finds a match, 0/false if none are found.

 */

static void audit_filter_uring(struct task_struct *tsk,

			       struct audit_context *ctx)

static int __audit_filter_op(struct task_struct *tsk,

			   struct audit_context *ctx,

			   struct list_head *list,

			   struct audit_names *name,

			   unsigned long op)

{

	struct audit_entry *e;

	enum audit_state state;

	list_for_each_entry_rcu(e, list, list) {

		if (audit_in_mask(&e->rule, op) &&

		    audit_filter_rules(tsk, &e->rule, ctx, name,

				       &state, false)) {

			ctx->current_state = state;

			return 1;

		}

	}

	return 0;

}

/**

 * audit_filter_uring - apply filters to an io_uring operation

 * @tsk: associated task

 * @ctx: audit context

 */

static void audit_filter_uring(struct task_struct *tsk,

			       struct audit_context *ctx)

{

	if (auditd_test_task(tsk))

		return;

	rcu_read_lock();

	list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_URING_EXIT],

				list) {

		if (audit_in_mask(&e->rule, ctx->uring_op) &&

		    audit_filter_rules(tsk, &e->rule, ctx, NULL, &state,

				       false)) {

			rcu_read_unlock();

			ctx->current_state = state;

			return;

		}

	}

	__audit_filter_op(tsk, ctx, &audit_filter_list[AUDIT_FILTER_URING_EXIT],

			NULL, ctx->uring_op);

	rcu_read_unlock();

}

static void audit_filter_syscall(struct task_struct *tsk,

				 struct audit_context *ctx)

{

	struct audit_entry *e;

	enum audit_state state;

	if (auditd_test_task(tsk))

		return;

	rcu_read_lock();

	list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_EXIT], list) {

		if (audit_in_mask(&e->rule, ctx->major) &&

		    audit_filter_rules(tsk, &e->rule, ctx, NULL,

				       &state, false)) {

	__audit_filter_op(tsk, ctx, &audit_filter_list[AUDIT_FILTER_EXIT],

			NULL, ctx->major);

	rcu_read_unlock();

			ctx->current_state = state;

			return;

		}

	}

	rcu_read_unlock();

	return;

}

/*

				   struct audit_context *ctx) {

	int h = audit_hash_ino((u32)n->ino);

	struct list_head *list = &audit_inode_hash[h];

	struct audit_entry *e;

	enum audit_state state;

	list_for_each_entry_rcu(e, list, list) {

		if (audit_in_mask(&e->rule, ctx->major) &&

		    audit_filter_rules(tsk, &e->rule, ctx, n, &state, false)) {

			ctx->current_state = state;

			return 1;

		}

	}

	return 0;

	return __audit_filter_op(tsk, ctx, list, n, ctx->major);

}

/* At syscall exit time, this filter is called if any audit_names have been