Re: [PATCH] Fix the kernel panic of audit_filter_task when key field is set

[PATCH] Fix the kernel panic of audit_filter_task when AUDIT_PERM or AUDIT_FILETYPE field is set When calling audit_filter_task(), it calls audit_filter_rules() with audit_context is NULL. If the AUDIT_PERM or AUDIT_FILETYPE field is set, audit_match_perm() or audit_match_filetype() will use ctx->xx. But the ctx is NULL in this condition, so kernel will panic. Signed-off-by: Zhang Xiliang <zhangxiliang(a)cn.fujitsu.com&gt; --- kernel/auditsc.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 012c94e..29b6964 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -243,6 +243,8 @@ static inline int open_arg(int flags, int mask) static int audit_match_perm(struct audit_context *ctx, int mask) { + if(!ctx) + return 0; unsigned n = ctx->major; switch (audit_classify_syscall(ctx->arch, n)) { case 0: /* native */ @@ -284,6 +286,8 @@ static int audit_match_filetype(struct audit_context *ctx, int which) { unsigned index = which & ~S_IFMT; mode_t mode = which & S_IFMT; + if(!ctx) + return 0; if (index >= ctx->name_count) return 0; if (ctx->names[index].ino == -1) zhangxiliang said the following on 2008-08-01 19:15: