Loading include/linux/audit.h +6 −0 Original line number Diff line number Diff line Loading @@ -329,6 +329,11 @@ extern void __audit_inode(const char *name, const struct inode *inode); extern void __audit_inode_child(const char *dname, const struct inode *inode, const struct inode *parent); extern void __audit_inode_update(const struct inode *inode); static inline int audit_dummy_context(void) { void *p = current->audit_context; return !p || *(int *)p; } static inline void audit_getname(const char *name) { if (unlikely(current->audit_context)) Loading Loading @@ -416,6 +421,7 @@ extern int audit_n_rules; #define audit_free(t) do { ; } while (0) #define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0) #define audit_syscall_exit(f,r) do { ; } while (0) #define audit_dummy_context() 1 #define audit_getname(n) do { ; } while (0) #define audit_putname(n) do { ; } while (0) #define __audit_inode(n,i) do { ; } while (0) Loading kernel/auditsc.c +4 −2 Original line number Diff line number Diff line Loading @@ -177,6 +177,7 @@ struct audit_aux_data_path { /* The per-task audit context. */ struct audit_context { int dummy; /* must be the first element */ int in_syscall; /* 1 if task is in a syscall */ enum audit_state state; unsigned int serial; /* serial number for record */ Loading Loading @@ -517,7 +518,7 @@ static inline struct audit_context *audit_get_context(struct task_struct *tsk, context->return_valid = return_valid; context->return_code = return_code; if (context->in_syscall && !context->auditable) { if (context->in_syscall && !context->dummy && !context->auditable) { enum audit_state state; state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]); Loading Loading @@ -1069,7 +1070,8 @@ void audit_syscall_entry(int arch, int major, context->argv[3] = a4; state = context->state; if (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT) context->dummy = !audit_n_rules; if (!context->dummy && (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT)) state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]); if (likely(state == AUDIT_DISABLED)) return; Loading Loading
include/linux/audit.h +6 −0 Original line number Diff line number Diff line Loading @@ -329,6 +329,11 @@ extern void __audit_inode(const char *name, const struct inode *inode); extern void __audit_inode_child(const char *dname, const struct inode *inode, const struct inode *parent); extern void __audit_inode_update(const struct inode *inode); static inline int audit_dummy_context(void) { void *p = current->audit_context; return !p || *(int *)p; } static inline void audit_getname(const char *name) { if (unlikely(current->audit_context)) Loading Loading @@ -416,6 +421,7 @@ extern int audit_n_rules; #define audit_free(t) do { ; } while (0) #define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0) #define audit_syscall_exit(f,r) do { ; } while (0) #define audit_dummy_context() 1 #define audit_getname(n) do { ; } while (0) #define audit_putname(n) do { ; } while (0) #define __audit_inode(n,i) do { ; } while (0) Loading
kernel/auditsc.c +4 −2 Original line number Diff line number Diff line Loading @@ -177,6 +177,7 @@ struct audit_aux_data_path { /* The per-task audit context. */ struct audit_context { int dummy; /* must be the first element */ int in_syscall; /* 1 if task is in a syscall */ enum audit_state state; unsigned int serial; /* serial number for record */ Loading Loading @@ -517,7 +518,7 @@ static inline struct audit_context *audit_get_context(struct task_struct *tsk, context->return_valid = return_valid; context->return_code = return_code; if (context->in_syscall && !context->auditable) { if (context->in_syscall && !context->dummy && !context->auditable) { enum audit_state state; state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]); Loading Loading @@ -1069,7 +1070,8 @@ void audit_syscall_entry(int arch, int major, context->argv[3] = a4; state = context->state; if (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT) context->dummy = !audit_n_rules; if (!context->dummy && (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT)) state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]); if (likely(state == AUDIT_DISABLED)) return; Loading
Al Viro <viro@zeniv.linux.org.uk>Al Viro <viro@zeniv.linux.org.uk>