GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-06-21 14:11:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

AUDIT: Optimise the audit-disabled case for discarding user messages

Browse source 
Also exempt USER_AVC message from being discarded to preserve 
existing behaviour for SE Linux.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This commit is contained in:
David Woodhouse 2005-06-22 14:56:47 +01:00
parent f6a789d198
commit 4a4cd633b5
3 changed files with 33 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

21
kernel/auditsc.c
View file

@ -530,22 +530,33 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
return AUDIT_BUILD_CONTEXT;
}
int audit_filter_user(struct task_struct *tsk, int type)
int audit_filter_user(int pid, int type)
{
struct task_struct *tsk;
struct audit_entry *e;
enum audit_state state;
int ret = 1;
if (audit_pid && tsk->pid == audit_pid)
return AUDIT_DISABLED;
read_lock(&tasklist_lock);
tsk = find_task_by_pid(pid);
if (tsk)
get_task_struct(tsk);
read_unlock(&tasklist_lock);
if (!tsk)
return -ESRCH;
rcu_read_lock();
list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_USER], list) {
if (audit_filter_rules(tsk, &e->rule, NULL, &state)) {
rcu_read_unlock();
return state != AUDIT_DISABLED;
if (state == AUDIT_DISABLED)
ret = 0;
break;
}
}
rcu_read_unlock();
put_task_struct(tsk);
return 1; /* Audit by default */
}