Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'audit-pr-20200729' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
Pull audit fixes from Paul Moore:
"One small audit fix that you can hopefully merge before v5.8 is
released. Unfortunately it is a revert of a patch that went in during
the v5.7 window and we just recently started to see some bug reports
relating to that commit.
We are working on a proper fix, but I'm not yet clear on when that
will be ready and we need to fix the v5.7 kernels anyway, so in the
interest of time a revert seemed like the best solution right now"
* tag 'audit-pr-20200729' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
revert: 1320a4052ea1 ("audit: trigger accompanying records when no rules present")
+3
-9
-1
kernel/audit.c
-1
kernel/audit.c
-8
kernel/audit.h
-8
kernel/audit.h
···
290
290
extern void audit_filter_inodes(struct task_struct *tsk,
291
291
struct audit_context *ctx);
292
292
extern struct list_head *audit_killed_trees(void);
293
-
294
-
static inline void audit_clear_dummy(struct audit_context *ctx)
295
-
{
296
-
if (ctx)
297
-
ctx->dummy = 0;
298
-
}
299
-
300
293
#else /* CONFIG_AUDITSYSCALL */
301
294
#define auditsc_get_stamp(c, t, s) 0
302
295
#define audit_put_watch(w) {}
···
323
330
}
324
331
325
332
#define audit_filter_inodes(t, c) AUDIT_DISABLED
326
-
#define audit_clear_dummy(c) {}
327
333
#endif /* CONFIG_AUDITSYSCALL */
328
334
329
335
extern char *audit_unpack_string(void **bufp, size_t *remain, size_t len);
+3
kernel/auditsc.c
+3
kernel/auditsc.c
···
1417
1417
struct audit_context *context = audit_context();
1418
1418
struct audit_buffer *ab;
1419
1419
1420
+
if (!context || context->dummy)
1421
+
return;
1422
+
1420
1423
ab = audit_log_start(context, GFP_KERNEL, AUDIT_PROCTITLE);
1421
1424
if (!ab)
1422
1425
return; /* audit_panic or being filtered */