Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[PATCH] mark context of syscall entered with no rules as dummy

Browse source 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro 2006-08-03 10:59:26 -04:00
parent 471a5c7c83
commit d51374adf5
2 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
include/linux/audit.h
View file

@ -329,6 +329,11 @@ extern void __audit_inode(const char *name, const struct inode *inode);
extern void __audit_inode_child(const char *dname, const struct inode *inode, extern void __audit_inode_child(const char *dname, const struct inode *inode,
const struct inode *parent); const struct inode *parent);
extern void __audit_inode_update(const struct inode *inode); extern void __audit_inode_update(const struct inode *inode);
static inline int audit_dummy_context(void)
{
void *p = current->audit_context;
return !p || *(int *)p;
}
static inline void audit_getname(const char *name) static inline void audit_getname(const char *name)
{ {
if (unlikely(current->audit_context)) if (unlikely(current->audit_context))
@ -416,6 +421,7 @@ extern int audit_n_rules;
#define audit_free(t) do { ; } while (0) #define audit_free(t) do { ; } while (0)
#define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0) #define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0)
#define audit_syscall_exit(f,r) do { ; } while (0) #define audit_syscall_exit(f,r) do { ; } while (0)
#define audit_dummy_context() 1
#define audit_getname(n) do { ; } while (0) #define audit_getname(n) do { ; } while (0)
#define audit_putname(n) do { ; } while (0) #define audit_putname(n) do { ; } while (0)
#define __audit_inode(n,i) do { ; } while (0) #define __audit_inode(n,i) do { ; } while (0)

6
kernel/auditsc.c
View file

@ -177,6 +177,7 @@ struct audit_aux_data_path {
/* The per-task audit context. */ /* The per-task audit context. */
struct audit_context { struct audit_context {
int dummy; /* must be the first element */
int in_syscall; /* 1 if task is in a syscall */ int in_syscall; /* 1 if task is in a syscall */
enum audit_state state; enum audit_state state;
unsigned int serial; /* serial number for record */ unsigned int serial; /* serial number for record */
@ -517,7 +518,7 @@ static inline struct audit_context *audit_get_context(struct task_struct *tsk,
context->return_valid = return_valid; context->return_valid = return_valid;
context->return_code = return_code; context->return_code = return_code;
if (context->in_syscall && !context->auditable) { if (context->in_syscall && !context->dummy && !context->auditable) {
enum audit_state state; enum audit_state state;
state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]); state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]);
@ -1069,7 +1070,8 @@ void audit_syscall_entry(int arch, int major,
context->argv[3] = a4; context->argv[3] = a4;
state = context->state; state = context->state;
if (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT) context->dummy = !audit_n_rules;
if (!context->dummy && (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT))
state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]); state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]);
if (likely(state == AUDIT_DISABLED)) if (likely(state == AUDIT_DISABLED))
return; return;