diff options
author | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-06-22 15:56:47 +0200 |
---|---|---|
committer | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-06-22 15:56:47 +0200 |
commit | 4a4cd633b575609b741a1de7837223a2d9e1c34c (patch) | |
tree | f4c3a6beb6a587598193053240f3e3f82885f1e3 /kernel/audit.c | |
parent | AUDIT: Spawn kernel thread to list filter rules. (diff) | |
download | linux-4a4cd633b575609b741a1de7837223a2d9e1c34c.tar.xz linux-4a4cd633b575609b741a1de7837223a2d9e1c34c.zip |
AUDIT: Optimise the audit-disabled case for discarding user messages
Also exempt USER_AVC message from being discarded to preserve
existing behaviour for SE Linux.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'kernel/audit.c')
-rw-r--r-- | kernel/audit.c | 32 |
1 files changed, 14 insertions, 18 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index c1ab8dbbb67b..09a37581213b 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -429,25 +429,21 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) break; case AUDIT_USER: case AUDIT_FIRST_USER_MSG...AUDIT_LAST_USER_MSG: - read_lock(&tasklist_lock); - tsk = find_task_by_pid(pid); - if (tsk) - get_task_struct(tsk); - read_unlock(&tasklist_lock); - if (!tsk) - return -ESRCH; - - if (audit_enabled && audit_filter_user(tsk, msg_type)) { - ab = audit_log_start(NULL, msg_type); - if (ab) { - audit_log_format(ab, - "user pid=%d uid=%u auid=%u msg='%.1024s'", - pid, uid, loginuid, (char *)data); - audit_set_pid(ab, pid); - audit_log_end(ab); - } + if (!audit_enabled && msg_type != AUDIT_USER_AVC) + return 0; + + err = audit_filter_user(pid, msg_type); + if (err == 1) { + err = 0; + ab = audit_log_start(NULL, msg_type); + if (ab) { + audit_log_format(ab, + "user pid=%d uid=%u auid=%u msg='%.1024s'", + pid, uid, loginuid, (char *)data); + audit_set_pid(ab, pid); + audit_log_end(ab); + } } - put_task_struct(tsk); break; case AUDIT_ADD: case AUDIT_DEL: |