summaryrefslogtreecommitdiffstats
path: root/kernel/auditsc.c
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-22 15:56:47 +0200
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-06-22 15:56:47 +0200
commit4a4cd633b575609b741a1de7837223a2d9e1c34c (patch)
treef4c3a6beb6a587598193053240f3e3f82885f1e3 /kernel/auditsc.c
parentAUDIT: Spawn kernel thread to list filter rules. (diff)
downloadlinux-4a4cd633b575609b741a1de7837223a2d9e1c34c.tar.xz
linux-4a4cd633b575609b741a1de7837223a2d9e1c34c.zip
AUDIT: Optimise the audit-disabled case for discarding user messages
Also exempt USER_AVC message from being discarded to preserve existing behaviour for SE Linux. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r--kernel/auditsc.c21
1 files changed, 16 insertions, 5 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index cb8a44945157..fc858b0c044a 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -530,22 +530,33 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
return AUDIT_BUILD_CONTEXT;
}
-int audit_filter_user(struct task_struct *tsk, int type)
+int audit_filter_user(int pid, int type)
{
+ struct task_struct *tsk;
struct audit_entry *e;
enum audit_state state;
+ int ret = 1;
- if (audit_pid && tsk->pid == audit_pid)
- return AUDIT_DISABLED;
+ read_lock(&tasklist_lock);
+ tsk = find_task_by_pid(pid);
+ if (tsk)
+ get_task_struct(tsk);
+ read_unlock(&tasklist_lock);
+
+ if (!tsk)
+ return -ESRCH;
rcu_read_lock();
list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_USER], list) {
if (audit_filter_rules(tsk, &e->rule, NULL, &state)) {
- rcu_read_unlock();
- return state != AUDIT_DISABLED;
+ if (state == AUDIT_DISABLED)
+ ret = 0;
+ break;
}
}
rcu_read_unlock();
+ put_task_struct(tsk);
+
return 1; /* Audit by default */
}