diff options
author | Paul Moore <paul@paul-moore.com> | 2020-07-28 21:33:21 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2020-07-29 16:00:36 +0200 |
commit | 8ac68dc455d9d18241d44b96800d73229029ed34 (patch) | |
tree | d4b0c64dd9d0fca1eb0bc6a925ea1ef89c5ee80e /kernel/auditsc.c | |
parent | audit: add subj creds to NETFILTER_CFG record to (diff) | |
download | linux-8ac68dc455d9d18241d44b96800d73229029ed34.tar.xz linux-8ac68dc455d9d18241d44b96800d73229029ed34.zip |
revert: 1320a4052ea1 ("audit: trigger accompanying records when no rules present")
Unfortunately the commit listed in the subject line above failed
to ensure that the task's audit_context was properly initialized/set
before enabling the "accompanying records". Depending on the
situation, the resulting audit_context could have invalid values in
some of it's fields which could cause a kernel panic/oops when the
task/syscall exists and the audit records are generated.
We will revisit the original patch, with the necessary fixes, in a
future kernel but right now we just want to fix the kernel panic
with the least amount of added risk.
Cc: stable@vger.kernel.org
Fixes: 1320a4052ea1 ("audit: trigger accompanying records when no rules present")
Reported-by: j2468h@googlemail.com
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r-- | kernel/auditsc.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 468a23390457..fd840c40abf7 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1417,6 +1417,9 @@ static void audit_log_proctitle(void) struct audit_context *context = audit_context(); struct audit_buffer *ab; + if (!context || context->dummy) + return; + ab = audit_log_start(context, GFP_KERNEL, AUDIT_PROCTITLE); if (!ab) return; /* audit_panic or being filtered */ |