diff options
author | Paul Moore <paul.moore@hp.com> | 2006-11-17 23:38:55 +0100 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-12-03 06:24:15 +0100 |
commit | de64688ffb952a65ddbc5295ccd235d35f292593 (patch) | |
tree | f15714858c974bb4b86023d38639a39a539901e2 /net/netlabel/netlabel_unlabeled.c | |
parent | SELinux: peer secid consolidation for external network labeling (diff) | |
download | linux-de64688ffb952a65ddbc5295ccd235d35f292593.tar.xz linux-de64688ffb952a65ddbc5295ccd235d35f292593.zip |
NetLabel: honor the audit_enabled flag
The audit_enabled flag is used to signal when syscall auditing is to be
performed. While NetLabel uses a Netlink interface instead of syscalls, it is
reasonable to consider the NetLabel Netlink interface as a form of syscall so
pay attention to the audit_enabled flag when generating audit messages in
NetLabel.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net/netlabel/netlabel_unlabeled.c')
-rw-r--r-- | net/netlabel/netlabel_unlabeled.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 07283e1dfad2..5bc37181662e 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -35,6 +35,7 @@ #include <linux/socket.h> #include <linux/string.h> #include <linux/skbuff.h> +#include <linux/audit.h> #include <net/sock.h> #include <net/netlink.h> #include <net/genetlink.h> @@ -92,8 +93,11 @@ static void netlbl_unlabel_acceptflg_set(u8 value, audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_ALLOW, audit_info); - audit_log_format(audit_buf, " unlbl_accept=%u old=%u", value, old_val); - audit_log_end(audit_buf); + if (audit_buf != NULL) { + audit_log_format(audit_buf, + " unlbl_accept=%u old=%u", value, old_val); + audit_log_end(audit_buf); + } } /* |