summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2021-04-29 10:48:28 +0200
committerJohn Johansen <john.johansen@canonical.com>2022-07-10 00:13:59 +0200
commit68ff8540cc9e4ab557065b3f635c1ff4c96e1f1c (patch)
tree79da8c3081ac7cc3c65d1bf3bddfe1ca39667b92 /security
parentapparmor: resolve uninitialized symbol warnings in policy_unpack_test.c (diff)
downloadlinux-68ff8540cc9e4ab557065b3f635c1ff4c96e1f1c.tar.xz
linux-68ff8540cc9e4ab557065b3f635c1ff4c96e1f1c.zip
apparmor: fix quiet_denied for file rules
Global quieting of denied AppArmor generated file events is not handled correctly. Unfortunately the is checking if quieting of all audit events is set instead of just denied events. Fixes: 67012e8209df ("AppArmor: basic auditing infrastructure.") Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
-rw-r--r--security/apparmor/audit.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index f7e97c7e80f3..704b0c895605 100644
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -137,7 +137,7 @@ int aa_audit(int type, struct aa_profile *profile, struct common_audit_data *sa,
}
if (AUDIT_MODE(profile) == AUDIT_QUIET ||
(type == AUDIT_APPARMOR_DENIED &&
- AUDIT_MODE(profile) == AUDIT_QUIET))
+ AUDIT_MODE(profile) == AUDIT_QUIET_DENIED))
return aad(sa)->error;
if (KILL_MODE(profile) && type == AUDIT_APPARMOR_DENIED)