TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[PATCH] mark context of syscall entered with no rules as dummy

Browse Source 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro
2006-08-03 10:59:26 -04:00
parent 471a5c7c83
commit d51374adf5
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
kernel/auditsc.c
+4 -2
View File
@@ -177,6 +177,7 @@ struct audit_aux_data_path {
/* The per-task audit context. */
struct audit_context {
int dummy; /* must be the first element */
int in_syscall; /* 1 if task is in a syscall */
enum audit_state state;
unsigned int serial; /* serial number for record */
@@ -517,7 +518,7 @@ static inline struct audit_context *audit_get_context(struct task_struct *tsk,
context->return_valid = return_valid;
context->return_code = return_code;
if (context->in_syscall && !context->auditable) {
if (context->in_syscall && !context->dummy && !context->auditable) {
enum audit_state state;
state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]);
@@ -1069,7 +1070,8 @@ void audit_syscall_entry(int arch, int major,
context->argv[3] = a4;
state = context->state;
if (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT)
context->dummy = !audit_n_rules;
if (!context->dummy && (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT))
state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]);
if (likely(state == AUDIT_DISABLED))
return;