audit: do not panic on invalid boot parameter

If you pass in an invalid audit boot parameter value, e.g. "audit=off", the kernel panics very early in boot before the regular console is initialized. Unless you have earlyprintk enabled, there is no indication of what the problem is on the console. Convert the panic() calls to pr_err(), and leave auditing enabled if an invalid parameter value was passed in. Modify the parameter to also accept "on" or "off" as valid values, and update the documentation accordingly. Signed-off-by: Greg Edwards <gedwards@ddn.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Greg Edwards <gedwards@ddn.com> 2018-03-05 17:05:20 -0500
committer: Paul Moore <paul@paul-moore.com> 2018-03-06 13:50:07 -0500
commit: 11dd2666375e191757dd4271d5020820c6d0e4a5 (patch)
tree: c1f4f29419c7e4f7a1258bd2dd3815667d548837
parent: ce423631ce1f20564f818e7de6bc0eee0c01badd (diff)
2 files changed, 21 insertions, 14 deletions
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 46b26bfee27b..93366b00bb62 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -387,15 +387,15 @@
                        Use software keyboard repeat
        audit=          [KNL] Enable the audit sub-system
-                        Format: { "0" | "1" } (0 = disabled, 1 = enabled)
+                        Format: { "0" | "1" | "off" | "on" }
-                        0 - kernel audit is disabled and can not be enabled
+                        0 | off - kernel audit is disabled and can not be
-                            until the next reboot
+                            enabled until the next reboot
                        unset - kernel audit is initialized but disabled and
                            will be fully enabled by the userspace auditd.
-                        1 - kernel audit is initialized and partially enabled,
+                        1 | on - kernel audit is initialized and partially
-                            storing at most audit_backlog_limit messages in
+                            enabled, storing at most audit_backlog_limit
-                            RAM until it is fully enabled by the userspace
+                            messages in RAM until it is fully enabled by the
-                            auditd.
+                            userspace auditd.
                        Default: unset
        audit_backlog_limit= [KNL] Set the audit queue size limit.
diff --git a/kernel/audit.c b/kernel/audit.c
index 1a3e75d9a66c..69ef8de69f03 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1615,19 +1615,26 @@ static int __init audit_init(void)
 }
 postcore_initcall(audit_init);
-/* Process kernel command-line parameter at boot time.  audit=0 or audit=1. */
+/*
+ * Process kernel command-line parameter at boot time.
+ * audit={0|off} or audit={1|on}.
+ */
 static int __init audit_enable(char *str)
 {
-        long val;
+        if (!strcasecmp(str, "off") || !strcmp(str, "0"))
+                audit_default = AUDIT_OFF;
-        if (kstrtol(str, 0, &val))
+        else if (!strcasecmp(str, "on") || !strcmp(str, "1"))
-                panic("audit: invalid 'audit' parameter value (%s)\n", str);
+                audit_default = AUDIT_ON;
-        audit_default = (val ? AUDIT_ON : AUDIT_OFF);
+        else {
+                pr_err("audit: invalid 'audit' parameter value (%s)\n", str);
+                audit_default = AUDIT_ON;
+        }
        if (audit_default == AUDIT_OFF)
                audit_initialized = AUDIT_DISABLED;
        if (audit_set_enabled(audit_default))
-                panic("audit: error setting audit state (%d)\n", audit_default);
+                pr_err("audit: error setting audit state (%d)\n",
+                       audit_default);
        pr_info("%s\n", audit_default ?
                "enabled (after initialization)" : "disabled (until reboot)");
author	Greg Edwards <gedwards@ddn.com>	2018-03-05 17:05:20 -0500
committer	Paul Moore <paul@paul-moore.com>	2018-03-06 13:50:07 -0500
commit	11dd2666375e191757dd4271d5020820c6d0e4a5 (patch)
tree	c1f4f29419c7e4f7a1258bd2dd3815667d548837
parent	ce423631ce1f20564f818e7de6bc0eee0c01badd (diff)

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 46b26bfee27b..93366b00bb62 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -387,15 +387,15 @@
387	Use software keyboard repeat	387	Use software keyboard repeat
388		388
389	audit= [KNL] Enable the audit sub-system	389	audit= [KNL] Enable the audit sub-system
390	Format: { "0" \| "1" } (0 = disabled, 1 = enabled)	390	Format: { "0" \| "1" \| "off" \| "on" }
391	0 - kernel audit is disabled and can not be enabled	391	0 \| off - kernel audit is disabled and can not be
392	until the next reboot	392	enabled until the next reboot
393	unset - kernel audit is initialized but disabled and	393	unset - kernel audit is initialized but disabled and
394	will be fully enabled by the userspace auditd.	394	will be fully enabled by the userspace auditd.
395	1 - kernel audit is initialized and partially enabled,	395	1 \| on - kernel audit is initialized and partially
396	storing at most audit_backlog_limit messages in	396	enabled, storing at most audit_backlog_limit
397	RAM until it is fully enabled by the userspace	397	messages in RAM until it is fully enabled by the
398	auditd.	398	userspace auditd.
399	Default: unset	399	Default: unset
400		400
401	audit_backlog_limit= [KNL] Set the audit queue size limit.	401	audit_backlog_limit= [KNL] Set the audit queue size limit.


diff --git a/kernel/audit.c b/kernel/audit.c index 1a3e75d9a66c..69ef8de69f03 100644 --- a/kernel/audit.c +++ b/kernel/audit.c
@@ -1615,19 +1615,26 @@ static int __init audit_init(void)
1615	}	1615	}
1616	postcore_initcall(audit_init);	1616	postcore_initcall(audit_init);
1617		1617
1618	/* Process kernel command-line parameter at boot time. audit=0 or audit=1. */	1618	/*
		1619	* Process kernel command-line parameter at boot time.
		1620	* audit={0\|off} or audit={1\|on}.
		1621	*/
1619	static int __init audit_enable(char *str)	1622	static int __init audit_enable(char *str)
1620	{	1623	{
1621	long val;	1624	if (!strcasecmp(str, "off") \|\| !strcmp(str, "0"))
1622		1625	audit_default = AUDIT_OFF;
1623	if (kstrtol(str, 0, &val))	1626	else if (!strcasecmp(str, "on") \|\| !strcmp(str, "1"))
1624	panic("audit: invalid 'audit' parameter value (%s)\n", str);	1627	audit_default = AUDIT_ON;
1625	audit_default = (val ? AUDIT_ON : AUDIT_OFF);	1628	else {
		1629	pr_err("audit: invalid 'audit' parameter value (%s)\n", str);
		1630	audit_default = AUDIT_ON;
		1631	}
1626		1632
1627	if (audit_default == AUDIT_OFF)	1633	if (audit_default == AUDIT_OFF)
1628	audit_initialized = AUDIT_DISABLED;	1634	audit_initialized = AUDIT_DISABLED;
1629	if (audit_set_enabled(audit_default))	1635	if (audit_set_enabled(audit_default))
1630	panic("audit: error setting audit state (%d)\n", audit_default);	1636	pr_err("audit: error setting audit state (%d)\n",
		1637	audit_default);
1631		1638
1632	pr_info("%s\n", audit_default ?	1639	pr_info("%s\n", audit_default ?
1633	"enabled (after initialization)" : "disabled (until reboot)");	1640	"enabled (after initialization)" : "disabled (until reboot)");