diff options
| -rw-r--r-- | security/selinux/include/avc.h | 9 |
1 files changed, 1 insertions, 8 deletions
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index e4e50bb218ee..faa277729cb4 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h | |||
| @@ -63,11 +63,6 @@ struct selinux_late_audit_data { | |||
| 63 | * We collect this at the beginning or during an selinux security operation | 63 | * We collect this at the beginning or during an selinux security operation |
| 64 | */ | 64 | */ |
| 65 | struct selinux_audit_data { | 65 | struct selinux_audit_data { |
| 66 | /* | ||
| 67 | * auditdeny is a bit tricky and unintuitive. See the | ||
| 68 | * comments in avc.c for it's meaning and usage. | ||
| 69 | */ | ||
| 70 | u32 auditdeny; | ||
| 71 | struct selinux_late_audit_data *slad; | 66 | struct selinux_late_audit_data *slad; |
| 72 | }; | 67 | }; |
| 73 | 68 | ||
| @@ -145,9 +140,7 @@ static inline int avc_audit(u32 ssid, u32 tsid, | |||
| 145 | struct common_audit_data *a, unsigned flags) | 140 | struct common_audit_data *a, unsigned flags) |
| 146 | { | 141 | { |
| 147 | u32 audited, denied; | 142 | u32 audited, denied; |
| 148 | audited = avc_audit_required(requested, avd, result, | 143 | audited = avc_audit_required(requested, avd, result, 0, &denied); |
| 149 | a ? a->selinux_audit_data->auditdeny : 0, | ||
| 150 | &denied); | ||
| 151 | if (likely(!audited)) | 144 | if (likely(!audited)) |
| 152 | return 0; | 145 | return 0; |
| 153 | return slow_avc_audit(ssid, tsid, tclass, | 146 | return slow_avc_audit(ssid, tsid, tclass, |