audit: remove audit_finish_fork as it can't be called

Audit entry,always rules are not allowed and are automatically changed in exit,always rules in userspace. The kernel refuses to load such rules. Thus a task in the middle of a syscall (and thus in audit_finish_fork()) can only be in one of two states: AUDIT_BUILD_CONTEXT or AUDIT_DISABLED. Since the current task cannot be in AUDIT_RECORD_CONTEXT we aren't every going to actually use the code in audit_finish_fork() since it will return without doing anything. Thus drop the code. Signed-off-by: Eric Paris <eparis@redhat.com>
author: Eric Paris <eparis@redhat.com> 2012-01-03 14:23:07 -0500
committer: Al Viro <viro@zeniv.linux.org.uk> 2012-01-17 16:16:59 -0500
commit: 6422e78de6880c66a82af512d9bd0c85eb62e661 (patch)
tree: 9cce4d385a6508056be7645fd3511ab019b346f4
parent: 7ff68e53ece8c175d2951bb8a30b3cce8f9c5579 (diff)
3 files changed, 0 insertions, 24 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 8eb8bda749b3..67b66c37a254 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -415,7 +415,6 @@ extern int audit_classify_arch(int arch);
 #ifdef CONFIG_AUDITSYSCALL
 /* These are defined in auditsc.c */
                                /* Public API */
-extern void audit_finish_fork(struct task_struct *child);
 extern int  audit_alloc(struct task_struct *task);
 extern void __audit_free(struct task_struct *task);
 extern void __audit_syscall_entry(int arch,
@@ -586,7 +585,6 @@ static inline void audit_mmap_fd(int fd, int flags)
 extern int audit_n_rules;
 extern int audit_signals;
 #else /* CONFIG_AUDITSYSCALL */
-#define audit_finish_fork(t)
 #define audit_alloc(t) ({ 0; })
 #define audit_free(t) do { ; } while (0)
 #define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 7aaeb38b262a..4d8920f5ab88 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1707,26 +1707,6 @@ void __audit_syscall_entry(int arch, int major,
        context->ppid       = 0;
 }
-void audit_finish_fork(struct task_struct *child)
-{
-        struct audit_context *ctx = current->audit_context;
-        struct audit_context *p = child->audit_context;
-        if (!p || !ctx)
-                return;
-        if (!ctx->in_syscall || ctx->current_state != AUDIT_RECORD_CONTEXT)
-                return;
-        p->arch = ctx->arch;
-        p->major = ctx->major;
-        memcpy(p->argv, ctx->argv, sizeof(ctx->argv));
-        p->ctime = ctx->ctime;
-        p->dummy = ctx->dummy;
-        p->in_syscall = ctx->in_syscall;
-        p->filterkey = kstrdup(ctx->filterkey, GFP_KERNEL);
-        p->ppid = current->pid;
-        p->prio = ctx->prio;
-        p->current_state = ctx->current_state;
-}
 /**
 * audit_syscall_exit - deallocate audit context after a system call
 * @pt_regs: syscall registers
diff --git a/kernel/fork.c b/kernel/fork.c
index 443f5125f11e..c1e5c21f48c1 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1525,8 +1525,6 @@ long do_fork(unsigned long clone_flags,
                        init_completion(&vfork);
                }
-                audit_finish_fork(p);
                /*
                 * We set PF_STARTING at creation in case tracing wants to
                 * use this to distinguish a fully live task from one that
author	Eric Paris <eparis@redhat.com>	2012-01-03 14:23:07 -0500
committer	Al Viro <viro@zeniv.linux.org.uk>	2012-01-17 16:16:59 -0500
commit	6422e78de6880c66a82af512d9bd0c85eb62e661 (patch)
tree	9cce4d385a6508056be7645fd3511ab019b346f4
parent	7ff68e53ece8c175d2951bb8a30b3cce8f9c5579 (diff)