aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOleg Nesterov <oleg@redhat.com>2013-09-15 13:11:09 -0400
committerEric Paris <eparis@redhat.com>2013-11-05 11:07:18 -0500
commitd48d805122e39c066898df2e460875d3aaf60508 (patch)
tree01142204314c7e0d938dba19b9c07c27bf97a277
parentaf0e493d304262162dcc0e0b39ee47b12461d003 (diff)
audit_alloc: clear TIF_SYSCALL_AUDIT if !audit_context
If audit_filter_task() nacks the new thread it makes sense to clear TIF_SYSCALL_AUDIT which can be copied from parent by dup_task_struct(). A wrong TIF_SYSCALL_AUDIT is not really bad but it triggers the "slow" audit paths in entry.S to ensure the task can not miss audit_syscall_*() calls, this is pointless if the task has no ->audit_context. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Steve Grubb <sgrubb@redhat.com> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r--kernel/auditsc.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 9845cb32b60a..95293abb877a 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -943,8 +943,10 @@ int audit_alloc(struct task_struct *tsk)
943 return 0; /* Return if not auditing. */ 943 return 0; /* Return if not auditing. */
944 944
945 state = audit_filter_task(tsk, &key); 945 state = audit_filter_task(tsk, &key);
946 if (state == AUDIT_DISABLED) 946 if (state == AUDIT_DISABLED) {
947 clear_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT);
947 return 0; 948 return 0;
949 }
948 950
949 if (!(context = audit_alloc_context(state))) { 951 if (!(context = audit_alloc_context(state))) {
950 kfree(key); 952 kfree(key);