diff options
author | Oleg Nesterov <oleg@redhat.com> | 2013-09-15 13:11:09 -0400 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2013-11-05 11:07:18 -0500 |
commit | d48d805122e39c066898df2e460875d3aaf60508 (patch) | |
tree | 01142204314c7e0d938dba19b9c07c27bf97a277 | |
parent | af0e493d304262162dcc0e0b39ee47b12461d003 (diff) |
audit_alloc: clear TIF_SYSCALL_AUDIT if !audit_context
If audit_filter_task() nacks the new thread it makes sense
to clear TIF_SYSCALL_AUDIT which can be copied from parent
by dup_task_struct().
A wrong TIF_SYSCALL_AUDIT is not really bad but it triggers
the "slow" audit paths in entry.S to ensure the task can not
miss audit_syscall_*() calls, this is pointless if the task
has no ->audit_context.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Steve Grubb <sgrubb@redhat.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r-- | kernel/auditsc.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 9845cb32b60a..95293abb877a 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -943,8 +943,10 @@ int audit_alloc(struct task_struct *tsk) | |||
943 | return 0; /* Return if not auditing. */ | 943 | return 0; /* Return if not auditing. */ |
944 | 944 | ||
945 | state = audit_filter_task(tsk, &key); | 945 | state = audit_filter_task(tsk, &key); |
946 | if (state == AUDIT_DISABLED) | 946 | if (state == AUDIT_DISABLED) { |
947 | clear_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT); | ||
947 | return 0; | 948 | return 0; |
949 | } | ||
948 | 950 | ||
949 | if (!(context = audit_alloc_context(state))) { | 951 | if (!(context = audit_alloc_context(state))) { |
950 | kfree(key); | 952 | kfree(key); |