diff options
| author | Eric Paris <eparis@redhat.com> | 2008-01-08 17:38:31 -0500 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2008-02-01 14:24:45 -0500 |
| commit | b593d384efcff7bdf6beb1bc1bc69927977aee26 (patch) | |
| tree | 9055ef0decc84dcbf0da67135535f0746e602e8e /kernel/auditsc.c | |
| parent | 50397bd1e471391d27f64efad9271459c913de87 (diff) | |
[AUDIT] create context if auditing was ever enabled
Disabling audit at runtime by auditctl doesn't mean that we can
stop allocating contexts for new processes; we don't want to miss them
when that sucker is reenabled.
(based on work from Al Viro in the RHEL kernel series)
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/auditsc.c')
| -rw-r--r-- | kernel/auditsc.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 6e03322e155b..1c06ecf38d7b 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -70,6 +70,7 @@ | |||
| 70 | #include "audit.h" | 70 | #include "audit.h" |
| 71 | 71 | ||
| 72 | extern struct list_head audit_filter_list[]; | 72 | extern struct list_head audit_filter_list[]; |
| 73 | extern int audit_ever_enabled; | ||
| 73 | 74 | ||
| 74 | /* AUDIT_NAMES is the number of slots we reserve in the audit_context | 75 | /* AUDIT_NAMES is the number of slots we reserve in the audit_context |
| 75 | * for saving names from getname(). */ | 76 | * for saving names from getname(). */ |
| @@ -838,7 +839,7 @@ int audit_alloc(struct task_struct *tsk) | |||
| 838 | struct audit_context *context; | 839 | struct audit_context *context; |
| 839 | enum audit_state state; | 840 | enum audit_state state; |
| 840 | 841 | ||
| 841 | if (likely(!audit_enabled)) | 842 | if (likely(!audit_ever_enabled)) |
| 842 | return 0; /* Return if not auditing. */ | 843 | return 0; /* Return if not auditing. */ |
| 843 | 844 | ||
| 844 | state = audit_filter_task(tsk); | 845 | state = audit_filter_task(tsk); |