diff options
author | Tony Jones <tonyj@suse.de> | 2007-06-23 20:16:47 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-06-24 11:59:12 -0400 |
commit | 7b018b2888b32284e09bba9cccb5cd2e12199feb (patch) | |
tree | 040d543d736dffb9b548a9508a0768e041ccb203 /kernel | |
parent | 266f5aa0970409bf1ebdf9fc4e65a1186eeed3c2 (diff) |
audit: fix oops removing watch if audit disabled
Removing a watched file will oops if audit is disabled (auditctl -e 0).
To reproduce:
- auditctl -e 1
- touch /tmp/foo
- auditctl -w /tmp/foo
- auditctl -e 0
- rm /tmp/foo (or mv)
Signed-off-by: Tony Jones <tonyj@suse.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/auditfilter.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 74cc0fc6bb81..ce61f423542c 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
@@ -947,7 +947,7 @@ static void audit_update_watch(struct audit_parent *parent, | |||
947 | 947 | ||
948 | /* If the update involves invalidating rules, do the inode-based | 948 | /* If the update involves invalidating rules, do the inode-based |
949 | * filtering now, so we don't omit records. */ | 949 | * filtering now, so we don't omit records. */ |
950 | if (invalidating && | 950 | if (invalidating && current->audit_context && |
951 | audit_filter_inodes(current, current->audit_context) == AUDIT_RECORD_CONTEXT) | 951 | audit_filter_inodes(current, current->audit_context) == AUDIT_RECORD_CONTEXT) |
952 | audit_set_auditable(current->audit_context); | 952 | audit_set_auditable(current->audit_context); |
953 | 953 | ||