diff options
| author | Paul Moore <paul.moore@hp.com> | 2006-11-17 17:38:55 -0500 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2006-12-03 00:24:15 -0500 |
| commit | de64688ffb952a65ddbc5295ccd235d35f292593 (patch) | |
| tree | f15714858c974bb4b86023d38639a39a539901e2 /net/netlabel/netlabel_cipso_v4.c | |
| parent | 3de4bab5b9f8848a0c16a4b1ffe0452f0d670237 (diff) | |
NetLabel: honor the audit_enabled flag
The audit_enabled flag is used to signal when syscall auditing is to be
performed. While NetLabel uses a Netlink interface instead of syscalls, it is
reasonable to consider the NetLabel Netlink interface as a form of syscall so
pay attention to the audit_enabled flag when generating audit messages in
NetLabel.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net/netlabel/netlabel_cipso_v4.c')
| -rw-r--r-- | net/netlabel/netlabel_cipso_v4.c | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c index fe9851fac85d..743b05734a49 100644 --- a/net/netlabel/netlabel_cipso_v4.c +++ b/net/netlabel/netlabel_cipso_v4.c | |||
| @@ -407,12 +407,14 @@ static int netlbl_cipsov4_add(struct sk_buff *skb, struct genl_info *info) | |||
| 407 | 407 | ||
| 408 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_ADD, | 408 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_ADD, |
| 409 | &audit_info); | 409 | &audit_info); |
| 410 | audit_log_format(audit_buf, | 410 | if (audit_buf != NULL) { |
| 411 | " cipso_doi=%u cipso_type=%s res=%u", | 411 | audit_log_format(audit_buf, |
| 412 | doi, | 412 | " cipso_doi=%u cipso_type=%s res=%u", |
| 413 | type_str, | 413 | doi, |
| 414 | ret_val == 0 ? 1 : 0); | 414 | type_str, |
| 415 | audit_log_end(audit_buf); | 415 | ret_val == 0 ? 1 : 0); |
| 416 | audit_log_end(audit_buf); | ||
| 417 | } | ||
| 416 | 418 | ||
| 417 | return ret_val; | 419 | return ret_val; |
| 418 | } | 420 | } |
| @@ -680,11 +682,13 @@ static int netlbl_cipsov4_remove(struct sk_buff *skb, struct genl_info *info) | |||
| 680 | 682 | ||
| 681 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_DEL, | 683 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_DEL, |
| 682 | &audit_info); | 684 | &audit_info); |
| 683 | audit_log_format(audit_buf, | 685 | if (audit_buf != NULL) { |
| 684 | " cipso_doi=%u res=%u", | 686 | audit_log_format(audit_buf, |
| 685 | doi, | 687 | " cipso_doi=%u res=%u", |
| 686 | ret_val == 0 ? 1 : 0); | 688 | doi, |
| 687 | audit_log_end(audit_buf); | 689 | ret_val == 0 ? 1 : 0); |
| 690 | audit_log_end(audit_buf); | ||
| 691 | } | ||
| 688 | 692 | ||
| 689 | return ret_val; | 693 | return ret_val; |
| 690 | } | 694 | } |