aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'kernel')
-rw-r--r--kernel/audit.c16
-rw-r--r--kernel/auditsc.c3
2 files changed, 15 insertions, 4 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 549b2f55b649..1242021c7a6d 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -70,6 +70,7 @@ static int audit_initialized;
70#define AUDIT_ON 1 70#define AUDIT_ON 1
71#define AUDIT_LOCKED 2 71#define AUDIT_LOCKED 2
72int audit_enabled; 72int audit_enabled;
73int audit_ever_enabled;
73 74
74/* Default state when kernel boots without any parameters. */ 75/* Default state when kernel boots without any parameters. */
75static int audit_default; 76static int audit_default;
@@ -310,11 +311,17 @@ static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid)
310 311
311static int audit_set_enabled(int state, uid_t loginuid, u32 sid) 312static int audit_set_enabled(int state, uid_t loginuid, u32 sid)
312{ 313{
314 int rc;
313 if (state < AUDIT_OFF || state > AUDIT_LOCKED) 315 if (state < AUDIT_OFF || state > AUDIT_LOCKED)
314 return -EINVAL; 316 return -EINVAL;
315 317
316 return audit_do_config_change("audit_enabled", &audit_enabled, state, 318 rc = audit_do_config_change("audit_enabled", &audit_enabled, state,
317 loginuid, sid); 319 loginuid, sid);
320
321 if (!rc)
322 audit_ever_enabled |= !!state;
323
324 return rc;
318} 325}
319 326
320static int audit_set_failure(int state, uid_t loginuid, u32 sid) 327static int audit_set_failure(int state, uid_t loginuid, u32 sid)
@@ -857,6 +864,7 @@ static int __init audit_init(void)
857 skb_queue_head_init(&audit_skb_queue); 864 skb_queue_head_init(&audit_skb_queue);
858 audit_initialized = 1; 865 audit_initialized = 1;
859 audit_enabled = audit_default; 866 audit_enabled = audit_default;
867 audit_ever_enabled |= !!audit_default;
860 868
861 /* Register the callback with selinux. This callback will be invoked 869 /* Register the callback with selinux. This callback will be invoked
862 * when a new policy is loaded. */ 870 * when a new policy is loaded. */
@@ -884,8 +892,10 @@ static int __init audit_enable(char *str)
884 printk(KERN_INFO "audit: %s%s\n", 892 printk(KERN_INFO "audit: %s%s\n",
885 audit_default ? "enabled" : "disabled", 893 audit_default ? "enabled" : "disabled",
886 audit_initialized ? "" : " (after initialization)"); 894 audit_initialized ? "" : " (after initialization)");
887 if (audit_initialized) 895 if (audit_initialized) {
888 audit_enabled = audit_default; 896 audit_enabled = audit_default;
897 audit_ever_enabled |= !!audit_default;
898 }
889 return 1; 899 return 1;
890} 900}
891 901
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 6e03322e155b..1c06ecf38d7b 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -70,6 +70,7 @@
70#include "audit.h" 70#include "audit.h"
71 71
72extern struct list_head audit_filter_list[]; 72extern struct list_head audit_filter_list[];
73extern int audit_ever_enabled;
73 74
74/* AUDIT_NAMES is the number of slots we reserve in the audit_context 75/* AUDIT_NAMES is the number of slots we reserve in the audit_context
75 * for saving names from getname(). */ 76 * for saving names from getname(). */
@@ -838,7 +839,7 @@ int audit_alloc(struct task_struct *tsk)
838 struct audit_context *context; 839 struct audit_context *context;
839 enum audit_state state; 840 enum audit_state state;
840 841
841 if (likely(!audit_enabled)) 842 if (likely(!audit_ever_enabled))
842 return 0; /* Return if not auditing. */ 843 return 0; /* Return if not auditing. */
843 844
844 state = audit_filter_task(tsk); 845 state = audit_filter_task(tsk);
generated by cgit v1.2.2 (git 2.25.0) at 2026-05-30 05:48:39 -0400