[PATCH V3 2/2] audit: bail before bug check if audit disabled

From: Richard Guy Briggs
Date: Wed Feb 14 2018 - 21:52:22 EST

Next message: Richard Guy Briggs: "[PATCH V3 1/2] audit: deprecate the AUDIT_FILTER_ENTRY filter"
Previous message: Richard Guy Briggs: "[PATCH V3 0/2] audit: speed up audit syscall entry"
In reply to: Richard Guy Briggs: "[PATCH V3 0/2] audit: speed up audit syscall entry"
Next in thread: Richard Guy Briggs: "[PATCH V3 1/2] audit: deprecate the AUDIT_FILTER_ENTRY filter"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If audit is disabled, who cares if there is a bug indicating syscall in
process or names already recorded. Bail immediately on audit disabled.

Signed-off-by: Richard Guy Briggs <rgb@xxxxxxxxxx>
---
kernel/auditsc.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index bc534bf..4e0a4ac 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1511,14 +1511,11 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2,
struct audit_context *context = tsk->audit_context;
enum audit_state state;

- if (!context)
+ if (!audit_enabled || !context)
return;

BUG_ON(context->in_syscall || context->name_count);

- if (!audit_enabled)
- return;
-
state = context->state;
if (state == AUDIT_DISABLED)
return;
--
1.8.3.1

Next message: Richard Guy Briggs: "[PATCH V3 1/2] audit: deprecate the AUDIT_FILTER_ENTRY filter"
Previous message: Richard Guy Briggs: "[PATCH V3 0/2] audit: speed up audit syscall entry"
In reply to: Richard Guy Briggs: "[PATCH V3 0/2] audit: speed up audit syscall entry"
Next in thread: Richard Guy Briggs: "[PATCH V3 1/2] audit: deprecate the AUDIT_FILTER_ENTRY filter"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]