Gitiles
Code Review Sign In
LeafOS / LeafOS-Devices / android_kernel_samsung_gta4xl / 21af6c4f2aa5f63138871b4ddd77d7ebf2588c9d^! / .
commit21af6c4f2aa5f63138871b4ddd77d7ebf2588c9d[log] [tgz]
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>Sat Jul 02 14:10:46 2005 +0100
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>Sat Jul 02 14:10:46 2005 +0100
tree5f10080f93bc6460ef87886a906498cec332b1a6
parentac4cec443a80bfde829516e7a7db10f7325aa528 [diff]
AUDIT: Really don't audit auditd.

The pid in the audit context isn't always set up. Use tsk->pid when 
checking whether it's auditd in audit_filter_syscall(), instead of 
ctx->pid. Remove a band-aid which did the same elsewhere.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 34a9902..0fdd901 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c

@@ -516,7 +516,7 @@
 	int		   word = AUDIT_WORD(ctx->major);
 	int		   bit  = AUDIT_BIT(ctx->major);
 
-	if (audit_pid && ctx->pid == audit_pid)
+	if (audit_pid && tsk->pid == audit_pid)
 		return AUDIT_DISABLED;
 
 	rcu_read_lock();
@@ -601,7 +601,7 @@
 	context->return_valid = return_valid;
 	context->return_code  = return_code;
 
-	if (context->in_syscall && !context->auditable && tsk->pid != audit_pid) {
+	if (context->in_syscall && !context->auditable) {
 		enum audit_state state;
 		state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]);
 		if (state == AUDIT_RECORD_CONTEXT)