summaryrefslogtreecommitdiff
path: root/kernel
diff options
context:
space:
mode:
authorTyler Hicks <tyhicks@canonical.com>2013-07-25 18:02:55 -0700
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2013-12-04 10:57:02 -0800
commitb1427212a66869dde67ab630a400bf69fce5dbc0 (patch)
tree7069a23a2391661633174d0754de3b054a2d4f18 /kernel
parent88870d019e42cb9a9d594c77ea2bdd52e6a68361 (diff)
downloadlwn-b1427212a66869dde67ab630a400bf69fce5dbc0.tar.gz
lwn-b1427212a66869dde67ab630a400bf69fce5dbc0.zip
audit: printk USER_AVC messages when audit isn't enabled
commit 0868a5e150bc4c47e7a003367cd755811eb41e0b upstream. When the audit=1 kernel parameter is absent and auditd is not running, AUDIT_USER_AVC messages are being silently discarded. AUDIT_USER_AVC messages should be sent to userspace using printk(), as mentioned in the commit message of 4a4cd633 ("AUDIT: Optimise the audit-disabled case for discarding user messages"). When audit_enabled is 0, audit_receive_msg() discards all user messages except for AUDIT_USER_AVC messages. However, audit_log_common_recv_msg() refuses to allocate an audit_buffer if audit_enabled is 0. The fix is to special case AUDIT_USER_AVC messages in both functions. It looks like commit 50397bd1 ("[AUDIT] clean up audit_receive_msg()") introduced this bug. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Eric Paris <eparis@redhat.com> Cc: linux-audit@redhat.com Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/audit.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 7b0e23a740ce..f5dc4b5db72e 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -613,7 +613,7 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type)
int rc = 0;
uid_t uid = from_kuid(&init_user_ns, current_uid());
- if (!audit_enabled) {
+ if (!audit_enabled && msg_type != AUDIT_USER_AVC) {
*ab = NULL;
return rc;
}