Pandora Sourcecodes - pandora-kernel.git/commit

author	Tyler Hicks <tyhicks@canonical.com>
	Fri, 26 Jul 2013 01:02:55 +0000 (18:02 -0700)
committer	Ben Hutchings <ben@decadent.org.uk>
	Fri, 3 Jan 2014 04:33:17 +0000 (04:33 +0000)
commit	e08af7677ad9dc4337e4b634a81103d72e8371be
tree	959d1f640b086520bea93dba3d0e81795dd883e3	tree \| snapshot
parent	898c8e6f438614624032f9ae887cab87f7558e45	commit \| diff

audit: printk USER_AVC messages when audit isn't enabled

commit 0868a5e150bc4c47e7a003367cd755811eb41e0b upstream.

When the audit=1 kernel parameter is absent and auditd is not running,
AUDIT_USER_AVC messages are being silently discarded.

AUDIT_USER_AVC messages should be sent to userspace using printk(), as
mentioned in the commit message of 4a4cd633 ("AUDIT: Optimise the
audit-disabled case for discarding user messages").

When audit_enabled is 0, audit_receive_msg() discards all user messages
except for AUDIT_USER_AVC messages. However, audit_log_common_recv_msg()
refuses to allocate an audit_buffer if audit_enabled is 0. The fix is to
special case AUDIT_USER_AVC messages in both functions.

It looks like commit 50397bd1 ("[AUDIT] clean up audit_receive_msg()")
introduced this bug.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Cc: linux-audit@redhat.com
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>