NetLabel: honor the audit_enabled flag The audit_enabled flag is used to signal when syscall auditing is to be performed. While NetLabel uses a Netlink interface instead of syscalls, it is reasonable to consider the NetLabel Netlink interface as a form of syscall so pay attention to the audit_enabled flag when generating audit messages in NetLabel. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>

commit: de64688ffb952a65ddbc5295ccd235d35f292593 [log] [tgz]
author: Paul Moore <paul.moore@hp.com> Fri Nov 17 17:38:55 2006 -0500
committer: David S. Miller <davem@sunset.davemloft.net> Sat Dec 02 21:24:15 2006 -0800
tree: f15714858c974bb4b86023d38639a39a539901e2
parent: 3de4bab5b9f8848a0c16a4b1ffe0452f0d670237 [diff] [blame]
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 98a4163..42f12bd 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c

@@ -46,6 +46,10 @@
 #include "netlabel_cipso_v4.h"
 #include "netlabel_user.h"
 
+/* do not do any auditing if audit_enabled == 0, see kernel/audit.c for
+ * details */
+extern int audit_enabled;
+
 /*
  * NetLabel NETLINK Setup Functions
  */
@@ -101,6 +105,9 @@
 	char *secctx;
 	u32 secctx_len;
 
+	if (audit_enabled == 0)
+		return NULL;
+
 	audit_buf = audit_log_start(audit_ctx, GFP_ATOMIC, type);
 	if (audit_buf == NULL)
 		return NULL;
commit	de64688ffb952a65ddbc5295ccd235d35f292593	[log] [tgz]
author	Paul Moore <paul.moore@hp.com>	Fri Nov 17 17:38:55 2006 -0500
committer	David S. Miller <davem@sunset.davemloft.net>	Sat Dec 02 21:24:15 2006 -0800
tree	f15714858c974bb4b86023d38639a39a539901e2
parent	3de4bab5b9f8848a0c16a4b1ffe0452f0d670237 [diff] [blame]