audit: remove WATCH and TREE config options
Remove the CONFIG_AUDIT_WATCH and CONFIG_AUDIT_TREE config options since they are both dependent on CONFIG_AUDITSYSCALL and force CONFIG_FSNOTIFY. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Richard Guy Briggs
Paul Moore
parent
a2c97da11c
commit
c8fc5d49c3
@ -335,15 +335,6 @@ config HAVE_ARCH_AUDITSYSCALL
|
|||||||
config AUDITSYSCALL
|
config AUDITSYSCALL
|
||||||
def_bool y
|
def_bool y
|
||||||
depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
|
depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
|
||||||
|
|
||||||
config AUDIT_WATCH
|
|
||||||
def_bool y
|
|
||||||
depends on AUDITSYSCALL
|
|
||||||
select FSNOTIFY
|
|
||||||
|
|
||||||
config AUDIT_TREE
|
|
||||||
def_bool y
|
|
||||||
depends on AUDITSYSCALL
|
|
||||||
select FSNOTIFY
|
select FSNOTIFY
|
||||||
|
|
||||||
source "kernel/irq/Kconfig"
|
source "kernel/irq/Kconfig"
|
||||||
|
|||||||
@ -76,9 +76,7 @@ obj-$(CONFIG_IKCONFIG) += configs.o
|
|||||||
obj-$(CONFIG_SMP) += stop_machine.o
|
obj-$(CONFIG_SMP) += stop_machine.o
|
||||||
obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o
|
obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o
|
||||||
obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
|
obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
|
||||||
obj-$(CONFIG_AUDITSYSCALL) += auditsc.o
|
obj-$(CONFIG_AUDITSYSCALL) += auditsc.o audit_watch.o audit_fsnotify.o audit_tree.o
|
||||||
obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o audit_fsnotify.o
|
|
||||||
obj-$(CONFIG_AUDIT_TREE) += audit_tree.o
|
|
||||||
obj-$(CONFIG_GCOV_KERNEL) += gcov/
|
obj-$(CONFIG_GCOV_KERNEL) += gcov/
|
||||||
obj-$(CONFIG_KCOV) += kcov.o
|
obj-$(CONFIG_KCOV) += kcov.o
|
||||||
obj-$(CONFIG_KPROBES) += kprobes.o
|
obj-$(CONFIG_KPROBES) += kprobes.o
|
||||||
|
|||||||
@ -268,7 +268,7 @@ extern struct tty_struct *audit_get_tty(struct task_struct *tsk);
|
|||||||
extern void audit_put_tty(struct tty_struct *tty);
|
extern void audit_put_tty(struct tty_struct *tty);
|
||||||
|
|
||||||
/* audit watch functions */
|
/* audit watch functions */
|
||||||
#ifdef CONFIG_AUDIT_WATCH
|
#ifdef CONFIG_AUDITSYSCALL
|
||||||
extern void audit_put_watch(struct audit_watch *watch);
|
extern void audit_put_watch(struct audit_watch *watch);
|
||||||
extern void audit_get_watch(struct audit_watch *watch);
|
extern void audit_get_watch(struct audit_watch *watch);
|
||||||
extern int audit_to_watch(struct audit_krule *krule, char *path, int len, u32 op);
|
extern int audit_to_watch(struct audit_krule *krule, char *path, int len, u32 op);
|
||||||
@ -301,9 +301,9 @@ extern int audit_exe_compare(struct task_struct *tsk, struct audit_fsnotify_mark
|
|||||||
#define audit_mark_compare(m, i, d) 0
|
#define audit_mark_compare(m, i, d) 0
|
||||||
#define audit_exe_compare(t, m) (-EINVAL)
|
#define audit_exe_compare(t, m) (-EINVAL)
|
||||||
#define audit_dupe_exe(n, o) (-EINVAL)
|
#define audit_dupe_exe(n, o) (-EINVAL)
|
||||||
#endif /* CONFIG_AUDIT_WATCH */
|
#endif /* CONFIG_AUDITSYSCALL */
|
||||||
|
|
||||||
#ifdef CONFIG_AUDIT_TREE
|
#ifdef CONFIG_AUDITSYSCALL
|
||||||
extern struct audit_chunk *audit_tree_lookup(const struct inode *inode);
|
extern struct audit_chunk *audit_tree_lookup(const struct inode *inode);
|
||||||
extern void audit_put_chunk(struct audit_chunk *chunk);
|
extern void audit_put_chunk(struct audit_chunk *chunk);
|
||||||
extern bool audit_tree_match(struct audit_chunk *chunk, struct audit_tree *tree);
|
extern bool audit_tree_match(struct audit_chunk *chunk, struct audit_tree *tree);
|
||||||
|
|||||||
@ -200,7 +200,6 @@ static int audit_match_filetype(struct audit_context *ctx, int val)
|
|||||||
* References in it _are_ dropped - at the same time we free/drop aux stuff.
|
* References in it _are_ dropped - at the same time we free/drop aux stuff.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifdef CONFIG_AUDIT_TREE
|
|
||||||
static void audit_set_auditable(struct audit_context *ctx)
|
static void audit_set_auditable(struct audit_context *ctx)
|
||||||
{
|
{
|
||||||
if (!ctx->prio) {
|
if (!ctx->prio) {
|
||||||
@ -245,12 +244,10 @@ static int grow_tree_refs(struct audit_context *ctx)
|
|||||||
ctx->tree_count = 31;
|
ctx->tree_count = 31;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
static void unroll_tree_refs(struct audit_context *ctx,
|
static void unroll_tree_refs(struct audit_context *ctx,
|
||||||
struct audit_tree_refs *p, int count)
|
struct audit_tree_refs *p, int count)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_AUDIT_TREE
|
|
||||||
struct audit_tree_refs *q;
|
struct audit_tree_refs *q;
|
||||||
int n;
|
int n;
|
||||||
if (!p) {
|
if (!p) {
|
||||||
@ -274,7 +271,6 @@ static void unroll_tree_refs(struct audit_context *ctx,
|
|||||||
}
|
}
|
||||||
ctx->trees = p;
|
ctx->trees = p;
|
||||||
ctx->tree_count = count;
|
ctx->tree_count = count;
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void free_tree_refs(struct audit_context *ctx)
|
static void free_tree_refs(struct audit_context *ctx)
|
||||||
@ -288,7 +284,6 @@ static void free_tree_refs(struct audit_context *ctx)
|
|||||||
|
|
||||||
static int match_tree_refs(struct audit_context *ctx, struct audit_tree *tree)
|
static int match_tree_refs(struct audit_context *ctx, struct audit_tree *tree)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_AUDIT_TREE
|
|
||||||
struct audit_tree_refs *p;
|
struct audit_tree_refs *p;
|
||||||
int n;
|
int n;
|
||||||
if (!tree)
|
if (!tree)
|
||||||
@ -305,7 +300,6 @@ static int match_tree_refs(struct audit_context *ctx, struct audit_tree *tree)
|
|||||||
if (audit_tree_match(p->c[n], tree))
|
if (audit_tree_match(p->c[n], tree))
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1602,7 +1596,6 @@ void __audit_syscall_exit(int success, long return_code)
|
|||||||
|
|
||||||
static inline void handle_one(const struct inode *inode)
|
static inline void handle_one(const struct inode *inode)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_AUDIT_TREE
|
|
||||||
struct audit_context *context;
|
struct audit_context *context;
|
||||||
struct audit_tree_refs *p;
|
struct audit_tree_refs *p;
|
||||||
struct audit_chunk *chunk;
|
struct audit_chunk *chunk;
|
||||||
@ -1627,12 +1620,10 @@ static inline void handle_one(const struct inode *inode)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
put_tree_ref(context, chunk);
|
put_tree_ref(context, chunk);
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void handle_path(const struct dentry *dentry)
|
static void handle_path(const struct dentry *dentry)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_AUDIT_TREE
|
|
||||||
struct audit_context *context;
|
struct audit_context *context;
|
||||||
struct audit_tree_refs *p;
|
struct audit_tree_refs *p;
|
||||||
const struct dentry *d, *parent;
|
const struct dentry *d, *parent;
|
||||||
@ -1685,7 +1676,6 @@ retry:
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
rcu_read_unlock();
|
rcu_read_unlock();
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct audit_names *audit_alloc_name(struct audit_context *context,
|
static struct audit_names *audit_alloc_name(struct audit_context *context,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user