git.baikalelectronics.ru Git - kernel.git/commit

author	Richard Guy Briggs <rgb@redhat.com>
	Tue, 10 Mar 2020 13:20:17 +0000 (09:20 -0400)
committer	Paul Moore <paul@paul-moore.com>
	Thu, 12 Mar 2020 14:42:51 +0000 (10:42 -0400)
commit	7d6e200b1e5949c38e7ed956a6a56c5428fa23c9
tree	335e3791ba5bc188ffad02e0328f22616ff2ef03	tree \| snapshot
parent	c6599fc991bf332816ac7bad2effa56ce721b2b6	commit \| diff

audit: trigger accompanying records when no rules present

When there are no audit rules registered, mandatory records (config,
etc.) are missing their accompanying records (syscall, proctitle, etc.).

This is due to audit context dummy set on syscall entry based on absence
of rules that signals that no other records are to be printed.

Clear the dummy bit if any record is generated.

The proctitle context and dummy checks are pointless since the
proctitle record will not be printed if no syscall records are printed.

Please see upstream github issue
https://github.com/linux-audit/audit-kernel/issues/120

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

kernel/audit.c		diff \| blob \| history
kernel/audit.h		diff \| blob \| history
kernel/auditsc.c		diff \| blob \| history