[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[PATCH] audit_panic() renamed to audit_handle_failure()



It has become apparent that the name of the function currently labeled
"audit_panic" might mislead some developers.

This is due to the operation of the function, which may or may not
necessarily panic the kernel.  A look at the function shows that there
are currently three different paths the function can take, only one of
which will cause a kernel panic:

        static void audit_panic(const char *message)
        {
                switch (audit_failure)
                {
                case AUDIT_FAIL_SILENT:
                        break;
                case AUDIT_FAIL_PRINTK:
                        printk(KERN_ERR "audit: %s\n", message);
                        break;
                case AUDIT_FAIL_PANIC:
                        panic("audit: %s\n", message);
                        break;
                }
        }


The following simple patch renames the function "audit_panic" to
"audit_handle_failure" and updates all references to the function.


:-Dustin



diff -uprN linux-2.6.13-rc6-mm2/kernel/audit.c linux-2.6.13-rc6-mm2-audit_handle_failure/kernel/audit.c
--- linux-2.6.13-rc6-mm2/kernel/audit.c	2005-08-29 11:32:16.000000000 -0500
+++ linux-2.6.13-rc6-mm2-audit_handle_failure/kernel/audit.c	2005-08-31 11:40:54.000000000 -0500
@@ -142,7 +142,7 @@ static void audit_set_pid(struct audit_b
 	nlh->nlmsg_pid = pid;
 }
 
-static void audit_panic(const char *message)
+static void audit_handle_failure(const char *message)
 {
 	switch (audit_failure)
 	{
@@ -216,7 +216,7 @@ void audit_log_lost(const char *message)
 		       atomic_read(&audit_lost),
 		       audit_rate_limit,
 		       audit_backlog_limit);
-		audit_panic(message);
+		audit_handle_failure(message);
 	}
 
 }
@@ -516,7 +516,7 @@ static int __init audit_init(void)
 	audit_sock = netlink_kernel_create(NETLINK_AUDIT, 0, audit_receive,
 					   THIS_MODULE);
 	if (!audit_sock)
-		audit_panic("cannot initialize netlink socket");
+		audit_handle_failure("cannot initialize netlink socket");
 
 	audit_sock->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
 	skb_queue_head_init(&audit_skb_queue);
diff -uprN linux-2.6.13-rc6-mm2/kernel/auditsc.c linux-2.6.13-rc6-mm2-audit_handle_failure/kernel/auditsc.c
--- linux-2.6.13-rc6-mm2/kernel/auditsc.c	2005-08-29 11:32:16.000000000 -0500
+++ linux-2.6.13-rc6-mm2-audit_handle_failure/kernel/auditsc.c	2005-08-31 11:37:16.000000000 -0500
@@ -807,7 +807,7 @@ static void audit_log_exit(struct audit_
 
 	ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL);
 	if (!ab)
-		return;		/* audit_panic has been called */
+		return;		/* audit_handle_failure has been called */
 	audit_log_format(ab, "arch=%x syscall=%d",
 			 context->arch, context->major);
 	if (context->personality != PER_LINUX)
@@ -839,7 +839,7 @@ static void audit_log_exit(struct audit_
 
 		ab = audit_log_start(context, GFP_KERNEL, aux->type);
 		if (!ab)
-			continue; /* audit_panic has been called */
+			continue; /* audit_handle_failure has been called */
 
 		switch (aux->type) {
 		case AUDIT_IPC: {
@@ -883,7 +883,7 @@ static void audit_log_exit(struct audit_
 	for (i = 0; i < context->name_count; i++) {
 		ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH);
 		if (!ab)
-			continue; /* audit_panic has been called */
+			continue; /* audit_handle_failure has been called */
 
 		audit_log_format(ab, "item=%d", i);
 		if (context->names[i].name) {
diff -uprN linux-2.6.13-rc6-mm2/security/selinux/avc.c linux-2.6.13-rc6-mm2-audit_handle_failure/security/selinux/avc.c
--- linux-2.6.13-rc6-mm2/security/selinux/avc.c	2005-08-29 11:32:17.000000000 -0500
+++ linux-2.6.13-rc6-mm2-audit_handle_failure/security/selinux/avc.c	2005-08-31 11:37:39.000000000 -0500
@@ -552,7 +552,7 @@ void avc_audit(u32 ssid, u32 tsid,
 
 	ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_AVC);
 	if (!ab)
-		return;		/* audit_panic has been called */
+		return;		/* audit_handle_failure has been called */
 	audit_log_format(ab, "avc:  %s ", denied ? "denied" : "granted");
 	avc_dump_av(ab, tclass,audited);
 	audit_log_format(ab, " for ");

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]