[PATCH 2/3] audit: don't generate audit feature changed log when audit disabled
Gao feng
gaofeng at cn.fujitsu.com
Thu Oct 31 08:27:57 UTC 2013
Signed-off-by: Gao feng <gaofeng at cn.fujitsu.com>
---
kernel/audit.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/audit.c b/kernel/audit.c
index f16f835..c307786 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -663,6 +663,9 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature
{
struct audit_buffer *ab;
+ if (audit_enabled == AUDIT_OFF)
+ return;
+
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE);
audit_log_format(ab, "feature=%s old=%d new=%d old_lock=%d new_lock=%d res=%d",
audit_feature_names[which], !!old_feature, !!new_feature,
--
1.8.3.1
More information about the Linux-audit
mailing list