Commit 939a67fc4cbab8ca11c90da8a769d7e965d66a9b
1 parent
67640b602f
Exists in
master
and in
4 other branches
Audit: split audit watch Kconfig
Audit watch should depend on CONFIG_AUDIT_SYSCALL and should select FSNOTIFY. This splits the spagetti like mixing of audit_watch and audit_filter code so they can be configured seperately. Signed-off-by: Eric Paris <eparis@redhat.com>
Showing 3 changed files with 21 additions and 4 deletions Side-by-side Diff
init/Kconfig
... | ... | @@ -307,7 +307,6 @@ |
307 | 307 | config AUDIT |
308 | 308 | bool "Auditing support" |
309 | 309 | depends on NET |
310 | - select FSNOTIFY | |
311 | 310 | help |
312 | 311 | Enable auditing infrastructure that can be used with another |
313 | 312 | kernel subsystem, such as SELinux (which requires this for |
... | ... | @@ -322,6 +321,11 @@ |
322 | 321 | Enable low-overhead system-call auditing infrastructure that |
323 | 322 | can be used independently or with another kernel subsystem, |
324 | 323 | such as SELinux. |
324 | + | |
325 | +config AUDIT_WATCH | |
326 | + def_bool y | |
327 | + depends on AUDITSYSCALL | |
328 | + select FSNOTIFY | |
325 | 329 | |
326 | 330 | config AUDIT_TREE |
327 | 331 | def_bool y |
kernel/Makefile
... | ... | @@ -70,10 +70,11 @@ |
70 | 70 | obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o |
71 | 71 | obj-$(CONFIG_SMP) += stop_machine.o |
72 | 72 | obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o |
73 | -obj-$(CONFIG_AUDIT) += audit.o auditfilter.o audit_watch.o | |
73 | +obj-$(CONFIG_AUDIT) += audit.o auditfilter.o | |
74 | 74 | obj-$(CONFIG_AUDITSYSCALL) += auditsc.o |
75 | -obj-$(CONFIG_GCOV_KERNEL) += gcov/ | |
75 | +obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o | |
76 | 76 | obj-$(CONFIG_AUDIT_TREE) += audit_tree.o |
77 | +obj-$(CONFIG_GCOV_KERNEL) += gcov/ | |
77 | 78 | obj-$(CONFIG_KPROBES) += kprobes.o |
78 | 79 | obj-$(CONFIG_KGDB) += debug/ |
79 | 80 | obj-$(CONFIG_DETECT_SOFTLOCKUP) += softlockup.o |
kernel/audit.h
... | ... | @@ -103,7 +103,10 @@ |
103 | 103 | extern void audit_free_rule_rcu(struct rcu_head *); |
104 | 104 | extern struct list_head audit_filter_list[]; |
105 | 105 | |
106 | +extern struct audit_entry *audit_dupe_rule(struct audit_krule *old); | |
107 | + | |
106 | 108 | /* audit watch functions */ |
109 | +#ifdef CONFIG_AUDIT_WATCH | |
107 | 110 | extern void audit_put_watch(struct audit_watch *watch); |
108 | 111 | extern void audit_get_watch(struct audit_watch *watch); |
109 | 112 | extern int audit_to_watch(struct audit_krule *krule, char *path, int len, u32 op); |
... | ... | @@ -111,7 +114,16 @@ |
111 | 114 | extern void audit_remove_watch_rule(struct audit_krule *krule); |
112 | 115 | extern char *audit_watch_path(struct audit_watch *watch); |
113 | 116 | extern int audit_watch_compare(struct audit_watch *watch, unsigned long ino, dev_t dev); |
114 | -extern struct audit_entry *audit_dupe_rule(struct audit_krule *old); | |
117 | +#else | |
118 | +#define audit_put_watch(w) {} | |
119 | +#define audit_get_watch(w) {} | |
120 | +#define audit_to_watch(k, p, l, o) (-EINVAL) | |
121 | +#define audit_add_watch(k, l) (-EINVAL) | |
122 | +#define audit_remove_watch_rule(k) BUG() | |
123 | +#define audit_watch_path(w) "" | |
124 | +#define audit_watch_compare(w, i, d) 0 | |
125 | + | |
126 | +#endif /* CONFIG_AUDIT_WATCH */ | |
115 | 127 | |
116 | 128 | #ifdef CONFIG_AUDIT_TREE |
117 | 129 | extern struct audit_chunk *audit_tree_lookup(const struct inode *); |