Audit: split audit watch Kconfig

Audit watch should depend on CONFIG_AUDIT_SYSCALL and should select FSNOTIFY. This splits the spagetti like mixing of audit_watch and audit_filter code so they can be configured seperately. Signed-off-by: Eric Paris <eparis@redhat.com>

Audit: split audit watch Kconfig
Audit watch should depend on CONFIG_AUDIT_SYSCALL and should select FSNOTIFY. This splits the spagetti like mixing of audit_watch and audit_filter code so they can be configured seperately. Signed-off-by: Eric Paris <eparis@redhat.com>
Eric Paris
1 parent 67640b602f
Showing 3 changed files with 21 additions and 4 deletions Side-by-side Diff
init/Kconfig
kernel/Makefile
kernel/audit.h
@@ -307,7 +307,6 @@
 config AUDIT
 	bool "Auditing support"
 	depends on NET
-	select FSNOTIFY
 	help
 	  Enable auditing infrastructure that can be used with another
 	  kernel subsystem, such as SELinux (which requires this for
@@ -322,6 +321,11 @@
 	  Enable low-overhead system-call auditing infrastructure that
 	  can be used independently or with another kernel subsystem,
 	  such as SELinux.
+
+config AUDIT_WATCH
+	def_bool y
+	depends on AUDITSYSCALL
+	select FSNOTIFY
  
 config AUDIT_TREE
 	def_bool y
@@ -70,10 +70,11 @@
 obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o
 obj-$(CONFIG_SMP) += stop_machine.o
 obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o
-obj-$(CONFIG_AUDIT) += audit.o auditfilter.o audit_watch.o
+obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
 obj-$(CONFIG_AUDITSYSCALL) += auditsc.o
-obj-$(CONFIG_GCOV_KERNEL) += gcov/
+obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o
 obj-$(CONFIG_AUDIT_TREE) += audit_tree.o
+obj-$(CONFIG_GCOV_KERNEL) += gcov/
 obj-$(CONFIG_KPROBES) += kprobes.o
 obj-$(CONFIG_KGDB) += debug/
 obj-$(CONFIG_DETECT_SOFTLOCKUP) += softlockup.o
@@ -103,7 +103,10 @@
 extern void audit_free_rule_rcu(struct rcu_head *);
 extern struct list_head audit_filter_list[];
  
+extern struct audit_entry *audit_dupe_rule(struct audit_krule *old);
+
 /* audit watch functions */
+#ifdef CONFIG_AUDIT_WATCH
 extern void audit_put_watch(struct audit_watch *watch);
 extern void audit_get_watch(struct audit_watch *watch);
 extern int audit_to_watch(struct audit_krule *krule, char *path, int len, u32 op);
@@ -111,7 +114,16 @@
 extern void audit_remove_watch_rule(struct audit_krule *krule);
 extern char *audit_watch_path(struct audit_watch *watch);
 extern int audit_watch_compare(struct audit_watch *watch, unsigned long ino, dev_t dev);
-extern struct audit_entry *audit_dupe_rule(struct audit_krule *old);
+#else
+#define audit_put_watch(w) {}
+#define audit_get_watch(w) {}
+#define audit_to_watch(k, p, l, o) (-EINVAL)
+#define audit_add_watch(k, l) (-EINVAL)
+#define audit_remove_watch_rule(k) BUG()
+#define audit_watch_path(w) ""
+#define audit_watch_compare(w, i, d) 0
+
+#endif /* CONFIG_AUDIT_WATCH */
  
 #ifdef CONFIG_AUDIT_TREE
 extern struct audit_chunk *audit_tree_lookup(const struct inode *);
...	...	@@ -307,7 +307,6 @@
307	307	config AUDIT
308	308	bool "Auditing support"
309	309	depends on NET
310		- select FSNOTIFY
311	310	help
312	311	Enable auditing infrastructure that can be used with another
313	312	kernel subsystem, such as SELinux (which requires this for
...	...	@@ -322,6 +321,11 @@
322	321	Enable low-overhead system-call auditing infrastructure that
323	322	can be used independently or with another kernel subsystem,
324	323	such as SELinux.
	324	+
	325	+config AUDIT_WATCH
	326	+ def_bool y
	327	+ depends on AUDITSYSCALL
	328	+ select FSNOTIFY
325	329
326	330	config AUDIT_TREE
327	331	def_bool y
...	...	@@ -70,10 +70,11 @@
70	70	obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o
71	71	obj-$(CONFIG_SMP) += stop_machine.o
72	72	obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o
73		-obj-$(CONFIG_AUDIT) += audit.o auditfilter.o audit_watch.o
	73	+obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
74	74	obj-$(CONFIG_AUDITSYSCALL) += auditsc.o
75		-obj-$(CONFIG_GCOV_KERNEL) += gcov/
	75	+obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o
76	76	obj-$(CONFIG_AUDIT_TREE) += audit_tree.o
	77	+obj-$(CONFIG_GCOV_KERNEL) += gcov/
77	78	obj-$(CONFIG_KPROBES) += kprobes.o
78	79	obj-$(CONFIG_KGDB) += debug/
79	80	obj-$(CONFIG_DETECT_SOFTLOCKUP) += softlockup.o
...	...	@@ -103,7 +103,10 @@
103	103	extern void audit_free_rule_rcu(struct rcu_head *);
104	104	extern struct list_head audit_filter_list[];
105	105
	106	+extern struct audit_entry audit_dupe_rule(struct audit_krule old);
	107	+
106	108	/* audit watch functions */
	109	+#ifdef CONFIG_AUDIT_WATCH
107	110	extern void audit_put_watch(struct audit_watch *watch);
108	111	extern void audit_get_watch(struct audit_watch *watch);
109	112	extern int audit_to_watch(struct audit_krule krule, char path, int len, u32 op);
...	...	@@ -111,7 +114,16 @@
111	114	extern void audit_remove_watch_rule(struct audit_krule *krule);
112	115	extern char audit_watch_path(struct audit_watch watch);
113	116	extern int audit_watch_compare(struct audit_watch *watch, unsigned long ino, dev_t dev);
114		-extern struct audit_entry audit_dupe_rule(struct audit_krule old);
	117	+#else
	118	+#define audit_put_watch(w) {}
	119	+#define audit_get_watch(w) {}
	120	+#define audit_to_watch(k, p, l, o) (-EINVAL)
	121	+#define audit_add_watch(k, l) (-EINVAL)
	122	+#define audit_remove_watch_rule(k) BUG()
	123	+#define audit_watch_path(w) ""
	124	+#define audit_watch_compare(w, i, d) 0
	125	+
	126	+#endif /* CONFIG_AUDIT_WATCH */
115	127
116	128	#ifdef CONFIG_AUDIT_TREE
117	129	extern struct audit_chunk audit_tree_lookup(const struct inode );