Skip to content

Commit

Permalink
smack: call WARN_ONCE() instead of calling audit_log_start()
Browse files Browse the repository at this point in the history 
Remove the call to audit_log() (which call audit_log_start()) and deal with
the errors in the caller, logging only once if the condition is met.  Calling
audit_log_start() in this location makes buffer allocation and locking more
complicated in the calling tree (audit_filter_user()).

Signed-off-by: Richard Guy Briggs <[email protected]>
Signed-off-by: Eric Paris <[email protected]>
  • Loading branch information
@rgbriggs @eparis
rgbriggs authored and eparis committed Jan 14, 2014
1 parent 9ad42a7 commit 4eb0f4a
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions security/smack/smack_lsm.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3615,9 +3615,8 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule,
struct smack_known *skp;
char *rule = vrule;

if (!rule) {
audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,
"Smack: missing rule\n");
if (unlikely(!rule)) {
WARN_ONCE(1, "Smack: missing rule\n");
return -ENOENT;
}

Expand Down

0 comments on commit 4eb0f4a

Please sign in to comment.