(I'm resending this as I've been told, to CC linux-audit. I'm also
adding Al Viro too.)
Is there any reason that audit_avc_path has a return value? The only
two places in the kernel that it is used, the value is ignored, and when
it is turned off, we get a silly warning about "statement with no
effect". Even the comment above the function states that it is only
used in one file.
So this patch removes the need to have a return value.
-- Steve
Signed-off-by: Steven Rostedt
Index: linux-2.6.17-rc5/include/linux/audit.h
===================================================================
--- linux-2.6.17-rc5.orig/include/linux/audit.h 2006-05-30 14:39:22.000000000
-0400
+++ linux-2.6.17-rc5/include/linux/audit.h 2006-05-30 14:39:45.000000000
-0400
@@ -324,7 +324,7 @@ extern int audit_ipc_obj(struct kern_ipc
extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid,
mode_t mode, struct kern_ipc_perm *ipcp);
extern int audit_socketcall(int nargs, unsigned long *args);
extern int audit_sockaddr(int len, void *addr);
-extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
+extern void audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
extern void audit_signal_info(int sig, struct task_struct *t);
extern int audit_set_macxattr(const char *name);
#else
@@ -344,7 +344,7 @@ extern int audit_set_macxattr(const char
#define audit_ipc_set_perm(q,u,g,m,i) ({ 0; })
#define audit_socketcall(n,a) ({ 0; })
#define audit_sockaddr(len, addr) ({ 0; })
-#define audit_avc_path(dentry, mnt) ({ 0; })
+#define audit_avc_path(dentry, mnt) do { ; } while (0)
#define audit_signal_info(s,t) do { ; } while (0)
#define audit_set_macxattr(n) do { ; } while (0)
#endif
Index: linux-2.6.17-rc5/kernel/auditsc.c
===================================================================
--- linux-2.6.17-rc5.orig/kernel/auditsc.c 2006-05-30 14:40:00.000000000
-0400
+++ linux-2.6.17-rc5/kernel/auditsc.c 2006-05-30 14:41:56.000000000 -0400
@@ -1292,21 +1292,19 @@ int audit_sockaddr(int len, void *a)
* @dentry: dentry to record
* @mnt: mnt to record
*
- * Returns 0 for success or NULL context or < 0 on error.
- *
* Called from security/selinux/avc.c::avc_audit()
*/
-int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt)
+void audit_avc_path(struct dentry *dentry, struct vfsmount *mnt)
{
struct audit_aux_data_path *ax;
struct audit_context *context = current->audit_context;
if (likely(!context))
- return 0;
+ return;
ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
if (!ax)
- return -ENOMEM;
+ return;
ax->dentry = dget(dentry);
ax->mnt = mntget(mnt);
@@ -1314,7 +1312,7 @@ int audit_avc_path(struct dentry *dentry
ax->d.type = AUDIT_AVC_PATH;
ax->d.next = context->aux;
context->aux = (void *)ax;
- return 0;
+ return;
}
/**
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
