The processing of the "audit" boot parameter is handled before the
console has been initialized.  We therefore miss any panic messages if
we fail to verify the boot parameter or set the audit state, unless we
also enable earlyprintk.

Instead, have the boot parameter function just save the parameter value
and process it later from audit_init(), which is a postcore_initcall()
function.

Signed-off-by: Greg Edwards <gedwa...@ddn.com>
---
 kernel/audit.c | 48 +++++++++++++++++++++++++++++++-----------------
 1 file changed, 31 insertions(+), 17 deletions(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index 227db99b0f19..3fb11bcb4408 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -99,6 +99,9 @@ static u32    audit_failure = AUDIT_FAIL_PRINTK;
 /* private audit network namespace index */
 static unsigned int audit_net_id;
 
+/* 'audit' boot parameter value */
+static char *audit_boot;
+
 /**
  * struct audit_net - audit private network namespace data
  * @sk: communication socket
@@ -1528,11 +1531,35 @@ static struct pernet_operations audit_net_ops 
__net_initdata = {
        .size = sizeof(struct audit_net),
 };
 
+/* Process kernel command-line parameter at boot time.  audit=0 or audit=1. */
+static void __init audit_enable(void)
+{
+       long val;
+
+       if (!audit_boot)
+               return;
+
+       if (kstrtol(audit_boot, 0, &val))
+               panic("audit: invalid 'audit' parameter value (%s)\n",
+                     audit_boot);
+       audit_default = (val ? AUDIT_ON : AUDIT_OFF);
+
+       if (audit_default == AUDIT_OFF)
+               audit_initialized = AUDIT_DISABLED;
+       if (audit_set_enabled(audit_default))
+               panic("audit: error setting audit state (%d)\n", audit_default);
+
+       pr_info("%s\n", audit_default ?
+               "enabled (after initialization)" : "disabled (until reboot)");
+}
+
 /* Initialize audit support at boot time. */
 static int __init audit_init(void)
 {
        int i;
 
+       audit_enable();
+
        if (audit_initialized == AUDIT_DISABLED)
                return 0;
 
@@ -1567,26 +1594,13 @@ static int __init audit_init(void)
 }
 postcore_initcall(audit_init);
 
-/* Process kernel command-line parameter at boot time.  audit=0 or audit=1. */
-static int __init audit_enable(char *str)
+/* Store kernel command-line parameter at boot time.  audit=0 or audit=1. */
+static int __init audit_set(char *str)
 {
-       long val;
-
-       if (kstrtol(str, 0, &val))
-               panic("audit: invalid 'audit' parameter value (%s)\n", str);
-       audit_default = (val ? AUDIT_ON : AUDIT_OFF);
-
-       if (audit_default == AUDIT_OFF)
-               audit_initialized = AUDIT_DISABLED;
-       if (audit_set_enabled(audit_default))
-               panic("audit: error setting audit state (%d)\n", audit_default);
-
-       pr_info("%s\n", audit_default ?
-               "enabled (after initialization)" : "disabled (until reboot)");
-
+       audit_boot = str;
        return 1;
 }
-__setup("audit=", audit_enable);
+__setup("audit=", audit_set);
 
 /* Process kernel command-line parameter at boot time.
  * audit_backlog_limit=<n> */
-- 
2.14.3

--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit

Reply via email to