diff options
author | Linus Torvalds | 2018-08-15 10:46:54 -0700 |
---|---|---|
committer | Linus Torvalds | 2018-08-15 10:46:54 -0700 |
commit | 8c326850304d495deee6ff9a609173a340c5245b (patch) | |
tree | 489309f5d74061e67fcf313718a8fa282d7477fc /include/net | |
parent | 6f7dac117d895596ca52b935bdd534ac9032deb4 (diff) | |
parent | baa2a4fdd525c8c4b0f704d20457195b29437839 (diff) |
Merge tag 'audit-pr-20180814' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
Pull audit patches from Paul Moore:
"Twelve audit patches for v4.19 and they run the full gamut from fixes
to features.
Notable changes include the ability to use the "exe" audit filter
field in a wider variety of filter types, a fix for our comparison of
GID/EGID in audit filter rules, better association of related audit
records (connecting related audit records together into one audit
event), and a fix for a potential use-after-free in audit_add_watch().
All the patches pass the audit-testsuite and merge cleanly on your
current master branch"
* tag 'audit-pr-20180814' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
audit: fix use-after-free in audit_add_watch
audit: use ktime_get_coarse_real_ts64() for timestamps
audit: use ktime_get_coarse_ts64() for time access
audit: simplify audit_enabled check in audit_watch_log_rule_change()
audit: check audit_enabled in audit_tree_log_remove_rule()
cred: conditionally declare groups-related functions
audit: eliminate audit_enabled magic number comparison
audit: rename FILTER_TYPE to FILTER_EXCLUDE
audit: Fix extended comparison of GID/EGID
audit: tie ANOM_ABEND records to syscall
audit: tie SECCOMP records to syscall
audit: allow other filter list types for AUDIT_EXE
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/xfrm.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 557122846e0e..f7f297727ed8 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -735,7 +735,7 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op) { struct audit_buffer *audit_buf = NULL; - if (audit_enabled == 0) + if (audit_enabled == AUDIT_OFF) return NULL; audit_buf = audit_log_start(audit_context(), GFP_ATOMIC, AUDIT_MAC_IPSEC_EVENT); |