aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds2012-04-02 15:48:12 -0700
committerLinus Torvalds2012-04-03 09:49:59 -0700
commitb61c37f57988567c84359645f8202a7c84bc798a (patch)
treea808c891711d060060a751f4119198dc06e2c847 /security
parent3f0882c48286e7bdb0bbdec9c4bfa934e0db8e09 (diff)
lsm_audit: don't specify the audit pre/post callbacks in 'struct common_audit_data'
It just bloats the audit data structure for no good reason, since the only time those fields are filled are just before calling the common_lsm_audit() function, which is also the only user of those fields. So just make them be the arguments to common_lsm_audit(), rather than bloating that structure that is passed around everywhere, and is initialized in hot paths. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
-rw-r--r--security/apparmor/audit.c4
-rw-r--r--security/lsm_audit.c14
-rw-r--r--security/selinux/avc.c4
-rw-r--r--security/smack/smack_access.c3
4 files changed, 12 insertions, 13 deletions
diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index 23f7eb658d9c..cc3520d39a78 100644
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -160,9 +160,7 @@ void aa_audit_msg(int type, struct common_audit_data *sa,
void (*cb) (struct audit_buffer *, void *))
{
sa->aad->type = type;
- sa->lsm_pre_audit = audit_pre;
- sa->lsm_post_audit = cb;
- common_lsm_audit(sa);
+ common_lsm_audit(sa, audit_pre, cb);
}
/**
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index e96c6aa17bb0..90c129b0102f 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -378,11 +378,15 @@ static void dump_common_audit_data(struct audit_buffer *ab,
/**
* common_lsm_audit - generic LSM auditing function
* @a: auxiliary audit data
+ * @pre_audit: lsm-specific pre-audit callback
+ * @post_audit: lsm-specific post-audit callback
*
* setup the audit buffer for common security information
* uses callback to print LSM specific information
*/
-void common_lsm_audit(struct common_audit_data *a)
+void common_lsm_audit(struct common_audit_data *a,
+ void (*pre_audit)(struct audit_buffer *, void *),
+ void (*post_audit)(struct audit_buffer *, void *))
{
struct audit_buffer *ab;
@@ -394,13 +398,13 @@ void common_lsm_audit(struct common_audit_data *a)
if (ab == NULL)
return;
- if (a->lsm_pre_audit)
- a->lsm_pre_audit(ab, a);
+ if (pre_audit)
+ pre_audit(ab, a);
dump_common_audit_data(ab, a);
- if (a->lsm_post_audit)
- a->lsm_post_audit(ab, a);
+ if (post_audit)
+ post_audit(ab, a);
audit_log_end(ab);
}
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 36c42bb52d81..8ee42b2a5f19 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -492,9 +492,7 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass,
slad.denied = denied;
a->selinux_audit_data->slad = &slad;
- a->lsm_pre_audit = avc_audit_pre_callback;
- a->lsm_post_audit = avc_audit_post_callback;
- common_lsm_audit(a);
+ common_lsm_audit(a, avc_audit_pre_callback, avc_audit_post_callback);
return 0;
}
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index 2af7fcc98a71..c8115f7308f8 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -321,9 +321,8 @@ void smack_log(char *subject_label, char *object_label, int request,
sad->object = object_label;
sad->request = request_buffer;
sad->result = result;
- a->lsm_pre_audit = smack_log_callback;
- common_lsm_audit(a);
+ common_lsm_audit(a, smack_log_callback, NULL);
}
#else /* #ifdef CONFIG_AUDIT */
void smack_log(char *subject_label, char *object_label, int request,