From 939a67fc4cbab8ca11c90da8a769d7e965d66a9b Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Thu, 17 Dec 2009 20:12:06 -0500 Subject: [PATCH] Audit: split audit watch Kconfig Audit watch should depend on CONFIG_AUDIT_SYSCALL and should select FSNOTIFY. This splits the spagetti like mixing of audit_watch and audit_filter code so they can be configured seperately. Signed-off-by: Eric Paris --- init/Kconfig | 6 +++++- kernel/Makefile | 5 +++-- kernel/audit.h | 14 +++++++++++++- 3 files changed, 21 insertions(+), 4 deletions(-) diff --git a/init/Kconfig b/init/Kconfig index 59f62548c2aa..05e932ef5169 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -307,7 +307,6 @@ config TASK_IO_ACCOUNTING config AUDIT bool "Auditing support" depends on NET - select FSNOTIFY help Enable auditing infrastructure that can be used with another kernel subsystem, such as SELinux (which requires this for @@ -323,6 +322,11 @@ config AUDITSYSCALL can be used independently or with another kernel subsystem, such as SELinux. +config AUDIT_WATCH + def_bool y + depends on AUDITSYSCALL + select FSNOTIFY + config AUDIT_TREE def_bool y depends on AUDITSYSCALL diff --git a/kernel/Makefile b/kernel/Makefile index 057472fbc272..202df4ece6a5 100644 --- a/kernel/Makefile +++ b/kernel/Makefile @@ -70,10 +70,11 @@ obj-$(CONFIG_IKCONFIG) += configs.o obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o obj-$(CONFIG_SMP) += stop_machine.o obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o -obj-$(CONFIG_AUDIT) += audit.o auditfilter.o audit_watch.o +obj-$(CONFIG_AUDIT) += audit.o auditfilter.o obj-$(CONFIG_AUDITSYSCALL) += auditsc.o -obj-$(CONFIG_GCOV_KERNEL) += gcov/ +obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o obj-$(CONFIG_AUDIT_TREE) += audit_tree.o +obj-$(CONFIG_GCOV_KERNEL) += gcov/ obj-$(CONFIG_KPROBES) += kprobes.o obj-$(CONFIG_KGDB) += debug/ obj-$(CONFIG_DETECT_SOFTLOCKUP) += softlockup.o diff --git a/kernel/audit.h b/kernel/audit.h index 100b454a7354..f7206db4e13d 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -103,7 +103,10 @@ extern struct mutex audit_filter_mutex; extern void audit_free_rule_rcu(struct rcu_head *); extern struct list_head audit_filter_list[]; +extern struct audit_entry *audit_dupe_rule(struct audit_krule *old); + /* audit watch functions */ +#ifdef CONFIG_AUDIT_WATCH extern void audit_put_watch(struct audit_watch *watch); extern void audit_get_watch(struct audit_watch *watch); extern int audit_to_watch(struct audit_krule *krule, char *path, int len, u32 op); @@ -111,7 +114,16 @@ extern int audit_add_watch(struct audit_krule *krule, struct list_head **list); extern void audit_remove_watch_rule(struct audit_krule *krule); extern char *audit_watch_path(struct audit_watch *watch); extern int audit_watch_compare(struct audit_watch *watch, unsigned long ino, dev_t dev); -extern struct audit_entry *audit_dupe_rule(struct audit_krule *old); +#else +#define audit_put_watch(w) {} +#define audit_get_watch(w) {} +#define audit_to_watch(k, p, l, o) (-EINVAL) +#define audit_add_watch(k, l) (-EINVAL) +#define audit_remove_watch_rule(k) BUG() +#define audit_watch_path(w) "" +#define audit_watch_compare(w, i, d) 0 + +#endif /* CONFIG_AUDIT_WATCH */ #ifdef CONFIG_AUDIT_TREE extern struct audit_chunk *audit_tree_lookup(const struct inode *);