From b6c50fe0be5b3a6be9c26f6941bc8c94cfaac1f8 Mon Sep 17 00:00:00 2001 From: Gao feng Date: Fri, 1 Nov 2013 19:34:43 +0800 Subject: audit: don't generate audit feature changed log when audit disabled If audit is disabled,we shouldn't generate the audit log. Acked-by: Eric Paris Signed-off-by: Gao feng Signed-off-by: Richard Guy Briggs Signed-off-by: Eric Paris --- kernel/audit.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'kernel') diff --git a/kernel/audit.c b/kernel/audit.c index 4b6250cf87fd..2360da991721 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -680,6 +680,9 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature { struct audit_buffer *ab; + if (audit_enabled == AUDIT_OFF) + return; + ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE); audit_log_format(ab, "feature=%s old=%d new=%d old_lock=%d new_lock=%d res=%d", audit_feature_names[which], !!old_feature, !!new_feature, -- cgit v1.2.3