audit: ensure that 'audit=1' actually enables audit for PID 1 (173743dd) · Commits · 戴 / test

kernel/audit.c

+5 −5

Original line number	Diff line number	Diff line
		@@ -85,13 +85,13 @@ static int audit_initialized;
		#define AUDIT_OFF 0
		#define AUDIT_ON 1
		#define AUDIT_LOCKED 2
		u32 audit_enabled;
		u32 audit_ever_enabled;
		u32 audit_enabled = AUDIT_OFF;
		u32 audit_ever_enabled = !!AUDIT_OFF;

		EXPORT_SYMBOL_GPL(audit_enabled);

		/* Default state when kernel boots without any parameters. */
		static u32 audit_default;
		static u32 audit_default = AUDIT_OFF;

		/* If auditing cannot proceed, audit_failure selects what happens. */
		static u32 audit_failure = AUDIT_FAIL_PRINTK;
		@@ -1549,8 +1549,6 @@ static int __init audit_init(void)
		register_pernet_subsys(&audit_net_ops);

		audit_initialized = AUDIT_INITIALIZED;
		audit_enabled = audit_default;
		audit_ever_enabled \|= !!audit_default;

		kauditd_task = kthread_run(kauditd_thread, NULL, "kauditd");
		if (IS_ERR(kauditd_task)) {
		@@ -1572,6 +1570,8 @@ static int __init audit_enable(char *str)
		audit_default = !!simple_strtol(str, NULL, 0);
		if (!audit_default)
		audit_initialized = AUDIT_DISABLED;
		audit_enabled = audit_default;
		audit_ever_enabled = !!audit_enabled;

		pr_info("%s\n", audit_default ?
		"enabled (after initialization)" : "disabled (until reboot)");