[PATCH 2/5] audit: don't generate audit feature changed log when audit disabled
If audit is disabled,we shouldn't generate the audit log.
Acked-by: Eric Paris <eparis(a)redhat.com>
Signed-off-by: Gao feng <gaofeng(a)cn.fujitsu.com>
---
kernel/audit.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/audit.c b/kernel/audit.c
index f16f835..c307786 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -663,6 +663,9 @@ static void audit_log_feature_change(int which, u32 old_feature, u32
new_feature
{
struct audit_buffer *ab;
+ if (audit_enabled == AUDIT_OFF)
+ return;
+
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE);
audit_log_format(ab, "feature=%s old=%d new=%d old_lock=%d new_lock=%d
res=%d",
audit_feature_names[which], !!old_feature, !!new_feature,
--
1.8.3.1