Re: [PATCH 0/2] audit boot parameter cleanups
On 2018-02-22 17:22, Greg Edwards wrote:
One of our CI tests was booting upstream kernels with the
"audit=off" kernel
parameter. This was our error; it should have been "audit=0". However,
in 4.15 the verification of the boot parameter got more strict in 80ab4df62706
("audit: don't use simple_strtol() anymore"), and our errant boot
parameter
value starting panic'ing the system.
The problem is this happens so early in boot, the console isn't initialized yet
and you don't see the panic message. You have no idea what the problem is
unless you add an "earlyprintk" boot option, e.g.
earlyprintk=serial,ttyS0,115200n8.
Fix this by having the boot parameter setup function just save the boot
parameter value, and process it later from a call in audit_init(). The console
is initialized by this point, and you can see any panic messages without having
to use an earlyprintk option.
This part all looks good.
Additionally, add "on" and "off" as valid audit
boot parameter values.
This part is a step in the right direction, but I've got minor concerns
about variations on "0" and "1" that will no longer work, since any
non-zero integer worked previously and will no longer do so.
I would have still used the integer conversion but checked explicitly
for "on" and "off" prior to testing for an integer.
Greg Edwards (2):
audit: move processing of "audit" boot param to audit_init()
audit: add "on"/"off" as valid boot parameter values
Documentation/admin-guide/kernel-parameters.txt | 14 +++----
kernel/audit.c | 49 ++++++++++++++++---------
2 files changed, 39 insertions(+), 24 deletions(-)
- RGB
--
Richard Guy Briggs <rgb(a)redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635