diff options
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r-- | kernel/auditsc.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index c68229411a7c..f9eaa1666a61 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -119,6 +119,7 @@ struct audit_names { unsigned int fcap_ver; int name_len; /* number of name's characters to log */ unsigned char type; /* record type */ + bool hidden; /* don't log this record */ bool name_put; /* call __putname() for this name */ /* * This was an allocated audit_names and not from the array of @@ -1694,8 +1695,11 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts } i = 0; - list_for_each_entry(n, &context->names_list, list) + list_for_each_entry(n, &context->names_list, list) { + if (n->hidden) + continue; audit_log_name(context, n, i++, &call_panic); + } /* Send end of event record to help user space know we are finished */ ab = audit_log_start(context, GFP_KERNEL, AUDIT_EOE); @@ -2099,14 +2103,15 @@ static void audit_copy_inode(struct audit_names *name, const struct dentry *dent * __audit_inode - store the inode and device from a lookup * @name: name being audited * @dentry: dentry being audited - * @parent: does this dentry represent the parent? + * @flags: attributes for this particular entry */ void __audit_inode(struct filename *name, const struct dentry *dentry, - unsigned int parent) + unsigned int flags) { struct audit_context *context = current->audit_context; const struct inode *inode = dentry->d_inode; struct audit_names *n; + bool parent = flags & AUDIT_INODE_PARENT; if (!context->in_syscall) return; @@ -2161,6 +2166,8 @@ out: if (parent) { n->name_len = n->name ? parent_len(n->name->name) : AUDIT_NAME_FULL; n->type = AUDIT_TYPE_PARENT; + if (flags & AUDIT_INODE_HIDDEN) + n->hidden = true; } else { n->name_len = AUDIT_NAME_FULL; n->type = AUDIT_TYPE_NORMAL; |