From mboxrd@z Thu Jan  1 00:00:00 1970
From: Greg Edwards <gedwards@ddn.com>
Subject: [PATCH v2] audit: do not panic kernel on invalid audit parameter
Date: Wed, 21 Feb 2018 09:18:19 -0700
Message-ID: <20180221161819.26207-1-gedwards@ddn.com>
References: <20180220213347.21926-1-gedwards@ddn.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <20180220213347.21926-1-gedwards@ddn.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
Cc: Richard Guy Briggs <rgb@redhat.com>, Greg Edwards <gedwards@ddn.com>
List-Id: linux-audit@redhat.com

If you pass in an invalid audit kernel boot parameter, e.g. 'audit=off',
the kernel panics very early in boot with no output on the console
indicating the problem.

Instead, print the error indicating an invalid audit parameter value,
but leave auditing enabled.

Fixes: 80ab4df62706 ("audit: don't use simple_strtol() anymore")
Signed-off-by: Greg Edwards <gedwards@ddn.com>
---
Changes v1 -> v2:
  - default to auditing enabled for the error case

 kernel/audit.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index 227db99b0f19..9b80e9895107 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1572,8 +1572,10 @@ static int __init audit_enable(char *str)
 {
 	long val;
 
-	if (kstrtol(str, 0, &val))
-		panic("audit: invalid 'audit' parameter value (%s)\n", str);
+	if (kstrtol(str, 0, &val)) {
+		pr_err("invalid 'audit' parameter value (%s)\n", str);
+		val = AUDIT_ON;
+	}
 	audit_default = (val ? AUDIT_ON : AUDIT_OFF);
 
 	if (audit_default == AUDIT_OFF)
-- 
2.14.3