[PATCH 1/3] audit: fix incorrect order of log new and old feature

[PATCH 1/3] audit: fix incorrect order of log new and old feature

[Gao feng]

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
 kernel/audit.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index 7c7c028..f16f835 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -664,7 +664,7 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature
 	struct audit_buffer *ab;
 
 	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE);
-	audit_log_format(ab, "feature=%s new=%d old=%d old_lock=%d new_lock=%d res=%d",
+	audit_log_format(ab, "feature=%s old=%d new=%d old_lock=%d new_lock=%d res=%d",
 			 audit_feature_names[which], !!old_feature, !!new_feature,
 			 !!old_lock, !!new_lock, res);
 	audit_log_end(ab);
-- 
1.8.3.1

[PATCH 2/3] audit: don't generate audit feature changed log when audit disabled

[Gao feng]

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
 kernel/audit.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/kernel/audit.c b/kernel/audit.c
index f16f835..c307786 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -663,6 +663,9 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature
 {
 	struct audit_buffer *ab;
 
+	if (audit_enabled == AUDIT_OFF)
+		return;
+
 	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE);
 	audit_log_format(ab, "feature=%s old=%d new=%d old_lock=%d new_lock=%d res=%d",
 			 audit_feature_names[which], !!old_feature, !!new_feature,
-- 
1.8.3.1

[PATCH 3/3] audit: use old_lock in audit_set_feature

[Gao feng]

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
 kernel/audit.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index c307786..19f21ae 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -697,7 +697,7 @@ static int audit_set_feature(struct sk_buff *skb)
 		old_lock = af.lock & feature;
 
 		/* are we changing a locked feature? */
-		if ((af.lock & feature) && (new_feature != old_feature)) {
+		if (old_lock && (new_feature != old_feature)) {
 			audit_log_feature_change(i, old_feature, new_feature,
 						 old_lock, new_lock, 0);
 			return -EPERM;
-- 
1.8.3.1

Re: [PATCH 1/3] audit: fix incorrect order of log new and old feature

[Richard Guy Briggs]

On Thu, Oct 31, 2013 at 04:27:56PM +0800, Gao feng wrote:
> Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>

Gao,

Could you provide some description, justification and references for
each of the patches in this patchset please?

> ---
>  kernel/audit.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 7c7c028..f16f835 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -664,7 +664,7 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature
>  	struct audit_buffer *ab;
>  
>  	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE);
> -	audit_log_format(ab, "feature=%s new=%d old=%d old_lock=%d new_lock=%d res=%d",
> +	audit_log_format(ab, "feature=%s old=%d new=%d old_lock=%d new_lock=%d res=%d",
>  			 audit_feature_names[which], !!old_feature, !!new_feature,
>  			 !!old_lock, !!new_lock, res);
>  	audit_log_end(ab);
> -- 
> 1.8.3.1
> 

- RGB

--
Richard Guy Briggs <rbriggs@redhat.com>
Senior Software Engineer
Kernel Security
AMER ENG Base Operating Systems
Remote, Ottawa, Canada
Voice: +1.647.777.2635
Internal: (81) 32635
Alt: +1.613.693.0684x3545

Re: [PATCH 1/3] audit: fix incorrect order of log new and old feature

[Eric Paris]

On Thu, 2013-10-31 at 11:39 -0400, Richard Guy Briggs wrote:
> On Thu, Oct 31, 2013 at 04:27:56PM +0800, Gao feng wrote:
> > Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
> 
> Gao,
> 
> Could you provide some description, justification and references for
> each of the patches in this patchset please?

Gao, you may also included my Acked-by: on all three.  I thought the
descriptions in the subject were enough, but if you can include a
sentence in the body that would be great.

> 
> > ---
> >  kernel/audit.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/kernel/audit.c b/kernel/audit.c
> > index 7c7c028..f16f835 100644
> > --- a/kernel/audit.c
> > +++ b/kernel/audit.c
> > @@ -664,7 +664,7 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature
> >  	struct audit_buffer *ab;
> >  
> >  	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE);
> > -	audit_log_format(ab, "feature=%s new=%d old=%d old_lock=%d new_lock=%d res=%d",
> > +	audit_log_format(ab, "feature=%s old=%d new=%d old_lock=%d new_lock=%d res=%d",
> >  			 audit_feature_names[which], !!old_feature, !!new_feature,
> >  			 !!old_lock, !!new_lock, res);
> >  	audit_log_end(ab);
> > -- 
> > 1.8.3.1
> > 
> 
> - RGB
> 
> --
> Richard Guy Briggs <rbriggs@redhat.com>
> Senior Software Engineer
> Kernel Security
> AMER ENG Base Operating Systems
> Remote, Ottawa, Canada
> Voice: +1.647.777.2635
> Internal: (81) 32635
> Alt: +1.613.693.0684x3545

Re: [PATCH 1/3] audit: fix incorrect order of log new and old feature

[Gao feng]

Hi Eric & Richard,
On 10/31/2013 11:49 PM, Eric Paris wrote:
> On Thu, 2013-10-31 at 11:39 -0400, Richard Guy Briggs wrote:
>> On Thu, Oct 31, 2013 at 04:27:56PM +0800, Gao feng wrote:
>>> Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
>>
>> Gao,
>>
>> Could you provide some description, justification and references for
>> each of the patches in this patchset please?
> 
> Gao, you may also included my Acked-by: on all three.  I thought the
> descriptions in the subject were enough, but if you can include a
> sentence in the body that would be great.
> 

Get it, I will update this serial.

Thanks!