diff options
author | Eric Paris <eparis@redhat.com> | 2013-04-18 19:16:36 -0400 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2013-04-30 15:31:28 -0400 |
commit | 18900909163758baf2152c9102b1a0953f7f1c30 (patch) | |
tree | 0b5c2920d599911c39c78f021da34f71c1ca021e /kernel/audit.c | |
parent | ab61d38ed8cf670946d12dc46b9198b521c790ea (diff) | |
download | op-kernel-dev-18900909163758baf2152c9102b1a0953f7f1c30.zip op-kernel-dev-18900909163758baf2152c9102b1a0953f7f1c30.tar.gz |
audit: remove the old depricated kernel interface
We used to have an inflexible mechanism to add audit rules to the
kernel. It hasn't been used in a long time. Get rid of that stuff.
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/audit.c')
-rw-r--r-- | kernel/audit.c | 28 |
1 files changed, 5 insertions, 23 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 1322714..274882d 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -597,13 +597,14 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type) return -EPERM; switch (msg_type) { - case AUDIT_GET: case AUDIT_LIST: - case AUDIT_LIST_RULES: - case AUDIT_SET: case AUDIT_ADD: - case AUDIT_ADD_RULE: case AUDIT_DEL: + return -EOPNOTSUPP; + case AUDIT_GET: + case AUDIT_SET: + case AUDIT_LIST_RULES: + case AUDIT_ADD_RULE: case AUDIT_DEL_RULE: case AUDIT_SIGNAL_INFO: case AUDIT_TTY_GET: @@ -766,25 +767,6 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) audit_log_end(ab); } break; - case AUDIT_ADD: - case AUDIT_DEL: - if (nlmsg_len(nlh) < sizeof(struct audit_rule)) - return -EINVAL; - if (audit_enabled == AUDIT_LOCKED) { - audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE, - loginuid, sessionid, sid); - - audit_log_format(ab, " audit_enabled=%d res=0", - audit_enabled); - audit_log_end(ab); - return -EPERM; - } - /* fallthrough */ - case AUDIT_LIST: - err = audit_receive_filter(msg_type, NETLINK_CB(skb).portid, - seq, data, nlmsg_len(nlh), - loginuid, sessionid, sid); - break; case AUDIT_ADD_RULE: case AUDIT_DEL_RULE: if (nlmsg_len(nlh) < sizeof(struct audit_rule_data)) |