summaryrefslogtreecommitdiffstats
path: root/security/integrity/integrity.h
diff options
context:
space:
mode:
authorStefan Berger <stefanb@linux.vnet.ibm.com>2018-06-04 16:54:54 -0400
committerMimi Zohar <zohar@linux.vnet.ibm.com>2018-07-18 07:27:22 -0400
commit2afd020aaeeefacb7711b47e3afb0cfb50db3f13 (patch)
treebf3a9a541f8598092f8cd7ecbfa93c0f15bc0b22 /security/integrity/integrity.h
parent3d2859d5d4c33b12327764b887039bca15a37e57 (diff)
downloadop-kernel-dev-2afd020aaeeefacb7711b47e3afb0cfb50db3f13.zip
op-kernel-dev-2afd020aaeeefacb7711b47e3afb0cfb50db3f13.tar.gz
ima: Do not audit if CONFIG_INTEGRITY_AUDIT is not set
If Integrity is not auditing, IMA shouldn't audit, either. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Acked-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity/integrity.h')
-rw-r--r--security/integrity/integrity.h15
1 files changed, 15 insertions, 0 deletions
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index 0bb372e..e60473b 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -15,6 +15,7 @@
#include <linux/integrity.h>
#include <crypto/sha.h>
#include <linux/key.h>
+#include <linux/audit.h>
/* iint action cache flags */
#define IMA_MEASURE 0x00000001
@@ -199,6 +200,13 @@ static inline void evm_load_x509(void)
void integrity_audit_msg(int audit_msgno, struct inode *inode,
const unsigned char *fname, const char *op,
const char *cause, int result, int info);
+
+static inline struct audit_buffer *
+integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
+{
+ return audit_log_start(ctx, gfp_mask, type);
+}
+
#else
static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
const unsigned char *fname,
@@ -206,4 +214,11 @@ static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
int result, int info)
{
}
+
+static inline struct audit_buffer *
+integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
+{
+ return NULL;
+}
+
#endif
OpenPOWER on IntegriCloud