Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Mar 2009 17:15:02 +0000 (UTC)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org
Subject:   svn commit: r189889 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb security/audit
Message-ID:  <200903161715.n2GHF2ek067023@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: rwatson
Date: Mon Mar 16 17:15:02 2009
New Revision: 189889
URL: http://svn.freebsd.org/changeset/base/189889

Log:
  Merge r186822 from head to stable/7:
  
    In AUDIT_SYSCALL_EXIT(), invoke audit_syscall_exit() only if an audit
    record is active on the current thread--historically we may always
    have wanted to enter the audit code if auditing was enabled, but now
    we just commit the audit record so don't need to enter if there isn't
    one.
  
    Obtained from:	TrustedBSD Project
    Sponsored by:		Apple, Inc.

Modified:
  stable/7/sys/   (props changed)
  stable/7/sys/contrib/pf/   (props changed)
  stable/7/sys/dev/ath/ath_hal/   (props changed)
  stable/7/sys/dev/cxgb/   (props changed)
  stable/7/sys/security/audit/audit.h

Modified: stable/7/sys/security/audit/audit.h
==============================================================================
--- stable/7/sys/security/audit/audit.h	Mon Mar 16 17:08:10 2009	(r189888)
+++ stable/7/sys/security/audit/audit.h	Mon Mar 16 17:15:02 2009	(r189889)
@@ -198,11 +198,11 @@ void	 audit_thread_free(struct thread *t
 
 /*
  * Wrap the audit_syscall_exit() function so that it is called only when
- * auditing is enabled, or we have a audit record on the thread.  It is
- * possible that an audit record was begun before auditing was turned off.
+ * we have a audit record on the thread.  Audit records can persist after
+ * auditing is disabled, so we don't just check audit_enabled here.
  */
 #define	AUDIT_SYSCALL_EXIT(error, td)	do {				\
-	if (audit_enabled || (td->td_ar != NULL))			\
+	if (td->td_ar != NULL)						\
 		audit_syscall_exit(error, td);				\
 } while (0)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903161715.n2GHF2ek067023>