|
|
@@ -63,11 +63,6 @@ struct selinux_late_audit_data {
|
|
|
* We collect this at the beginning or during an selinux security operation
|
|
|
*/
|
|
|
struct selinux_audit_data {
|
|
|
- /*
|
|
|
- * auditdeny is a bit tricky and unintuitive. See the
|
|
|
- * comments in avc.c for it's meaning and usage.
|
|
|
- */
|
|
|
- u32 auditdeny;
|
|
|
struct selinux_late_audit_data *slad;
|
|
|
};
|
|
|
|
|
|
@@ -145,9 +140,7 @@ static inline int avc_audit(u32 ssid, u32 tsid,
|
|
|
struct common_audit_data *a, unsigned flags)
|
|
|
{
|
|
|
u32 audited, denied;
|
|
|
- audited = avc_audit_required(requested, avd, result,
|
|
|
- a ? a->selinux_audit_data->auditdeny : 0,
|
|
|
- &denied);
|
|
|
+ audited = avc_audit_required(requested, avd, result, 0, &denied);
|
|
|
if (likely(!audited))
|
|
|
return 0;
|
|
|
return slow_avc_audit(ssid, tsid, tclass,
|
Eric Paris