aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--kernel/auditfilter.c8
-rw-r--r--kernel/auditsc.c1
2 files changed, 5 insertions, 4 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index b3fccd6808f..df9503da40f 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -128,8 +128,11 @@ static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule)
#endif
;
}
- if (rule->action != AUDIT_NEVER && rule->action != AUDIT_POSSIBLE &&
- rule->action != AUDIT_ALWAYS)
+ if (unlikely(rule->action == AUDIT_POSSIBLE)) {
+ printk(KERN_ERR "AUDIT_POSSIBLE is deprecated\n");
+ goto exit_err;
+ }
+ if (rule->action != AUDIT_NEVER && rule->action != AUDIT_ALWAYS)
goto exit_err;
if (rule->field_count > AUDIT_MAX_FIELDS)
goto exit_err;
@@ -734,7 +737,6 @@ static int audit_filter_user_rules(struct netlink_skb_parms *cb,
}
switch (rule->action) {
case AUDIT_NEVER: *state = AUDIT_DISABLED; break;
- case AUDIT_POSSIBLE: *state = AUDIT_BUILD_CONTEXT; break;
case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break;
}
return 1;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 05d31ee4f3d..4503c4663cf 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -307,7 +307,6 @@ static int audit_filter_rules(struct task_struct *tsk,
}
switch (rule->action) {
case AUDIT_NEVER: *state = AUDIT_DISABLED; break;
- case AUDIT_POSSIBLE: *state = AUDIT_BUILD_CONTEXT; break;
case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break;
}
return 1;