Re: [PATCH v2] lsm_audit,selinux: return early for possible NULL audit buffers

[Paul Moore]

On Tue, Jul 13, 2021 at 8:11 PM Austin Kim <austindh.kim@xxxxxxxxx> wrote:
>
> From: Austin Kim <austin.kim@xxxxxxx>
>
> audit_log_start() may return NULL in below cases:
>
>   - when audit is not initialized.
>   - when audit backlog limit exceeds.
>
> After the call to audit_log_start() is made and then possible NULL audit
> buffer argument is passed to audit_log_*() functions,
> audit_log_*() functions return immediately in case of a NULL audit buffer
> argument.
>
> But it is optimal to return early when audit_log_start() returns NULL,
> because it is not necessary for audit_log_*() functions to be called with
> NULL audit buffer argument.
>
> So add exception handling for possible NULL audit buffers where
> return value can be handled from callers.
>
> Signed-off-by: Austin Kim <austin.kim@xxxxxxx>
> ---
>  security/selinux/hooks.c       | 4 ++++
>  security/selinux/ss/services.c | 2 ++
>  2 files changed, 6 insertions(+)

Merged into selinux/next, thank you!

-- 
paul moore
www.paul-moore.com