diff --git a/include/linux/audit.h b/include/linux/audit.h index b3d859831..0efa40582 100755 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -268,6 +268,11 @@ static inline int audit_signal_info(int sig, struct task_struct *t) return 0; } +static inline int audit_update_lsm_rules(void) +{ + return 0; +} + #endif /* CONFIG_AUDIT */ #ifdef CONFIG_AUDIT_COMPAT_GENERIC diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h index 91d6990b7..0c303e200 100755 --- a/include/linux/lsm_audit.h +++ b/include/linux/lsm_audit.h @@ -118,8 +118,16 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb, int ipv6_skb_to_auditdata(struct sk_buff *skb, struct common_audit_data *ad, u8 *proto); +#ifdef CONFIG_AUDIT void common_lsm_audit(struct common_audit_data *a, void (*pre_audit)(struct audit_buffer *, void *), void (*post_audit)(struct audit_buffer *, void *)); +#else +static inline void common_lsm_audit(struct common_audit_data *a, + void (*pre_audit)(struct audit_buffer *, void *), + void (*post_audit)(struct audit_buffer *, void *)) +{ +} +#endif #endif diff --git a/security/Makefile b/security/Makefile index a5214e60b..424c0beeb 100755 --- a/security/Makefile +++ b/security/Makefile @@ -23,7 +23,7 @@ obj-$(CONFIG_SECURITY) += security.o obj-$(CONFIG_SECURITYFS) += inode.o obj-$(CONFIG_SECURITY_SELINUX) += selinux/ obj-$(CONFIG_SECURITY_SMACK) += smack/ -obj-$(CONFIG_SECURITY) += lsm_audit.o +obj-$(CONFIG_AUDIT) += lsm_audit.o obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/ obj-$(CONFIG_SECURITY_APPARMOR) += apparmor/ obj-$(CONFIG_SECURITY_YAMA) += yama/ diff --git a/security/selinux/Kconfig b/security/selinux/Kconfig index 9e921fc72..8c5093f20 100755 --- a/security/selinux/Kconfig +++ b/security/selinux/Kconfig @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0-only config SECURITY_SELINUX bool "NSA SELinux Support" - depends on SECURITY_NETWORK && AUDIT && NET && INET + depends on SECURITY_NETWORK && NET && INET select NETWORK_SECMARK default n help