[PATCH] security: only build lsm_audit if CONFIG_SECURITY=y
Paul Moore
paul at paul-moore.com
Tue Dec 10 19:15:54 UTC 2019
On Tue, Dec 10, 2019 at 11:55 AM Stephen Smalley <sds at tycho.nsa.gov> wrote:
> The lsm_audit code is only required when CONFIG_SECURITY is enabled.
> It does not have a build dependency on CONFIG_AUDIT since audit.h
> provides trivial static inlines for audit_log*() when CONFIG_AUDIT
> is disabled. Hence, the Makefile should only add lsm_audit to the
> obj lists based on CONFIG_SECURITY, not CONFIG_AUDIT.
>
> Fixes: 59438b46471a ("security,lockdown,selinux: implement SELinux lockdown")
> Signed-off-by: Stephen Smalley <sds at tycho.nsa.gov>
> ---
> security/Makefile | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Merged into selinux/next in order to fix the linux-next build
breakage. James, if you would prefer a different fix, let us know.
> diff --git a/security/Makefile b/security/Makefile
> index be1dd9d2cb2f..746438499029 100644
> --- a/security/Makefile
> +++ b/security/Makefile
> @@ -22,7 +22,7 @@ obj-$(CONFIG_SECURITY) += security.o
> obj-$(CONFIG_SECURITYFS) += inode.o
> obj-$(CONFIG_SECURITY_SELINUX) += selinux/
> obj-$(CONFIG_SECURITY_SMACK) += smack/
> -obj-$(CONFIG_AUDIT) += lsm_audit.o
> +obj-$(CONFIG_SECURITY) += lsm_audit.o
> obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/
> obj-$(CONFIG_SECURITY_APPARMOR) += apparmor/
> obj-$(CONFIG_SECURITY_YAMA) += yama/
> --
> 2.23.0
--
paul moore
www.paul-moore.com
More information about the Linux-security-module-archive
mailing list