---

yaml
---
r: 313615
b: refs/heads/master
c: 417c6c8
h: refs/heads/master
i:
  313613: bdd78e3
  313611: bb30063
  313607: c50d7d7
  313599: 33d50d7
v: v3

[refs]

@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 7ff2267af595e642f1009198ab49e86a239148fa
+refs/heads/master: 417c6c8ee2eb6975f357d8975af94ba5fbeaf82d

trunk/security/integrity/ima/Kconfig

@@ -38,8 +38,9 @@ config IMA_MEASURE_PCR_IDX
 	  measurement list.  If unsure, use the default 10.
 
 config IMA_AUDIT
-	bool
+	bool "Enables auditing support"
 	depends on IMA
+	depends on AUDIT
 	default y
 	help
 	  This option adds a kernel parameter 'ima_audit', which

trunk/security/integrity/ima/Makefile

@@ -6,4 +6,5 @@
 obj-$(CONFIG_IMA) += ima.o
 
 ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \
-	 ima_policy.o ima_audit.o
+	 ima_policy.o
+ima-$(CONFIG_IMA_AUDIT) += ima_audit.o

trunk/security/integrity/ima/ima.h

@@ -61,10 +61,19 @@ struct ima_queue_entry {
 };
 extern struct list_head ima_measurements;	/* list of all measurements */
 
+#ifdef CONFIG_IMA_AUDIT
 /* declarations */
 void integrity_audit_msg(int audit_msgno, struct inode *inode,
 			 const unsigned char *fname, const char *op,
 			 const char *cause, int result, int info);
+#else
+static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
+				       const unsigned char *fname,
+				       const char *op, const char *cause,
+				       int result, int info)
+{
+}
+#endif
 
 /* Internal IMA function definitions */
 int ima_init(void);

trunk/security/integrity/ima/ima_audit.c

@@ -17,8 +17,6 @@
 
 static int ima_audit;
 
-#ifdef CONFIG_IMA_AUDIT
-
 /* ima_audit_setup - enable informational auditing messages */
 static int __init ima_audit_setup(char *str)
 {
@@ -29,7 +27,6 @@ static int __init ima_audit_setup(char *str)
 	return 1;
 }
 __setup("ima_audit=", ima_audit_setup);
-#endif
 
 void integrity_audit_msg(int audit_msgno, struct inode *inode,
 			 const unsigned char *fname, const char *op,