[patch] fix syscall speedup patch mips typo

[Linda Knippers]

Stephen Smalley wrote:
> On Wed, 2006-03-15 at 15:14 -0500, Steve Grubb wrote:
>>> I can understand wanting to optimize the code when there are no audit
>>> rules (although one could optimize it by disabling audit)
>> No because then you lose the avc messages going to the audit system.
> 
> You should be able to disable syscall auditing while leaving the base
> audit framework enabled, so you'd still get avc messages, just no
> syscall audit messages.  It used to work that way, don't know for
> certain for the current situation.  In fact, unless you enabled syscall
> auditing via audit=1 or auditctl, it used to be the case that you would
> only get avc messages.

When I disable syscall auditing via auditctl, I get the avc messages
in the audit log, but I also occasionally get the partial record, which
shows up for me as UNKNOWN because my user-space tools are old.

type=AVC msg=audit(1142454769.018:874): avc:  denied  { read } for 
pid=23886 comm="lpq" name="lpoptions" dev=dm-0 ino=4523611 
scontext=system_u:system_r:initrc_t:s15:c0.c255 
tcontext=root:object_r:cupsd_etc_t:s0 tclass=file
type=AVC msg=audit(0.000:765): avc:  denied  { use } for  pid=9321 
comm="bash" name="3" dev=devpts ino=5 
scontext=system_u:system_r:initrc_t:s15:c0.c255 
tcontext=system_u:system_r:initrc_t:s0-s15:c0.c255 tclass=fd
type=UNKNOWN[1310] msg=audit(0.000:765):  success=yes exit=1 items=0 
pid=9321 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts3 comm="bash" exe="/bin/bash" 
subj=system_u:system_r:initrc_t:s15:c0.c255
type=AVC_PATH msg=audit(0.000:765):  path="/dev/pts/3"

When we get a partial record, the timestamp and serial number are wrong.

-- ljk