* Re: [bug report] audit: log nftables configuration change events
[not found] <20200626102242.GA313925@mwanda>
@ 2020-06-27 17:35 ` Richard Guy Briggs
0 siblings, 0 replies; only message in thread
From: Richard Guy Briggs @ 2020-06-27 17:35 UTC (permalink / raw)
To: Dan Carpenter; +Cc: linux-audit, netfilter-devel
On 2020-06-26 13:22, Dan Carpenter wrote:
> Hello Richard Guy Briggs,
>
> The patch 8e6cf365e1d5: "audit: log nftables configuration change
> events" from Jun 4, 2020, leads to the following static checker
> warning:
>
> net/netfilter/nf_tables_api.c:6160 nft_obj_notify()
> warn: use 'gfp' here instead of GFP_XXX?
>
> net/netfilter/nf_tables_api.c
> 6153 void nft_obj_notify(struct net *net, const struct nft_table *table,
> 6154 struct nft_object *obj, u32 portid, u32 seq, int event,
> 6155 int family, int report, gfp_t gfp)
> ^^^^^^^^^
> 6156 {
> 6157 struct sk_buff *skb;
> 6158 int err;
> 6159 char *buf = kasprintf(GFP_KERNEL, "%s:%llu;?:0",
> ^^^^^^^^^^
> This should probably be "gfp".
Agreed, nice catch. Checking other similar uses from that patch
leads me to another bug and the need to extend audit_log_nfcfg() to
accept a GFP flag. Patch coming...
> 6160 table->name, table->handle);
> 6161
> 6162 audit_log_nfcfg(buf,
> 6163 family,
> 6164 obj->handle,
> 6165 event == NFT_MSG_NEWOBJ ?
> 6166 AUDIT_NFT_OP_OBJ_REGISTER :
> 6167 AUDIT_NFT_OP_OBJ_UNREGISTER);
> 6168 kfree(buf);
> 6169
> 6170 if (!report &&
> 6171 !nfnetlink_has_listeners(net, NFNLGRP_NFTABLES))
> 6172 return;
> 6173
> 6174 skb = nlmsg_new(NLMSG_GOODSIZE, gfp);
> ^^^
>
> 6175 if (skb == NULL)
> 6176 goto err;
> 6177
> 6178 err = nf_tables_fill_obj_info(skb, net, portid, seq, event, 0, family,
> 6179 table, obj, false);
> 6180 if (err < 0) {
> 6181 kfree_skb(skb);
> 6182 goto err;
> 6183 }
> 6184
> 6185 nfnetlink_send(skb, net, portid, NFNLGRP_NFTABLES, report, gfp);
> 6186 return;
> 6187 err:
> 6188 nfnetlink_set_err(net, portid, NFNLGRP_NFTABLES, -ENOBUFS);
> 6189 }
>
> regards,
> dan carpenter
- RGB
--
Richard Guy Briggs <rgb@redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-06-27 17:35 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20200626102242.GA313925@mwanda>
2020-06-27 17:35 ` [bug report] audit: log nftables configuration change events Richard Guy Briggs
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).