* [PATCH] kernel/auditfilter.c: need process 'tree' when audit_add_watch() failed in audit_add_rule().
@ 2013-05-10 10:12 Chen Gang
2013-05-22 21:18 ` Andrew Morton
0 siblings, 1 reply; 3+ messages in thread
From: Chen Gang @ 2013-05-10 10:12 UTC (permalink / raw)
To: Andrew Morton; +Cc: Al Viro, Eric Paris, linux-kernel
If both 'tree' and 'watch' are valid, need call audit_put_tree(), just
like the upper area has done within function audit_add_rule().
Signed-off-by: Chen Gang <gang.chen@asianux.com>
---
kernel/auditfilter.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index f9fc54b..81f63f9 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -952,6 +952,12 @@ static inline int audit_add_rule(struct audit_entry *entry)
err = audit_add_watch(&entry->rule, &list);
if (err) {
mutex_unlock(&audit_filter_mutex);
+ /*
+ * normally audit_add_tree_rule() will free it
+ * on failure
+ */
+ if (tree)
+ audit_put_tree(tree);
goto error;
}
}
--
1.7.7.6
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] kernel/auditfilter.c: need process 'tree' when audit_add_watch() failed in audit_add_rule().
2013-05-10 10:12 [PATCH] kernel/auditfilter.c: need process 'tree' when audit_add_watch() failed in audit_add_rule() Chen Gang
@ 2013-05-22 21:18 ` Andrew Morton
2013-05-23 1:29 ` Chen Gang
0 siblings, 1 reply; 3+ messages in thread
From: Andrew Morton @ 2013-05-22 21:18 UTC (permalink / raw)
To: Chen Gang; +Cc: Al Viro, Eric Paris, linux-kernel
On Fri, 10 May 2013 18:12:26 +0800 Chen Gang <gang.chen@asianux.com> wrote:
>
> If both 'tree' and 'watch' are valid, need call audit_put_tree(), just
> like the upper area has done within function audit_add_rule().
>
> Signed-off-by: Chen Gang <gang.chen@asianux.com>
> ---
> kernel/auditfilter.c | 6 ++++++
> 1 files changed, 6 insertions(+), 0 deletions(-)
>
> diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
> index f9fc54b..81f63f9 100644
> --- a/kernel/auditfilter.c
> +++ b/kernel/auditfilter.c
> @@ -952,6 +952,12 @@ static inline int audit_add_rule(struct audit_entry *entry)
> err = audit_add_watch(&entry->rule, &list);
> if (err) {
> mutex_unlock(&audit_filter_mutex);
> + /*
> + * normally audit_add_tree_rule() will free it
> + * on failure
> + */
> + if (tree)
> + audit_put_tree(tree);
> goto error;
> }
> }
Are you sure? Or is the earlier audit_put_tree(tree) wrong?
Where is the "get" which this "put" is undoing?
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] kernel/auditfilter.c: need process 'tree' when audit_add_watch() failed in audit_add_rule().
2013-05-22 21:18 ` Andrew Morton
@ 2013-05-23 1:29 ` Chen Gang
0 siblings, 0 replies; 3+ messages in thread
From: Chen Gang @ 2013-05-23 1:29 UTC (permalink / raw)
To: Andrew Morton; +Cc: Al Viro, Eric Paris, linux-kernel
On 05/23/2013 05:18 AM, Andrew Morton wrote:
> On Fri, 10 May 2013 18:12:26 +0800 Chen Gang <gang.chen@asianux.com> wrote:
>
>> >
>> > If both 'tree' and 'watch' are valid, need call audit_put_tree(), just
>> > like the upper area has done within function audit_add_rule().
>> >
>> > Signed-off-by: Chen Gang <gang.chen@asianux.com>
>> > ---
>> > kernel/auditfilter.c | 6 ++++++
>> > 1 files changed, 6 insertions(+), 0 deletions(-)
>> >
>> > diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
>> > index f9fc54b..81f63f9 100644
>> > --- a/kernel/auditfilter.c
>> > +++ b/kernel/auditfilter.c
>> > @@ -952,6 +952,12 @@ static inline int audit_add_rule(struct audit_entry *entry)
>> > err = audit_add_watch(&entry->rule, &list);
>> > if (err) {
>> > mutex_unlock(&audit_filter_mutex);
>> > + /*
>> > + * normally audit_add_tree_rule() will free it
>> > + * on failure
>> > + */
>> > + if (tree)
>> > + audit_put_tree(tree);
>> > goto error;
>> > }
>> > }
> Are you sure? Or is the earlier audit_put_tree(tree) wrong?
>
Yes I am sure.
Since audit_add_tree_rule() will really free it on failure, we have to
be sure to free it in another area within audit_add_rule().
> Where is the "get" which this "put" is undoing?
>
>
"Allocating tree" is the "get", this "put" will really free the tree.
Thanks.
--
Chen Gang
Asianux Corporation
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-05-23 1:30 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-05-10 10:12 [PATCH] kernel/auditfilter.c: need process 'tree' when audit_add_watch() failed in audit_add_rule() Chen Gang
2013-05-22 21:18 ` Andrew Morton
2013-05-23 1:29 ` Chen Gang
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).