[PATCH git] revert audit_netlink_mutex change in filesystem audit patch

Wed, 26 Apr 2006 16:49:19 -0700 

Replacing the audit_netlink_mutex with audit_add_rm_mutex wasn't a
good idea, so put it back.  While we're at it, use a more descriptive
name.

Please fold in with lspp.b8 d4bae8540266d609990e7c60acaca488c9ee45c2.

Signed-off-by: Amy Griffis <[EMAIL PROTECTED]>

--

 audit.c       |    6 ++++++
 auditfilter.c |   12 ------------
 2 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index 7addbf9..0246f44 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -118,6 +118,9 @@ static struct task_struct *kauditd_task;
 static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
 static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait);
 
+/* Serialize requests from userspace. */
+DEFINE_MUTEX(audit_cmd_mutex);
+
 /* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
  * audit records.  Since printk uses a 1024 byte buffer, this buffer
  * should be at least that large. */
@@ -628,11 +631,14 @@ static void audit_receive(struct sock *s
        struct sk_buff  *skb;
        unsigned int qlen;
 
+       mutex_lock(&audit_cmd_mutex);
+
        for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) {
                skb = skb_dequeue(&sk->sk_receive_queue);
                audit_receive_skb(skb);
                kfree_skb(skb);
        }
+       mutex_unlock(&audit_cmd_mutex);
 }
 
 
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index eb102ff..d056173 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -41,13 +41,6 @@ #include "audit.h"
  *             must be copied and replace their counterparts in the filterlist.
  *             An audit_parent struct is not accessed during filtering, so may
  *             be written directly provided audit_filter_mutex is held.
- *
- * audit_add_rm_mutex:
- *             Prevents a removal request for a rule that is currently being
- *             added.  The audit_filter_mutex must be dropped to do some parts
- *             of add/remove processing, so may not be used for this purpose.
- *             This situation could be mitigated by referencing rules by id
- *             numbers.
  */
 
 /*
@@ -99,7 +92,6 @@ #endif
 };
 
 DEFINE_MUTEX(audit_filter_mutex);
-DEFINE_MUTEX(audit_add_rm_mutex);
 
 /* Inotify handle */
 extern struct inotify_handle *audit_ih;
@@ -1193,10 +1185,8 @@ int audit_receive_filter(int type, int p
                if (IS_ERR(entry))
                        return PTR_ERR(entry);
 
-               mutex_lock(&audit_add_rm_mutex);
                err = audit_add_rule(entry,
                                     &audit_filter_list[entry->rule.listnr]);
-               mutex_unlock(&audit_add_rm_mutex);
 
                if (sid) {
                        char *ctx = NULL;
@@ -1228,10 +1218,8 @@ int audit_receive_filter(int type, int p
                if (IS_ERR(entry))
                        return PTR_ERR(entry);
 
-               mutex_lock(&audit_add_rm_mutex);
                err = audit_del_rule(entry,
                                     &audit_filter_list[entry->rule.listnr]);
-               mutex_unlock(&audit_add_rm_mutex);
 
                if (sid) {
                        char *ctx = NULL;

--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit

Reply via email to