A couple of fixes for the filesystem auditing patch:
- make audit_filter_mutex static
- always release nameidata
Please fold in with lspp.b9 dcdb3920a1393e88b65d086f6f3f42181ad02816.
Signed-off-by: Amy Griffis <[EMAIL PROTECTED]>
--
auditfilter.c | 14 ++++++++------
1 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 35dca7e..02039bb 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -91,7 +91,7 @@ #error Fix audit_filter_list initialiser
#endif
};
-DEFINE_MUTEX(audit_filter_mutex);
+static DEFINE_MUTEX(audit_filter_mutex);
/* Inotify handle */
extern struct inotify_handle *audit_ih;
@@ -953,7 +953,7 @@ static inline int audit_add_rule(struct
struct audit_watch *watch = entry->rule.watch;
struct nameidata *ndp, *ndw;
LIST_HEAD(inotify_list);
- int err;
+ int err, putnd_needed = 0;
/* Taking audit_filter_mutex protects from stale rule data. */
mutex_lock(&audit_filter_mutex);
@@ -971,16 +971,15 @@ static inline int audit_add_rule(struct
err = audit_get_nd(watch->path, &ndp, &ndw);
if (err)
goto error;
+ putnd_needed = 1;
}
mutex_lock(&audit_filter_mutex);
if (watch) {
/* audit_filter_mutex is dropped and re-taken during this call
*/
err = audit_add_watch(&entry->rule, ndp, ndw, &inotify_list);
- if (err) {
- audit_put_nd(ndp, ndw);
+ if (err)
goto error;
- }
}
if (entry->rule.flags & AUDIT_FILTER_PREPEND) {
@@ -994,12 +993,15 @@ static inline int audit_add_rule(struct
err = audit_inotify_register(ndp, &inotify_list);
if (err)
goto error;
- audit_put_nd(ndp, ndw);
}
+ if (putnd_needed)
+ audit_put_nd(ndp, ndw);
return 0;
error:
+ if (putnd_needed)
+ audit_put_nd(ndp, ndw);
if (watch)
audit_put_watch(watch); /* tmp watch, matches initial get */
return err;
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
