On Fri, Apr 28, 2017 at 3:27 PM, Paul Moore <[email protected]> wrote: > On Fri, Apr 28, 2017 at 12:13 PM, Paul Moore <[email protected]> wrote: >> On Fri, Apr 28, 2017 at 12:09 PM, Paul Moore <[email protected]> wrote: >>> From: Paul Moore <[email protected]> >>> >>> Cong Wang correctly pointed out that the RCU read locking of the >>> auditd_connection struct was wrong, this patch correct this by >>> adopting a more traditional, and correct RCU locking model. >>> >>> This patch is heavily based on an earlier prototype by Cong Wang. >>> >>> [XXX: Cong Wang, as mentioned previously, I'd like to add your >>> sign-off; please let me know if that is okay with you.] >>> >>> Cc: <[email protected]> # 4.11.x-: 264d509637d9 >>> Reported-by: Cong Wang <[email protected]> >>> ??!! -> Signed-off-by: Cong Wang <[email protected]> >>> Signed-off-by: Paul Moore <[email protected]> >>> --- >>> kernel/audit.c | 157 >>> ++++++++++++++++++++++++++++++++++++-------------------- >>> 1 file changed, 100 insertions(+), 57 deletions(-) >> >> A quick note that I haven't tested this yet, I'm in the process of >> building a kernel now, I just wanted to send this out early to in case >> anyone noticed anything incredibly stupid. > > I've booted the patch a few times, and run audit-testsuite and > selinux-testsuite against it without problem. I'm currently hitting > the system with a constant stream of audit records while I restart the > audit daemon every five seconds, ~15m and everything still appears to > be working correctly. > > In case anyone wants to play with a Fedora kernel build, you can get a > pre-built binary here for x86_64: > > https://copr.fedorainfracloud.org/coprs/pcmoore/kernel-testing/build/544810
As a FYI, I've just merged this patch into audit/next and rebased the branch onto v4.11 as previously discussed. I'm going to do some final testing of the branch and expect to send the PR to Linux in a day or two. -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
