On Mon, Jul 23, 2018 at 3:40 PM Richard Guy Briggs <[email protected]> wrote: > On 2018-07-20 18:17, Paul Moore wrote: > > There are many places, notably audit_log_task_info() and > > audit_log_exit(), that take task_struct pointers but in reality they > > are always working on the current task. This patch eliminates the > > task_struct arguments and uses current directly which allows a number > > of cleanups as well. > > I came across and removed a several in the audit task struct cleanup, > but it looks like you've rebased over those and caught a few more.
I just based this patch against audit/next to make life easier. Since the earliest it would possibly go into the audit tree would be after the next merge window it will likely get rebased/merged again. If there is another patch that does some of this work and gets merged first, awesome, if not, that's fine too. > I'm fine with delaying setting task's context to NULL for > __audit_free(). Yeah, it really shouldn't matter when it happens in __audit_free() as we should be the only ones who are touching that task_struct at that point in time. > Why was the context originally taken for __audit_syscall_exit() and > given back once the syscall event records have been issued? Is there a > possible race with something else? That was a bit bizarre, wasn't it? There shouldn't be a race condition as the audit_context is private to the individual task and at the point in time where __audit_syscall_exit() is being called we shouldn't have to worry about other things hitting the task_struct. If anything, this patch should actually make things better by not setting the current->context to NULL at the start of __audit_syscall_exit() only to reset it back to the original value at the end (the audit_take_context() function, and it's relationship with audit_log_exit() was ... odd ... and that is me being kind). I'm chalking this up to "audit being audit" :/ > > Signed-off-by: Paul Moore <[email protected]> > > Otherwise, this cleanup looks like a good simplification. > Reviewed-by: Richard Guy Briggs <[email protected]> Diffstats that remove more lines than they add always make me happy. Thanks for taking a look. It boots and passes our tests but I still haven't convinced myself all those changes are correct. I'll send a note if/when it gets merged, but like I said that won't happen until after the merge window closes as we are at -rc6 right now. -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
