On Tue, Dec 13, 2016 at 8:00 PM, Richard Guy Briggs <r...@redhat.com> wrote: > On 2016-12-13 16:19, Cong Wang wrote: >> On Tue, Dec 13, 2016 at 7:03 AM, Richard Guy Briggs <r...@redhat.com> wrote: >> > @@ -1283,8 +1299,10 @@ static void __net_exit audit_net_exit(struct net >> > *net) >> > { >> > struct audit_net *aunet = net_generic(net, audit_net_id); >> > struct sock *sock = aunet->nlsk; >> > + mutex_lock(&audit_cmd_mutex); >> > if (sock == audit_sock) >> > auditd_reset(); >> > + mutex_unlock(&audit_cmd_mutex); >> >> This still doesn't look correct to me, b/c here we release the audit_sock >> refcnt twice: >> >> 1) inside audit_reset() > > The audit_reset() refcount decrement corresponds to a setting of > audit_sock only if audit_sock is still non-NULL. >
Hmm, thinking about it again, looks like the sock == audit_sock and audit_sock != NULL checks can guarantee we are safe. So, Reviewed-by: Cong Wang <xiyou.wangc...@gmail.com>