From mboxrd@z Thu Jan 1 00:00:00 1970 From: Al Viro Subject: Re: [GIT PULL] Audit fixes for 3.19 #2 Date: Thu, 1 Jan 2015 00:01:49 +0000 Message-ID: <20150101000149.GP22149@ZenIV.linux.org.uk> References: <3159430.4MhUX0bhoZ@sifl> <3787508.5gHb8qD3XR@sifl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: <3787508.5gHb8qD3XR@sifl> Sender: linux-kernel-owner@vger.kernel.org To: Paul Moore Cc: Linus Torvalds , linux-audit@redhat.com, Linux Kernel Mailing List List-Id: linux-audit@redhat.com On Wed, Dec 31, 2014 at 05:08:12PM -0500, Paul Moore wrote: > The getname/putname hacks work in the normal file case, but it falls apart > when you start talking about AF_UNIX socket files where the filename string > doesn't go through the getname/putname refcount tricks. In the past (no idea > how far back this goes off the top of my head) this wasn't an issue since the > code which recorded the filenames in the audit records was broken, but since > we just "fixed" that problem, the AF_UNIX socket problem is now making an > appearance. > > At least that is how it looks to me right now, if I'm wrong about this and I'm > missing an obvious fix I'm all ears/eyes/etc. Umm... How about just adding a function that would be used instead of all those struct filename filename = { .name = name }; and created an object that would be destroyed later by putname()?