Re: [RFC PATCH 0/5] Overhaul the audit filename handling

[Paul Moore <pmoore@redhat.com>]

On Thursday, January 08, 2015 11:50:23 AM Paul Moore wrote:
> There have been some patches added to v3.19-rcX to fix various
> problems in the way audit handles filenames but they have been hacks
> on top of hacks, not really something we want long term.  This
> patchset reworks the way audit handles filenames, removing a lot of
> nasty hacks added recently, and fixing a few bugs that still remain.
> 
> Most significant to folks outside of audit, patch 5/5 does away with
> the nasty getname()/putname() kludge in favor of a less ugly reference
> count approach.
> 
> Comments and feedback are welcome.  If nothing ugly pops up on review
> I'll see if Linus is interested in taking this for the next v3.19-rcX
> release, otherwise I'll toss it into linux-next for v3.20.
> 
> -Paul
> 
> ---
> 
> Paul Moore (5):
>       fs: rework getname_kernel to handle up to PATH_MAX sized filenames
>       fs: create proper filename objects using getname_kernel()
>       audit: enable filename recording via getname_kernel()
>       audit: fix filename matching in __audit_inode() and
>              __audit_inode_child()
>       audit: replace getname()/putname() hacks with reference counters
> 
> 
>  fs/exec.c             |   11 +++
>  fs/namei.c            |   98 ++++++++++++++++++-----------
>  fs/open.c             |   11 +++
>  include/linux/audit.h |    3 -
>  include/linux/fs.h    |    9 +--
>  kernel/audit.h        |   17 +----
>  kernel/auditsc.c      |  167 ++++++++-------------------------------------
>  7 files changed, 115 insertions(+), 201 deletions(-)

Al/fs dev: any chance you guys can take a quick look at the fs relevant 
portions of this patchset and give it a ACK/NACK?  I'll carry the patchset in 
the audit tree, but I'd like to see a thumbs up from someone in fs land before 
I merge these patches.

Thanks,
-Paul

-- 
paul moore
security @ redhat