From: Amy Griffis <amy.griffis@hp.com>
To: linux-audit@redhat.com
Subject: [PATCH git] revert audit_netlink_mutex change in filesystem audit patch
Date: Wed, 26 Apr 2006 19:49:02 -0400 [thread overview]
Message-ID: <20060426234902.GA31862@zk3.dec.com> (raw)
Replacing the audit_netlink_mutex with audit_add_rm_mutex wasn't a
good idea, so put it back. While we're at it, use a more descriptive
name.
Please fold in with lspp.b8 d4bae8540266d609990e7c60acaca488c9ee45c2.
Signed-off-by: Amy Griffis <amy.griffis@hp.com>
--
audit.c | 6 ++++++
auditfilter.c | 12 ------------
2 files changed, 6 insertions(+), 12 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 7addbf9..0246f44 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -118,6 +118,9 @@ static struct task_struct *kauditd_task;
static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait);
+/* Serialize requests from userspace. */
+DEFINE_MUTEX(audit_cmd_mutex);
+
/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
* audit records. Since printk uses a 1024 byte buffer, this buffer
* should be at least that large. */
@@ -628,11 +631,14 @@ static void audit_receive(struct sock *s
struct sk_buff *skb;
unsigned int qlen;
+ mutex_lock(&audit_cmd_mutex);
+
for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) {
skb = skb_dequeue(&sk->sk_receive_queue);
audit_receive_skb(skb);
kfree_skb(skb);
}
+ mutex_unlock(&audit_cmd_mutex);
}
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index eb102ff..d056173 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -41,13 +41,6 @@ #include "audit.h"
* must be copied and replace their counterparts in the filterlist.
* An audit_parent struct is not accessed during filtering, so may
* be written directly provided audit_filter_mutex is held.
- *
- * audit_add_rm_mutex:
- * Prevents a removal request for a rule that is currently being
- * added. The audit_filter_mutex must be dropped to do some parts
- * of add/remove processing, so may not be used for this purpose.
- * This situation could be mitigated by referencing rules by id
- * numbers.
*/
/*
@@ -99,7 +92,6 @@ #endif
};
DEFINE_MUTEX(audit_filter_mutex);
-DEFINE_MUTEX(audit_add_rm_mutex);
/* Inotify handle */
extern struct inotify_handle *audit_ih;
@@ -1193,10 +1185,8 @@ int audit_receive_filter(int type, int p
if (IS_ERR(entry))
return PTR_ERR(entry);
- mutex_lock(&audit_add_rm_mutex);
err = audit_add_rule(entry,
&audit_filter_list[entry->rule.listnr]);
- mutex_unlock(&audit_add_rm_mutex);
if (sid) {
char *ctx = NULL;
@@ -1228,10 +1218,8 @@ int audit_receive_filter(int type, int p
if (IS_ERR(entry))
return PTR_ERR(entry);
- mutex_lock(&audit_add_rm_mutex);
err = audit_del_rule(entry,
&audit_filter_list[entry->rule.listnr]);
- mutex_unlock(&audit_add_rm_mutex);
if (sid) {
char *ctx = NULL;
reply other threads:[~2006-04-26 23:49 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060426234902.GA31862@zk3.dec.com \
--to=amy.griffis@hp.com \
--cc=linux-audit@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox