[PATCH git] revert audit_netlink_mutex change in filesystem audit patch

public inbox for linux-audit@redhat.com
 help / color / mirror / Atom feed

* [PATCH git] revert audit_netlink_mutex change in filesystem audit patch
@ 2006-04-26 23:49 Amy Griffis
  0 siblings, 0 replies; only message in thread
From: Amy Griffis @ 2006-04-26 23:49 UTC (permalink / raw)
  To: linux-audit

Replacing the audit_netlink_mutex with audit_add_rm_mutex wasn't a
good idea, so put it back.  While we're at it, use a more descriptive
name.

Please fold in with lspp.b8 d4bae8540266d609990e7c60acaca488c9ee45c2.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>

--

 audit.c       |    6 ++++++
 auditfilter.c |   12 ------------
 2 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index 7addbf9..0246f44 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -118,6 +118,9 @@ static struct task_struct *kauditd_task;
 static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
 static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait);
 
+/* Serialize requests from userspace. */
+DEFINE_MUTEX(audit_cmd_mutex);
+
 /* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
  * audit records.  Since printk uses a 1024 byte buffer, this buffer
  * should be at least that large. */
@@ -628,11 +631,14 @@ static void audit_receive(struct sock *s
 	struct sk_buff  *skb;
 	unsigned int qlen;
 
+	mutex_lock(&audit_cmd_mutex);
+
 	for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) {
 		skb = skb_dequeue(&sk->sk_receive_queue);
 		audit_receive_skb(skb);
 		kfree_skb(skb);
 	}
+	mutex_unlock(&audit_cmd_mutex);
 }
 
 
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index eb102ff..d056173 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -41,13 +41,6 @@ #include "audit.h"
  * 		must be copied and replace their counterparts in the filterlist.
  * 		An audit_parent struct is not accessed during filtering, so may
  * 		be written directly provided audit_filter_mutex is held.
- *
- * audit_add_rm_mutex:
- * 		Prevents a removal request for a rule that is currently being
- * 		added.  The audit_filter_mutex must be dropped to do some parts
- * 		of add/remove processing, so may not be used for this purpose.
- * 		This situation could be mitigated by referencing rules by id
- * 		numbers.
  */
 
 /*
@@ -99,7 +92,6 @@ #endif
 };
 
 DEFINE_MUTEX(audit_filter_mutex);
-DEFINE_MUTEX(audit_add_rm_mutex);
 
 /* Inotify handle */
 extern struct inotify_handle *audit_ih;
@@ -1193,10 +1185,8 @@ int audit_receive_filter(int type, int p
 		if (IS_ERR(entry))
 			return PTR_ERR(entry);
 
-		mutex_lock(&audit_add_rm_mutex);
 		err = audit_add_rule(entry,
 				     &audit_filter_list[entry->rule.listnr]);
-		mutex_unlock(&audit_add_rm_mutex);
 
 		if (sid) {
 			char *ctx = NULL;
@@ -1228,10 +1218,8 @@ int audit_receive_filter(int type, int p
 		if (IS_ERR(entry))
 			return PTR_ERR(entry);
 
-		mutex_lock(&audit_add_rm_mutex);
 		err = audit_del_rule(entry,
 				     &audit_filter_list[entry->rule.listnr]);
-		mutex_unlock(&audit_add_rm_mutex);
 
 		if (sid) {
 			char *ctx = NULL;

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2006-04-26 23:49 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-04-26 23:49 [PATCH git] revert audit_netlink_mutex change in filesystem audit patch Amy Griffis

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox