From mboxrd@z Thu Jan  1 00:00:00 1970
From: Amy Griffis <amy.griffis@hp.com>
Subject: [PATCH git] filesystem audit patch fixes
Date: Mon, 1 May 2006 19:37:59 -0400
Message-ID: <20060501233759.GA26340@zk3.dec.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <linux-audit-bounces@redhat.com>
Content-Disposition: inline
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

A couple of fixes for the filesystem auditing patch:
    - make audit_filter_mutex static
    - always release nameidata

Please fold in with lspp.b9 dcdb3920a1393e88b65d086f6f3f42181ad02816.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>

--

 auditfilter.c |   14 ++++++++------
 1 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 35dca7e..02039bb 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -91,7 +91,7 @@ #error Fix audit_filter_list initialiser
 #endif
 };
 
-DEFINE_MUTEX(audit_filter_mutex);
+static DEFINE_MUTEX(audit_filter_mutex);
 
 /* Inotify handle */
 extern struct inotify_handle *audit_ih;
@@ -953,7 +953,7 @@ static inline int audit_add_rule(struct 
 	struct audit_watch *watch = entry->rule.watch;
 	struct nameidata *ndp, *ndw;
 	LIST_HEAD(inotify_list);
-	int err;
+	int err, putnd_needed = 0;
 
 	/* Taking audit_filter_mutex protects from stale rule data. */
 	mutex_lock(&audit_filter_mutex);
@@ -971,16 +971,15 @@ static inline int audit_add_rule(struct 
 		err = audit_get_nd(watch->path, &ndp, &ndw);
 		if (err)
 			goto error;
+		putnd_needed = 1;
 	}
 
 	mutex_lock(&audit_filter_mutex);
 	if (watch) {
 		/* audit_filter_mutex is dropped and re-taken during this call */
 		err = audit_add_watch(&entry->rule, ndp, ndw, &inotify_list);
-		if (err) {
-			audit_put_nd(ndp, ndw);
+		if (err)
 			goto error;
-		}
 	}
 
 	if (entry->rule.flags & AUDIT_FILTER_PREPEND) {
@@ -994,12 +993,15 @@ static inline int audit_add_rule(struct 
 		err = audit_inotify_register(ndp, &inotify_list);
 		if (err)
 			goto error;
-		audit_put_nd(ndp, ndw);
 	}
+	if (putnd_needed)
+		audit_put_nd(ndp, ndw);
 
  	return 0;
 
 error:
+	if (putnd_needed)
+		audit_put_nd(ndp, ndw);
 	if (watch)
 		audit_put_watch(watch); /* tmp watch, matches initial get */
 	return err;