From mboxrd@z Thu Jan  1 00:00:00 1970
From: Amy Griffis <amy.griffis@hp.com>
Subject: Re: [PATCH git 3/3] make audit_del_rule() use audit_find_rule()
Date: Mon, 5 Jun 2006 13:46:45 -0400
Message-ID: <20060605174645.GD24778@zk3.dec.com>
References: <20060605174105.GA24778@zk3.dec.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <linux-audit-bounces@redhat.com>
Content-Disposition: inline
In-Reply-To: <20060605174105.GA24778@zk3.dec.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

Now that we've added audit_find_rule(), make audit_del_rule() use it
too.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>

---

 kernel/auditfilter.c |  101 +++++++++++++++++++-------------------------------
 1 files changed, 39 insertions(+), 62 deletions(-)

49331df422d7d3f7b1d387c4373bb3113f45f04d
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 3cedc73..461f404 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -1102,83 +1102,60 @@ error:
 	return err;
 }
 
-/* Rule removal helper.
- * Caller must hold audit_filter_mutex. */
-static inline int audit_do_del_rule(struct audit_entry *entry,
-				    struct list_head *list,
-				    struct list_head *inotify_list)
+/* Remove an existing rule from filterlist. */
+static inline int audit_del_rule(struct audit_entry *entry,
+				 struct list_head *list)
 {
 	struct audit_entry  *e;
+	struct audit_field *inode_f = entry->rule.inode_f;
+	struct audit_watch *watch, *tmp_watch = entry->rule.watch;
+	LIST_HEAD(inotify_list);
+	int h, ret = 0;
 
-	list_for_each_entry(e, list, list) {
-		struct audit_watch *watch = e->rule.watch;
+	if (inode_f) {
+		h = audit_hash_ino(inode_f->val);
+		list = &audit_inode_hash[h];
+	}
 
-		if (audit_compare_rule(&entry->rule, &e->rule))
-			continue;
+	mutex_lock(&audit_filter_mutex);
+	e = audit_find_rule(entry, list);
+	if (!e) {
+		mutex_unlock(&audit_filter_mutex);
+		ret = -ENOENT;
+		goto out;
+	}
 
-		if (watch) {
-			struct audit_parent *parent = watch->parent;
+	watch = e->rule.watch;
+	if (watch) {
+		struct audit_parent *parent = watch->parent;
 
-			list_del(&e->rule.rlist);
+		list_del(&e->rule.rlist);
 
-			if (list_empty(&watch->rules)) {
-				audit_remove_watch(watch);
+		if (list_empty(&watch->rules)) {
+			audit_remove_watch(watch);
 
-				if (list_empty(&parent->watches)) {
-					/* Put parent on the inotify
-					 * un-registration list.  Grab
-					 * a reference before releasing
-					 * audit_filter_mutex, to be released in
-					 * audit_inotify_unregister(). */
-					list_add(&parent->ilist, inotify_list);
-					get_inotify_watch(&parent->wdata);
-				}
+			if (list_empty(&parent->watches)) {
+				/* Put parent on the inotify un-registration
+				 * list.  Grab a reference before releasing
+				 * audit_filter_mutex, to be released in
+				 * audit_inotify_unregister(). */
+				list_add(&parent->ilist, &inotify_list);
+				get_inotify_watch(&parent->wdata);
 			}
 		}
-
-		list_del_rcu(&e->list);
-		call_rcu(&e->rcu, audit_free_rule_rcu);
-
-		return 0;
 	}
-	return -ENOENT;		/* No matching rule */
-}
 
-/* Remove an existing rule from filterlist. */
-static inline int audit_del_rule(struct audit_entry *entry,
-				 struct list_head *list)
-{
-	int h, ret;
-	struct audit_field *inode_f = entry->rule.inode_f;
-	struct audit_watch *watch = entry->rule.watch;
-	LIST_HEAD(inotify_list);
+	list_del_rcu(&e->list);
+	call_rcu(&e->rcu, audit_free_rule_rcu);
 
-	if (watch) {
-		mutex_lock(&audit_filter_mutex);
-		/* we don't know the inode number, so must walk entire hash */
-		for (h = 0; h < AUDIT_INODE_BUCKETS; h++) {
-			list = &audit_inode_hash[h];
-			ret = audit_do_del_rule(entry, list, &inotify_list);
-			if (!ret)
-				break;
-		}
-		mutex_unlock(&audit_filter_mutex);
-
-		if (!list_empty(&inotify_list))
-			audit_inotify_unregister(&inotify_list);
+	mutex_unlock(&audit_filter_mutex);
 
-		/* match initial get for tmp watch */
-		audit_put_watch(watch);
+	if (!list_empty(&inotify_list))
+		audit_inotify_unregister(&inotify_list);
 
-	} else {
-		if (inode_f) {
-			h = audit_hash_ino(inode_f->val);
-			list = &audit_inode_hash[h];
-		}
-		mutex_lock(&audit_filter_mutex);
-		ret = audit_do_del_rule(entry, list, &inotify_list);
-		mutex_unlock(&audit_filter_mutex);
-	}
+out:
+	if (tmp_watch)
+		audit_put_watch(tmp_watch); /* match initial get */
 
 	return ret;
 }
-- 
1.3.0