From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paul Moore Subject: Re: [PATCH V6 1/2] audit: eliminate unnecessary extra layer of watch references Date: Thu, 16 Jul 2015 16:13:33 -0400 Message-ID: <2780197.VSVkCiSN5s@sifl> References: <83de0ec5dd6ba510a66bd4a3aa2988b7617cd621.1435723005.git.rgb@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7Bit Return-path: In-Reply-To: <83de0ec5dd6ba510a66bd4a3aa2988b7617cd621.1435723005.git.rgb@redhat.com> Sender: linux-kernel-owner@vger.kernel.org To: Richard Guy Briggs Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org, sgrubb@redhat.com List-Id: linux-audit@redhat.com On Tuesday, July 14, 2015 11:40:41 AM Richard Guy Briggs wrote: > The audit watch count was imbalanced, adding an unnecessary layer of watch > references. Only add the second reference when it is added to a parent. > > Signed-off-by: Richard Guy Briggs > --- > kernel/audit_watch.c | 5 ++--- > kernel/auditfilter.c | 9 --------- > 2 files changed, 2 insertions(+), 12 deletions(-) Nice catch, we never needed that extra refcnt bump in audit_to_watch(). One minor comment below... > diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c > index 72e1660..74cc077 100644 > --- a/kernel/auditfilter.c > +++ b/kernel/auditfilter.c > @@ -549,8 +549,6 @@ exit_nofree: > return entry; > > exit_free: > - if (entry->rule.watch) > - audit_put_watch(entry->rule.watch); /* matches initial get */ > if (entry->rule.tree) > audit_put_tree(entry->rule.tree); /* that's the temporary one */ > audit_free_rule(entry); > @@ -933,11 +931,7 @@ static inline int audit_add_rule(struct audit_entry > *entry) #endif > mutex_unlock(&audit_filter_mutex); > > - return 0; > - > error: > - if (watch) > - audit_put_watch(watch); /* tmp watch, matches initial get */ > return err; > } Since the error label is now just a "return err;", how about removing the label entirely and replacing the gotos with returns? -- paul moore security @ redhat