On Saturday, August 01, 2015 03:41:12 PM Richard Guy Briggs wrote:
> The audit watch count was imbalanced, adding an unnecessary layer of watch
> references. Only add the second reference when it is added to a parent.
>
> Signed-off-by: Richard Guy Briggs <r...@redhat.com>
> ---
> kernel/audit_watch.c | 5 ++---
> kernel/auditfilter.c | 16 +++-------------
> 2 files changed, 5 insertions(+), 16 deletions(-)
Merged. I'll push it out as soon as I finish up the reviews tonight.
> diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
> index 6e30024..f33f54c 100644
> --- a/kernel/audit_watch.c
> +++ b/kernel/audit_watch.c
> @@ -203,7 +203,6 @@ int audit_to_watch(struct audit_krule *krule, char
> *path, int len, u32 op) if (IS_ERR(watch))
> return PTR_ERR(watch);
>
> - audit_get_watch(watch);
> krule->watch = watch;
>
> return 0;
> @@ -387,8 +386,7 @@ static void audit_add_to_parent(struct audit_krule
> *krule,
>
> watch_found = 1;
>
> - /* put krule's and initial refs to temporary watch */
> - audit_put_watch(watch);
> + /* put krule's ref to temporary watch */
> audit_put_watch(watch);
>
> audit_get_watch(w);
> @@ -400,6 +398,7 @@ static void audit_add_to_parent(struct audit_krule
> *krule, audit_get_parent(parent);
> watch->parent = parent;
>
> + audit_get_watch(watch);
> list_add(&watch->wlist, &parent->watches);
> }
> list_add(&krule->rlist, &watch->rules);
> diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
> index 72e1660..4cb9b44 100644
> --- a/kernel/auditfilter.c
> +++ b/kernel/auditfilter.c
> @@ -549,8 +549,6 @@ exit_nofree:
> return entry;
>
> exit_free:
> - if (entry->rule.watch)
> - audit_put_watch(entry->rule.watch); /* matches initial get */
> if (entry->rule.tree)
> audit_put_tree(entry->rule.tree); /* that's the temporary one */
> audit_free_rule(entry);
> @@ -881,7 +879,7 @@ static inline int audit_add_rule(struct audit_entry
> *entry) /* normally audit_add_tree_rule() will free it on failure */
> if (tree)
> audit_put_tree(tree);
> - goto error;
> + return err;
> }
>
> if (watch) {
> @@ -895,14 +893,14 @@ static inline int audit_add_rule(struct audit_entry
> *entry) */
> if (tree)
> audit_put_tree(tree);
> - goto error;
> + return err;
> }
> }
> if (tree) {
> err = audit_add_tree_rule(&entry->rule);
> if (err) {
> mutex_unlock(&audit_filter_mutex);
> - goto error;
> + return err;
> }
> }
>
> @@ -933,11 +931,6 @@ static inline int audit_add_rule(struct audit_entry
> *entry) #endif
> mutex_unlock(&audit_filter_mutex);
>
> - return 0;
> -
> -error:
> - if (watch)
> - audit_put_watch(watch); /* tmp watch, matches initial get */
> return err;
> }
>
> @@ -945,7 +938,6 @@ error:
> static inline int audit_del_rule(struct audit_entry *entry)
> {
> struct audit_entry *e;
> - struct audit_watch *watch = entry->rule.watch;
> struct audit_tree *tree = entry->rule.tree;
> struct list_head *list;
> int ret = 0;
> @@ -986,8 +978,6 @@ static inline int audit_del_rule(struct audit_entry
> *entry) mutex_unlock(&audit_filter_mutex);
>
> out:
> - if (watch)
> - audit_put_watch(watch); /* match initial get */
> if (tree)
> audit_put_tree(tree); /* that's the temporary one */
--
paul moore
security @ redhat
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
