On Tue, Jun 28, 2016 at 12:06 PM, Richard Guy Briggs <[email protected]> wrote: > Move the calculations of values after the allocation in case the > allocation fails. This avoids wasting effort in the rare case that it > fails, but more importantly saves us extra logic to release the tty ref. > > Signed-off-by: Richard Guy Briggs <[email protected]> > --- > kernel/auditsc.c | 7 ++++--- > 1 files changed, 4 insertions(+), 3 deletions(-)
Most importantly it keeps us from leaking a kref, which we currently do if audit_log_start() fails. Applied to audit#stable-4.7 and I'll be pushing this to Linus once I've had a chance to see if your other patch is worth pushing during the 4.7-rc cycle too. > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index 71e14d8..33dafa7 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -1985,14 +1985,15 @@ static void audit_log_set_loginuid(kuid_t > koldloginuid, kuid_t kloginuid, > if (!audit_enabled) > return; > > + ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN); > + if (!ab) > + return; > + > uid = from_kuid(&init_user_ns, task_uid(current)); > oldloginuid = from_kuid(&init_user_ns, koldloginuid); > loginuid = from_kuid(&init_user_ns, kloginuid), > tty = audit_get_tty(current); > > - ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN); > - if (!ab) > - return; > audit_log_format(ab, "pid=%d uid=%u", task_pid_nr(current), uid); > audit_log_task_context(ab); > audit_log_format(ab, " old-auid=%u auid=%u tty=%s old-ses=%u ses=%u > res=%d", > -- > 1.7.1 > -- paul moore security @ redhat
