Re: [PATCH] audit: fix mark refcounting
From: Eric Paris
Date: Tue Nov 15 2011 - 09:32:16 EST
I picked it up in my audit tree for next go round, although I haven't
published the tree as I'm still doing devel... Should be in next in a
week or two.
-Eric
On Tue, 2011-11-15 at 15:12 +0100, Miklos Szeredi wrote:
> Ping?
>
> On Mon, Nov 7, 2011 at 3:59 PM, Miklos Szeredi <miklos@xxxxxxxxxx> wrote:
> > From: Miklos Szeredi <mszeredi@xxxxxxx>
> >
> > Removing the parent of a watched file results in "kernel BUG at
> > fs/notify/mark.c:139".
> >
> > To reproduce
> >
> > add "-w /tmp/audit/dir/watched_file" to audit.rules
> > rm -rf /tmp/audit/dir
> >
> > This is caused by fsnotify_destroy_mark() being called without an
> > extra reference taken by the caller.
> >
> > Reported by Francesco Cosoleto here:
> >
> > https://bugzilla.novell.com/show_bug.cgi?id=689860
> >
> > Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxx>
> > CC: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> > CC: Eric Paris <eparis@xxxxxxxxxx>
> > CC: stable@xxxxxxxxxxxxxxx
> > ---
> > kernel/audit_watch.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > Index: linux.git/kernel/audit_watch.c
> > ===================================================================
> > --- linux.git.orig/kernel/audit_watch.c 2011-09-13 16:08:20.000000000 +0200
> > +++ linux.git/kernel/audit_watch.c 2011-11-07 15:19:07.000000000 +0100
> > @@ -349,7 +349,9 @@ static void audit_remove_parent_watches(
> > }
> > mutex_unlock(&audit_filter_mutex);
> >
> > + audit_get_parent(parent);
> > fsnotify_destroy_mark(&parent->mark);
> > + audit_put_parent(parent);
> > }
> >
> > /* Get path information necessary for adding watches. */
> >
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/