Re: [PATCH] kernel/auditfilter.c: need process 'tree' when audit_add_watch()failed in audit_add_rule().
From: Chen Gang
Date: Wed May 22 2013 - 21:30:53 EST
On 05/23/2013 05:18 AM, Andrew Morton wrote:
> On Fri, 10 May 2013 18:12:26 +0800 Chen Gang <gang.chen@xxxxxxxxxxx> wrote:
>
>> >
>> > If both 'tree' and 'watch' are valid, need call audit_put_tree(), just
>> > like the upper area has done within function audit_add_rule().
>> >
>> > Signed-off-by: Chen Gang <gang.chen@xxxxxxxxxxx>
>> > ---
>> > kernel/auditfilter.c | 6 ++++++
>> > 1 files changed, 6 insertions(+), 0 deletions(-)
>> >
>> > diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
>> > index f9fc54b..81f63f9 100644
>> > --- a/kernel/auditfilter.c
>> > +++ b/kernel/auditfilter.c
>> > @@ -952,6 +952,12 @@ static inline int audit_add_rule(struct audit_entry *entry)
>> > err = audit_add_watch(&entry->rule, &list);
>> > if (err) {
>> > mutex_unlock(&audit_filter_mutex);
>> > + /*
>> > + * normally audit_add_tree_rule() will free it
>> > + * on failure
>> > + */
>> > + if (tree)
>> > + audit_put_tree(tree);
>> > goto error;
>> > }
>> > }
> Are you sure? Or is the earlier audit_put_tree(tree) wrong?
>
Yes I am sure.
Since audit_add_tree_rule() will really free it on failure, we have to
be sure to free it in another area within audit_add_rule().
> Where is the "get" which this "put" is undoing?
>
>
"Allocating tree" is the "get", this "put" will really free the tree.
Thanks.
--
Chen Gang
Asianux Corporation
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/