[PATCH] cleanups + fixes against audit.56
Timothy R. Chavez
tinytim at us.ibm.com
Wed Jun 15 19:56:11 UTC 2005
Hello,
This patch introduces fixes for:
1. sys_rename() return code debacle
->
as a side effect of removing the error handling from fs/namei.c this bug was
also removed
2. leaky memory in auditfs_attach_wdata in failure path
3. NULL dereference on audit_inode_free()
->
race could occur between the child inode being deleted and the watch being
removed from parent
This patch adds:
1. Implicit watc removal message with -1 loginuid
2. New type, AUDIT_FS_INODE (1308)
->
now that we have watches per inode per record, we collect common inode
information for the watch on AUDIT_FS_INODE and use AUDIT_FS_WATCH to list
the watch information
3. Minor code cleanups (eliminating pointless goto's)
What's left:
1. Hooking chmod/chown/chgrp and the appropriate ACL calls (Me)
2. Watch scalability problem (Me)
3. AUID filtering on USER messages and watches (David)
4. PATH record woes... add a new token stating "I'm the parent of the file or
I'm the file"
-tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: auditfs~56~tc2.patch
Type: text/x-diff
Size: 10783 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050615/f7426082/attachment.bin>
More information about the Linux-audit
mailing list