[RFC][PATCH] (#7U4) file system auditing by location and name
Stephen Smalley
sds at tycho.nsa.gov
Wed May 11 16:15:14 UTC 2005
On Mon, 2005-05-09 at 09:51 -0500, Timothy R. Chavez wrote:
> I like the suggestion, but I don't think it'll necessarily be simpler.
> Here's why:
>
> When I grab a reference to a dentry and store it with the wentry and
> then I unlink (via rm) the dentry, because the refcount > 0, it'll be
> kept in memory until I release the reference, right?
>
> The upshot is that this will require a conditional and a possible swap
> only on insertions.
Not sure I follow your last statement. With regard to the first point,
yes, I think you are correct - d_delete would just unhash the dentry,
not turn it into a negative dentry. An option might be to hook d_delete
again to release the saved reference before d_delete performs the check
of the reference count.
My concern is that the current code seems very fragile; getting
references without saving them anywhere, putting references that were
not acquired in the same call nor explicitly saved earlier (even though
in theory you've "saved" them by getting them earlier), putting a
reference and then re-getting one shortly thereafter without any
revalidation of the dentry.
--
Stephen Smalley
National Security Agency
More information about the Linux-audit
mailing list