Oops while checking file system auditing

Wed May 25 18:08:23 UTC 2005

On Wednesday 25 May 2005 11:23, Stephen Smalley wrote:
> On Tue, 2005-05-24 at 15:38 -0500, Timothy R. Chavez wrote:
> > I noticed that I wasn't putting my reference back to my wentry in the 
> > audit_free_aux() function, only in audit_log_exit() *cough*
> > 
> > Though, on a separate but some-what related tangent, why have this in
> > audit_log_exit():
> > 
> > case AUDIT_AVC_PATH: {
> >                         struct audit_aux_data_path *axi = (void *)aux;
> >                         audit_log_d_path(ab, "path=", axi->dentry, axi->mnt);
> > ->                    dput(axi->dentry);
> > ->                    mntput(axi->mnt);
> >                         break; }
> > 
> > In theory, you're going to have to call audit_free_aux() and it will be
> > dealt with there, right?
> 
> That was my initial take as well when I first posted the patch, but Dave
> pointed out that I needed to handle the dput/mntput here as well because
> the existing code is removing each aux entry and freeing it at the tail
> of the loop, so context->aux ends up being NULL upon leaving the loop.
> Thus, the subsequent audit_free_aux() does nothing (except in the case
> where audit_log_start failed in the loop, causing it to retry the same
> aux entry endlessly?).  Not clear why this approach is taken.

I think we should just rely on on audit_free_aux() to take care of this for us
because it's not obvious otherwise.  The trade-off is that we have to iterate
through the list one more time, but I think it's a good trade-off personally.

-tim 