[PATCH] audit: grab a reference to context->pwd when it's cached
Peter Moody
pmoody at google.com
Tue Sep 25 17:03:23 UTC 2012
Hey folks,
following up on old patches, are there any comments on this? Did you
get around to finding a better way to fix this bug, Al?
Cheers,
peter
On Mon, Aug 20, 2012 at 10:19 AM, Peter Moody <pmoody at google.com> wrote:
> Hi Al,
>
> Any word on a less unpleasant fix? Also, do you know if/how I could
> measure the impact of the cacheline bouncing? I haven't been able to
> notice anything anecdotally on the machine running this patch, but I'm
> not pushing it incredibly hard.
>
> Cheers,
> peter
>
> On Wed, Aug 15, 2012 at 6:41 PM, Peter Moody <pmoody at google.com> wrote:
>> On Wed, Aug 15, 2012 at 6:26 PM, Alexander Viro <aviro at redhat.com> wrote:
>>> On Wed, Aug 15, 2012 at 06:13:33PM -0700, Peter Moody wrote:
>>>> On certain systems, in certain pathalogical cases, current's cwd can
>>>> be deleted while we're still processing a syscall. This should prevent
>>>> the system from evicting the inode while we're still referencing it.
>>>>
>>>> This seems to fix the bug I reported here:
>>>> https://www.redhat.com/archives/linux-audit/2012-August/msg00017.html
>>>
>>> Sigh... The bug is real, but I really don't like the fix. Among other
>>> things, it's going to cause cacheline bouncing from hell and not everyone
>>> runs with audit sensibly disabled... Let me think for a while and see
>>> if I can come up with something less unpleasant, OK?
>>
>> Works for me. I have a set of machines that I can very easily test a fix on.
>>
>> Cheers,
>> peter
>>
>> --
>> Peter Moody Google 1.650.253.7306
>> Security Engineer pgp:0xC3410038
>
>
>
> --
> Peter Moody Google 1.650.253.7306
> Security Engineer pgp:0xC3410038
--
Peter Moody Google 1.650.253.7306
Security Engineer pgp:0xC3410038
More information about the Linux-audit
mailing list