[RFC PATCH] audit: the fix RCU locking for the auditd_connection structure
Cong Wang
xiyou.wangcong at gmail.com
Tue May 2 05:53:20 UTC 2017
On Mon, May 1, 2017 at 4:07 PM, Paul Moore <paul at paul-moore.com> wrote:
> On Fri, Apr 28, 2017 at 3:27 PM, Paul Moore <paul at paul-moore.com> wrote:
>> On Fri, Apr 28, 2017 at 12:13 PM, Paul Moore <paul at paul-moore.com> wrote:
>>> On Fri, Apr 28, 2017 at 12:09 PM, Paul Moore <pmoore at redhat.com> wrote:
>>>> From: Paul Moore <paul at paul-moore.com>
>>>>
>>>> Cong Wang correctly pointed out that the RCU read locking of the
>>>> auditd_connection struct was wrong, this patch correct this by
>>>> adopting a more traditional, and correct RCU locking model.
>>>>
>>>> This patch is heavily based on an earlier prototype by Cong Wang.
>>>>
>>>> [XXX: Cong Wang, as mentioned previously, I'd like to add your
>>>> sign-off; please let me know if that is okay with you.]
>>>>
>>>> Cc: <stable at vger.kernel.org> # 4.11.x-: 264d509637d9
>>>> Reported-by: Cong Wang <xiyou.wangcong at gmail.com>
>>>> ??!! -> Signed-off-by: Cong Wang <xiyou.wangcong at gmail.com>
>>>> Signed-off-by: Paul Moore <paul at paul-moore.com>
>>>> ---
>>>> kernel/audit.c | 157 ++++++++++++++++++++++++++++++++++++--------------------
>>>> 1 file changed, 100 insertions(+), 57 deletions(-)
>>>
>>> A quick note that I haven't tested this yet, I'm in the process of
>>> building a kernel now, I just wanted to send this out early to in case
>>> anyone noticed anything incredibly stupid.
>>
>> I've booted the patch a few times, and run audit-testsuite and
>> selinux-testsuite against it without problem. I'm currently hitting
>> the system with a constant stream of audit records while I restart the
>> audit daemon every five seconds, ~15m and everything still appears to
>> be working correctly.
>>
>> In case anyone wants to play with a Fedora kernel build, you can get a
>> pre-built binary here for x86_64:
>>
>> https://copr.fedorainfracloud.org/coprs/pcmoore/kernel-testing/build/544810
>
> Cong Wang, have you had a chance to look at the patch yet? As I said,
> I'd like to include your sign-off ...
Sorry for the delay. I don't have time to look into the rewritten patch from
you, but you can add my SoB since you said it is based on mine.
Thanks.
More information about the Linux-audit
mailing list