[RFC PATCH ghak100 V1 1/2] audit: avoid fcaps on MNT_FORCE
Miklos Szeredi
miklos at szeredi.hu
Mon Nov 19 12:47:53 UTC 2018
On Fri, Nov 16, 2018 at 6:34 PM Richard Guy Briggs <rgb at redhat.com> wrote:
>
> Don't fetch fcaps when umount2 is called with MNT_FORCE to avoid a
> process hang while it waits for the missing resource to (possibly never)
> re-appear.
The patch would be pretty good if the dependence on MNT_FORCE wasn't
added. As it is, it's buggy in more ways than one:
- It does the opposite of the above (i.e. skips fcaps *unless*
MNT_FORCE is set)
- sets LOOKUP_NO_REVAL from caller of path lookup, which is invalid
(LOOKUP_NO_REVAL is used only internally by path lookup)
- the fact that *_path_mountpoint_at() shouldn't touch the mount root
is independent of MNT_FORCE
I still don't quite understand what audit is trying to do here, but
apparently it's okay to skip getxattr in the MNT_FORCE case. So why
is it not okay to skip it in the non-MNT_FORCE case?
Thanks,
Miklos
More information about the Linux-audit
mailing list