On Wed, Dec 31, 2014 at 12:33 PM, Paul Moore <p...@paul-moore.com> wrote:
>
> One audit patch to resolve a panic/oops when recording filenames in the audit
> log, see the mail archive link below. The fix isn't as nice as I would like,
> as it involves an allocate/copy of the filename, but it solves the problem and
> the overhead should only affect users who have configured audit rules
> involving file names.
This fix looks wrong.
The kernel "getname()" function already has hacks explicitly for this
audit usage. Why aren't those hacks working? See the whole
"audit_getname()" and "audit_putname()" thing in fs/namei.c.
So why does audit now need to copy the name *again*, when the whole -
and only - point of the current fs/namei.c audit hackery is exactly so
that audit can control the lifetime of the pathnames?
Hmm? Alternatively, could we just remove the fs/namei.c hackery
entirely, and rely on audit always copying the filenames for its own
use?
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
