Re: [PATCH] Light-weight Auditing Framework

[Paul E. McKenney]

On Wed, Mar 17, 2004 at 04:14:04AM -0500, Rik Faith wrote:
> On Fri 12 Mar 2004 10:50:33 -0800,
>    Paul E. McKenney <paulmck@xxxxxxxxxx> wrote:
> > o	I don't see any rcu_read_lock() or rcu_read_unlock() calls.
> 
> Fixed.

Much improved!

Since audit_receive_filter() is only called with audit_netlink_sem
held, it cannot race with either audit_del_rule() or audit_add_rule(),
so the list_for_each_entry_rcu()s may be replaced by
list_for_each_entry()s, and the rcu_read_{un,}lock()s removed.

Not a fatal problem, just a bit of unnecessary overhead.

The others look good!

> > o	Presumably something surrounding netlink_kernel_create()
> > 	ensures that only one instance of audit_del_rule() will
> > 	be executing at a given time.  If not, some locking is
> > 	needed.
> 
> I was unable to find anything, so I added a semaphore to the receive
> routine, and comments to the add and delete routines.

Looks good!

> > o	The audit_add_rule() function also needs something to prevent
> > 	races with other audit_add_rule() and audit_del_rule()
> > 	instances.
> 
> This is also handled by the semaphore.

Ditto!

> Thanks for your comments!  This patch is against 2.6.5-rc1-mm1.  It also
> corrects a problem that could trigger a BUG() near boot time.
> 
>  audit.c   |    9 +++++++++
>  auditsc.c |   38 +++++++++++++++++++++++++++++---------
>  2 files changed, 38 insertions(+), 9 deletions(-)

Glad to help!

						Thanx, Paul
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/