Commit b9886c97 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'audit-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit 

Pull audit update from Paul Moore:
 "Only two audit patches for v6.7, both fairly small with a combined 11
  lines of changes.

  The first patch is a simple __counted_by annontation, and the second
  fixes a a problem where audit could deadlock on task_lock() when an
  exe filter is configured. More information is available in the commit
  description and the patch is tagged for stable"

* tag 'audit-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
  audit: don't take task_lock() in audit_exe_compare() code path
  audit: Annotate struct audit_chunk with __counted_by
parents b9ff7745 47846d51

kernel/audit_tree.c

+1 −1
Original line number Diff line number Diff line
@@ -34,7 +34,7 @@ struct audit_chunk { 
		struct list_head list;

		struct audit_tree *owner;

		unsigned index;		/* index; upper bit indicates 'will prune' */

	} owners[];

	} owners[] __counted_by(count);

};



struct audit_tree_mark {

kernel/audit_watch.c

+8 −1
Original line number Diff line number Diff line
@@ -527,11 +527,18 @@ int audit_exe_compare(struct task_struct *tsk, struct audit_fsnotify_mark *mark) 
	unsigned long ino;

	dev_t dev;



	exe_file = get_task_exe_file(tsk);

	/* only do exe filtering if we are recording @current events/records */

	if (tsk != current)

		return 0;



	if (WARN_ON_ONCE(!current->mm))

		return 0;

	exe_file = get_mm_exe_file(current->mm);

	if (!exe_file)

		return 0;

	ino = file_inode(exe_file)->i_ino;

	dev = file_inode(exe_file)->i_sb->s_dev;

	fput(exe_file);



	return audit_mark_compare(mark, ino, dev);

}