---

yaml --- r: 154224 b: refs/heads/master c: 35fe4d0 h: refs/heads/master v: v3
git-mirror · Jun 24, 2009 · 42a29d2 · 42a29d2
1 parent 59b8192
commit 42a29d2
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 25 deletions.
diff --git a/[refs] b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: cfcad62c74abfef83762dc05a556d21bdf3980a2
+refs/heads/master: 35fe4d0b1b12286a81938e9c5fdfaf639ac0ce5b
diff --git a/trunk/kernel/audit.h b/trunk/kernel/audit.h
@@ -109,10 +109,7 @@ extern dev_t audit_watch_dev(struct audit_watch *watch);
 extern void audit_put_watch(struct audit_watch *watch);
 extern void audit_get_watch(struct audit_watch *watch);
 extern int audit_to_watch(struct audit_krule *krule, char *path, int len, u32 op);
-extern int audit_get_nd(char *path, struct nameidata **ndp, struct nameidata **ndw);
-extern void audit_put_nd(struct nameidata *ndp, struct nameidata *ndw);
-extern int audit_add_watch(struct audit_krule *krule, struct nameidata *ndp,
-			   struct nameidata *ndw);
+extern int audit_add_watch(struct audit_krule *krule);
 extern void audit_remove_watch(struct audit_watch *watch);
 extern void audit_remove_watch_rule(struct audit_krule *krule, struct list_head *list);
 extern void audit_inotify_unregister(struct list_head *in_list);

diff --git a/trunk/kernel/audit_watch.c b/trunk/kernel/audit_watch.c
@@ -345,7 +345,7 @@ void audit_inotify_unregister(struct list_head *in_list)
 }
 
 /* Get path information necessary for adding watches. */
-int audit_get_nd(char *path, struct nameidata **ndp, struct nameidata **ndw)
+static int audit_get_nd(char *path, struct nameidata **ndp, struct nameidata **ndw)
 {
 	struct nameidata *ndparent, *ndwatch;
 	int err;
@@ -380,7 +380,7 @@ int audit_get_nd(char *path, struct nameidata **ndp, struct nameidata **ndw)
 }
 
 /* Release resources used for watch path information. */
-void audit_put_nd(struct nameidata *ndp, struct nameidata *ndw)
+static void audit_put_nd(struct nameidata *ndp, struct nameidata *ndw)
 {
 	if (ndp) {
 		path_put(&ndp->path);
@@ -426,14 +426,24 @@ static void audit_add_to_parent(struct audit_krule *krule,
 
 /* Find a matching watch entry, or add this one.
  * Caller must hold audit_filter_mutex. */
-int audit_add_watch(struct audit_krule *krule, struct nameidata *ndp,
-		    struct nameidata *ndw)
+int audit_add_watch(struct audit_krule *krule)
 {
 	struct audit_watch *watch = krule->watch;
 	struct inotify_watch *i_watch;
 	struct audit_parent *parent;
+	struct nameidata *ndp = NULL, *ndw = NULL;
 	int ret = 0;
 
+	mutex_unlock(&audit_filter_mutex);
+
+	/* Avoid calling path_lookup under audit_filter_mutex. */
+	ret = audit_get_nd(watch->path, &ndp, &ndw);
+	if (ret) {
+		/* caller expects mutex locked */
+		mutex_lock(&audit_filter_mutex);
+		goto error;
+	}
+
 	/* update watch filter fields */
 	if (ndw) {
 		watch->dev = ndw->path.dentry->d_inode->i_sb->s_dev;
@@ -445,15 +455,14 @@ int audit_add_watch(struct audit_krule *krule, struct nameidata *ndp,
 	 * inotify watch is found, inotify_find_watch() grabs a reference before
 	 * returning.
 	 */
-	mutex_unlock(&audit_filter_mutex);
-
 	if (inotify_find_watch(audit_ih, ndp->path.dentry->d_inode,
 			       &i_watch) < 0) {
 		parent = audit_init_parent(ndp);
 		if (IS_ERR(parent)) {
 			/* caller expects mutex locked */
 			mutex_lock(&audit_filter_mutex);
-			return PTR_ERR(parent);
+			ret = PTR_ERR(parent);
+			goto error;
 		}
 	} else
 		parent = container_of(i_watch, struct audit_parent, wdata);
@@ -468,7 +477,11 @@ int audit_add_watch(struct audit_krule *krule, struct nameidata *ndp,
 
 	/* match get in audit_init_parent or inotify_find_watch */
 	put_inotify_watch(&parent->wdata);
+
+error:
+	audit_put_nd(ndp, ndw);		/* NULL args OK */
 	return ret;
+
 }
 
 void audit_remove_watch_rule(struct audit_krule *krule, struct list_head *list)

diff --git a/trunk/kernel/auditfilter.c b/trunk/kernel/auditfilter.c
@@ -864,7 +864,6 @@ static inline int audit_add_rule(struct audit_entry *entry)
 	struct audit_entry *e;
 	struct audit_watch *watch = entry->rule.watch;
 	struct audit_tree *tree = entry->rule.tree;
-	struct nameidata *ndp = NULL, *ndw = NULL;
 	struct list_head *list;
 	int h, err;
 #ifdef CONFIG_AUDITSYSCALL
@@ -878,26 +877,18 @@ static inline int audit_add_rule(struct audit_entry *entry)
 
 	mutex_lock(&audit_filter_mutex);
 	e = audit_find_rule(entry, &list);
-	mutex_unlock(&audit_filter_mutex);
 	if (e) {
+		mutex_unlock(&audit_filter_mutex);
 		err = -EEXIST;
 		/* normally audit_add_tree_rule() will free it on failure */
 		if (tree)
 			audit_put_tree(tree);
 		goto error;
 	}
 
-	/* Avoid calling path_lookup under audit_filter_mutex. */
-	if (watch) {
-		err = audit_get_nd(audit_watch_path(watch), &ndp, &ndw);
-		if (err)
-			goto error;
-	}
-
-	mutex_lock(&audit_filter_mutex);
 	if (watch) {
 		/* audit_filter_mutex is dropped and re-taken during this call */
-		err = audit_add_watch(&entry->rule, ndp, ndw);
+		err = audit_add_watch(&entry->rule);
 		if (err) {
 			mutex_unlock(&audit_filter_mutex);
 			goto error;
@@ -942,11 +933,9 @@ static inline int audit_add_rule(struct audit_entry *entry)
 #endif
 	mutex_unlock(&audit_filter_mutex);
 
-	audit_put_nd(ndp, ndw);		/* NULL args OK */
  	return 0;
 
 error:
-	audit_put_nd(ndp, ndw);		/* NULL args OK */
 	if (watch)
 		audit_put_watch(watch); /* tmp watch, matches initial get */
 	return err;