Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8c85fc9a authored by Richard Guy Briggs's avatar Richard Guy Briggs Committed by Paul Moore
Browse files

audit: make audit_del_rule() more robust 



Move the access to the entry for audit_match_signal() to earlier in the
function in case the entry found is the same one passed in.  This will enable
it to be used by audit_remove_mark_rule().

Signed-off-by: default avatarRichard Guy Briggs <rgb@redhat.com>
[PM: tweaked subject line as it no longer made sense after multiple revs]
Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
parent ae9d2fb4

kernel/auditfilter.c

+6 −6
Original line number Diff line number Diff line
@@ -953,7 +953,6 @@ static inline int audit_del_rule(struct audit_entry *entry) 
	mutex_lock(&audit_filter_mutex);

	e = audit_find_rule(entry, &list);

	if (!e) {

		mutex_unlock(&audit_filter_mutex);

		ret = -ENOENT;

		goto out;

	}
@@ -964,10 +963,6 @@ static inline int audit_del_rule(struct audit_entry *entry) 
	if (e->rule.tree)

		audit_remove_tree_rule(&e->rule);



	list_del_rcu(&e->list);

	list_del(&e->rule.list);

	call_rcu(&e->rcu, audit_free_rule_rcu);



#ifdef CONFIG_AUDITSYSCALL

	if (!dont_count)

		audit_n_rules--;
@@ -975,9 +970,14 @@ static inline int audit_del_rule(struct audit_entry *entry) 
	if (!audit_match_signal(entry))

		audit_signals--;

#endif

	mutex_unlock(&audit_filter_mutex);



	list_del_rcu(&e->list);

	list_del(&e->rule.list);

	call_rcu(&e->rcu, audit_free_rule_rcu);



out:

	mutex_unlock(&audit_filter_mutex);



	if (tree)

		audit_put_tree(tree);	/* that's the temporary one */