Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a4f13563 authored by Teng Fei Fan's avatar Teng Fei Fan Committed by Tengfei Fan
Browse files

audit: add lock for audit_sock 



Netlink is an asyncchronous communication, and audit_sock
is a global variable, so it is necessary to add a lock when
using audit_sock.

Change-Id: I4f8e8ecde7dae3b12a6e73e9c1f1b358812d050a
Signed-off-by: default avatarTeng Fei Fan <tengfei@codeaurora.org>
Signed-off-by: default avatarTengfei Fan <tengfeif@codeaurora.org>
parent eced530e

kernel/audit.c

+14 −1
Original line number Diff line number Diff line
@@ -125,6 +125,7 @@ u32 audit_sig_sid = 0; 
static atomic_t    audit_lost = ATOMIC_INIT(0);



/* The netlink socket. */

static DEFINE_MUTEX(audit_sock_mutex);

static struct sock *audit_sock;

static int audit_net_id;
@@ -411,7 +412,9 @@ static void kauditd_send_skb(struct sk_buff *skb) 
restart:

	/* take a reference in case we can't send it and we want to hold it */

	skb_get(skb);

	mutex_lock(&audit_sock_mutex);

	err = netlink_unicast(audit_sock, skb, audit_nlk_portid, 0);

	mutex_unlock(&audit_sock_mutex);

	if (err < 0) {

		pr_err("netlink_unicast sending to audit_pid=%d returned error: %d\n",

		       audit_pid, err);
@@ -423,7 +426,9 @@ static void kauditd_send_skb(struct sk_buff *skb) 
				snprintf(s, sizeof(s), "audit_pid=%d reset", audit_pid);

				audit_log_lost(s);

				audit_pid = 0;

				mutex_lock(&audit_sock_mutex);

				audit_sock = NULL;

				mutex_unlock(&audit_sock_mutex);

			} else {

				pr_warn("re-scheduling(#%d) write to audit_pid=%d\n",

					attempts, audit_pid);
@@ -811,12 +816,16 @@ static int audit_set_feature(struct sk_buff *skb) 


static int audit_replace(pid_t pid)

{

	int	len;

	struct sk_buff *skb = audit_make_reply(0, 0, AUDIT_REPLACE, 0, 0,

					       &pid, sizeof(pid));



	if (!skb)

		return -ENOMEM;

	return netlink_unicast(audit_sock, skb, audit_nlk_portid, 0);

	mutex_lock(&audit_sock_mutex);

	len = netlink_unicast(audit_sock, skb, audit_nlk_portid, 0);

	mutex_unlock(&audit_sock_mutex);

	return len;

}



static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
@@ -901,7 +910,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) 
				audit_log_config_change("audit_pid", new_pid, audit_pid, 1);

			audit_pid = new_pid;

			audit_nlk_portid = NETLINK_CB(skb).portid;

			mutex_lock(&audit_sock_mutex);

			audit_sock = skb->sk;

			mutex_unlock(&audit_sock_mutex);

		}

		if (s.mask & AUDIT_STATUS_RATE_LIMIT) {

			err = audit_set_rate_limit(s.rate_limit);
@@ -1169,10 +1180,12 @@ static void __net_exit audit_net_exit(struct net *net) 
{

	struct audit_net *aunet = net_generic(net, audit_net_id);

	struct sock *sock = aunet->nlsk;

	mutex_lock(&audit_sock_mutex);

	if (sock == audit_sock) {

		audit_pid = 0;

		audit_sock = NULL;

	}

	mutex_unlock(&audit_sock_mutex);



	RCU_INIT_POINTER(aunet->nlsk, NULL);

	synchronize_net();