Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a4f13563 authored by Teng Fei Fan's avatar Teng Fei Fan Committed by Tengfei Fan
Browse files

audit: add lock for audit_sock



Netlink is an asyncchronous communication, and audit_sock
is a global variable, so it is necessary to add a lock when
using audit_sock.

Change-Id: I4f8e8ecde7dae3b12a6e73e9c1f1b358812d050a
Signed-off-by: default avatarTeng Fei Fan <tengfei@codeaurora.org>
Signed-off-by: default avatarTengfei Fan <tengfeif@codeaurora.org>
parent eced530e
Loading
Loading
Loading
Loading
+14 −1
Original line number Diff line number Diff line
@@ -125,6 +125,7 @@ u32 audit_sig_sid = 0;
static atomic_t    audit_lost = ATOMIC_INIT(0);

/* The netlink socket. */
static DEFINE_MUTEX(audit_sock_mutex);
static struct sock *audit_sock;
static int audit_net_id;

@@ -411,7 +412,9 @@ static void kauditd_send_skb(struct sk_buff *skb)
restart:
	/* take a reference in case we can't send it and we want to hold it */
	skb_get(skb);
	mutex_lock(&audit_sock_mutex);
	err = netlink_unicast(audit_sock, skb, audit_nlk_portid, 0);
	mutex_unlock(&audit_sock_mutex);
	if (err < 0) {
		pr_err("netlink_unicast sending to audit_pid=%d returned error: %d\n",
		       audit_pid, err);
@@ -423,7 +426,9 @@ static void kauditd_send_skb(struct sk_buff *skb)
				snprintf(s, sizeof(s), "audit_pid=%d reset", audit_pid);
				audit_log_lost(s);
				audit_pid = 0;
				mutex_lock(&audit_sock_mutex);
				audit_sock = NULL;
				mutex_unlock(&audit_sock_mutex);
			} else {
				pr_warn("re-scheduling(#%d) write to audit_pid=%d\n",
					attempts, audit_pid);
@@ -811,12 +816,16 @@ static int audit_set_feature(struct sk_buff *skb)

static int audit_replace(pid_t pid)
{
	int	len;
	struct sk_buff *skb = audit_make_reply(0, 0, AUDIT_REPLACE, 0, 0,
					       &pid, sizeof(pid));

	if (!skb)
		return -ENOMEM;
	return netlink_unicast(audit_sock, skb, audit_nlk_portid, 0);
	mutex_lock(&audit_sock_mutex);
	len = netlink_unicast(audit_sock, skb, audit_nlk_portid, 0);
	mutex_unlock(&audit_sock_mutex);
	return len;
}

static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
@@ -901,7 +910,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
				audit_log_config_change("audit_pid", new_pid, audit_pid, 1);
			audit_pid = new_pid;
			audit_nlk_portid = NETLINK_CB(skb).portid;
			mutex_lock(&audit_sock_mutex);
			audit_sock = skb->sk;
			mutex_unlock(&audit_sock_mutex);
		}
		if (s.mask & AUDIT_STATUS_RATE_LIMIT) {
			err = audit_set_rate_limit(s.rate_limit);
@@ -1169,10 +1180,12 @@ static void __net_exit audit_net_exit(struct net *net)
{
	struct audit_net *aunet = net_generic(net, audit_net_id);
	struct sock *sock = aunet->nlsk;
	mutex_lock(&audit_sock_mutex);
	if (sock == audit_sock) {
		audit_pid = 0;
		audit_sock = NULL;
	}
	mutex_unlock(&audit_sock_mutex);

	RCU_INIT_POINTER(aunet->nlsk, NULL);
	synchronize_net();