1 files changed, 58 insertions, 14 deletions

diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c
index 6e7351739a82..2451dc6f3282 100644
--- a/kernel/audit_tree.c
+++ b/kernel/audit_tree.c
@@ -2,6 +2,7 @@
 #include <linux/inotify.h>
 #include <linux/namei.h>
 #include <linux/mount.h>
+#include <linux/kthread.h>
 
 struct audit_tree;
 struct audit_chunk;
@@ -441,13 +442,11 @@ static void kill_rules(struct audit_tree *tree)
                 if (rule->tree) {
                         /* not a half-baked one */
                         ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
-                        audit_log_format(ab, "op=remove rule dir=");
+                        audit_log_format(ab, "op=");
+                        audit_log_string(ab, "remove rule");
+                        audit_log_format(ab, " dir=");
                         audit_log_untrustedstring(ab, rule->tree->pathname);
-                        if (rule->filterkey) {
-                                audit_log_format(ab, " key=");
-                                audit_log_untrustedstring(ab, rule->filterkey);
-                        } else
-                                audit_log_format(ab, " key=(null)");
+                        audit_log_key(ab, rule->filterkey);
                         audit_log_format(ab, " list=%d res=1", rule->listnr);
                         audit_log_end(ab);
                         rule->tree = NULL;
@@ -519,6 +518,8 @@ static void trim_marked(struct audit_tree *tree)
         }
 }
 
+static void audit_schedule_prune(void);
+
 /* called with audit_filter_mutex */
 int audit_remove_tree_rule(struct audit_krule *rule)
 {
@@ -568,7 +569,7 @@ void audit_trim_trees(void)
                 if (err)
                         goto skip_it;
 
-                root_mnt = collect_mounts(path.mnt, path.dentry);
+                root_mnt = collect_mounts(&path);
                 path_put(&path);
                 if (!root_mnt)
                         goto skip_it;
@@ -660,7 +661,7 @@ int audit_add_tree_rule(struct audit_krule *rule)
         err = kern_path(tree->pathname, 0, &path);
         if (err)
                 goto Err;
-        mnt = collect_mounts(path.mnt, path.dentry);
+        mnt = collect_mounts(&path);
         path_put(&path);
         if (!mnt) {
                 err = -ENOMEM;
@@ -720,7 +721,7 @@ int audit_tag_tree(char *old, char *new)
         err = kern_path(new, 0, &path);
         if (err)
                 return err;
-        tagged = collect_mounts(path.mnt, path.dentry);
+        tagged = collect_mounts(&path);
         path_put(&path);
         if (!tagged)
                 return -ENOMEM;
@@ -824,10 +825,11 @@ int audit_tag_tree(char *old, char *new)
 
 /*
  * That gets run when evict_chunk() ends up needing to kill audit_tree.
- * Runs from a separate thread, with audit_cmd_mutex held.
+ * Runs from a separate thread.
  */
-void audit_prune_trees(void)
+static int prune_tree_thread(void *unused)
 {
+        mutex_lock(&audit_cmd_mutex);
         mutex_lock(&audit_filter_mutex);
 
         while (!list_empty(&prune_list)) {
@@ -844,6 +846,40 @@ void audit_prune_trees(void)
         }
 
         mutex_unlock(&audit_filter_mutex);
+        mutex_unlock(&audit_cmd_mutex);
+        return 0;
+}
+
+static void audit_schedule_prune(void)
+{
+        kthread_run(prune_tree_thread, NULL, "audit_prune_tree");
+}
+
+/*
+ * ... and that one is done if evict_chunk() decides to delay until the end
+ * of syscall.  Runs synchronously.
+ */
+void audit_kill_trees(struct list_head *list)
+{
+        mutex_lock(&audit_cmd_mutex);
+        mutex_lock(&audit_filter_mutex);
+
+        while (!list_empty(list)) {
+                struct audit_tree *victim;
+
+                victim = list_entry(list->next, struct audit_tree, list);
+                kill_rules(victim);
+                list_del_init(&victim->list);
+
+                mutex_unlock(&audit_filter_mutex);
+
+                prune_one(victim);
+
+                mutex_lock(&audit_filter_mutex);
+        }
+
+        mutex_unlock(&audit_filter_mutex);
+        mutex_unlock(&audit_cmd_mutex);
 }
 
 /*
@@ -854,6 +890,8 @@ void audit_prune_trees(void)
 static void evict_chunk(struct audit_chunk *chunk)
 {
         struct audit_tree *owner;
+        struct list_head *postponed = audit_killed_trees();
+        int need_prune = 0;
         int n;
 
         if (chunk->dead)
@@ -869,15 +907,21 @@ static void evict_chunk(struct audit_chunk *chunk)
                 owner->root = NULL;
                 list_del_init(&owner->same_root);
                 spin_unlock(&hash_lock);
-                kill_rules(owner);
-                list_move(&owner->list, &prune_list);
-                audit_schedule_prune();
+                if (!postponed) {
+                        kill_rules(owner);
+                        list_move(&owner->list, &prune_list);
+                        need_prune = 1;
+                } else {
+                        list_move(&owner->list, postponed);
+                }
                 spin_lock(&hash_lock);
         }
         list_del_rcu(&chunk->hash);
         for (n = 0; n < chunk->count; n++)
                 list_del_init(&chunk->owners[n].list);
         spin_unlock(&hash_lock);
+        if (need_prune)
+                audit_schedule_prune();
         mutex_unlock(&audit_filter_mutex);
 }