diff options
Diffstat (limited to 'kernel/audit_tree.c')
-rw-r--r-- | kernel/audit_tree.c | 51 |
1 files changed, 12 insertions, 39 deletions
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c index 4b05bd9479db..f09b42d9c32d 100644 --- a/kernel/audit_tree.c +++ b/kernel/audit_tree.c | |||
@@ -603,22 +603,6 @@ skip_it: | |||
603 | mutex_unlock(&audit_filter_mutex); | 603 | mutex_unlock(&audit_filter_mutex); |
604 | } | 604 | } |
605 | 605 | ||
606 | static int is_under(struct vfsmount *mnt, struct dentry *dentry, | ||
607 | struct path *path) | ||
608 | { | ||
609 | if (mnt != path->mnt) { | ||
610 | for (;;) { | ||
611 | if (mnt->mnt_parent == mnt) | ||
612 | return 0; | ||
613 | if (mnt->mnt_parent == path->mnt) | ||
614 | break; | ||
615 | mnt = mnt->mnt_parent; | ||
616 | } | ||
617 | dentry = mnt->mnt_mountpoint; | ||
618 | } | ||
619 | return is_subdir(dentry, path->dentry); | ||
620 | } | ||
621 | |||
622 | int audit_make_tree(struct audit_krule *rule, char *pathname, u32 op) | 606 | int audit_make_tree(struct audit_krule *rule, char *pathname, u32 op) |
623 | { | 607 | { |
624 | 608 | ||
@@ -714,29 +698,24 @@ int audit_tag_tree(char *old, char *new) | |||
714 | { | 698 | { |
715 | struct list_head cursor, barrier; | 699 | struct list_head cursor, barrier; |
716 | int failed = 0; | 700 | int failed = 0; |
717 | struct path path; | 701 | struct path path1, path2; |
718 | struct vfsmount *tagged; | 702 | struct vfsmount *tagged; |
719 | struct list_head list; | 703 | struct list_head list; |
720 | struct vfsmount *mnt; | ||
721 | struct dentry *dentry; | ||
722 | int err; | 704 | int err; |
723 | 705 | ||
724 | err = kern_path(new, 0, &path); | 706 | err = kern_path(new, 0, &path2); |
725 | if (err) | 707 | if (err) |
726 | return err; | 708 | return err; |
727 | tagged = collect_mounts(&path); | 709 | tagged = collect_mounts(&path2); |
728 | path_put(&path); | 710 | path_put(&path2); |
729 | if (!tagged) | 711 | if (!tagged) |
730 | return -ENOMEM; | 712 | return -ENOMEM; |
731 | 713 | ||
732 | err = kern_path(old, 0, &path); | 714 | err = kern_path(old, 0, &path1); |
733 | if (err) { | 715 | if (err) { |
734 | drop_collected_mounts(tagged); | 716 | drop_collected_mounts(tagged); |
735 | return err; | 717 | return err; |
736 | } | 718 | } |
737 | mnt = mntget(path.mnt); | ||
738 | dentry = dget(path.dentry); | ||
739 | path_put(&path); | ||
740 | 719 | ||
741 | list_add_tail(&list, &tagged->mnt_list); | 720 | list_add_tail(&list, &tagged->mnt_list); |
742 | 721 | ||
@@ -747,6 +726,7 @@ int audit_tag_tree(char *old, char *new) | |||
747 | while (cursor.next != &tree_list) { | 726 | while (cursor.next != &tree_list) { |
748 | struct audit_tree *tree; | 727 | struct audit_tree *tree; |
749 | struct vfsmount *p; | 728 | struct vfsmount *p; |
729 | int good_one = 0; | ||
750 | 730 | ||
751 | tree = container_of(cursor.next, struct audit_tree, list); | 731 | tree = container_of(cursor.next, struct audit_tree, list); |
752 | get_tree(tree); | 732 | get_tree(tree); |
@@ -754,23 +734,17 @@ int audit_tag_tree(char *old, char *new) | |||
754 | list_add(&cursor, &tree->list); | 734 | list_add(&cursor, &tree->list); |
755 | mutex_unlock(&audit_filter_mutex); | 735 | mutex_unlock(&audit_filter_mutex); |
756 | 736 | ||
757 | err = kern_path(tree->pathname, 0, &path); | 737 | err = kern_path(tree->pathname, 0, &path2); |
758 | if (err) { | 738 | if (!err) { |
759 | put_tree(tree); | 739 | good_one = path_is_under(&path1, &path2); |
760 | mutex_lock(&audit_filter_mutex); | 740 | path_put(&path2); |
761 | continue; | ||
762 | } | 741 | } |
763 | 742 | ||
764 | spin_lock(&vfsmount_lock); | 743 | if (!good_one) { |
765 | if (!is_under(mnt, dentry, &path)) { | ||
766 | spin_unlock(&vfsmount_lock); | ||
767 | path_put(&path); | ||
768 | put_tree(tree); | 744 | put_tree(tree); |
769 | mutex_lock(&audit_filter_mutex); | 745 | mutex_lock(&audit_filter_mutex); |
770 | continue; | 746 | continue; |
771 | } | 747 | } |
772 | spin_unlock(&vfsmount_lock); | ||
773 | path_put(&path); | ||
774 | 748 | ||
775 | list_for_each_entry(p, &list, mnt_list) { | 749 | list_for_each_entry(p, &list, mnt_list) { |
776 | failed = tag_chunk(p->mnt_root->d_inode, tree); | 750 | failed = tag_chunk(p->mnt_root->d_inode, tree); |
@@ -820,8 +794,7 @@ int audit_tag_tree(char *old, char *new) | |||
820 | list_del(&cursor); | 794 | list_del(&cursor); |
821 | list_del(&list); | 795 | list_del(&list); |
822 | mutex_unlock(&audit_filter_mutex); | 796 | mutex_unlock(&audit_filter_mutex); |
823 | dput(dentry); | 797 | path_put(&path1); |
824 | mntput(mnt); | ||
825 | drop_collected_mounts(tagged); | 798 | drop_collected_mounts(tagged); |
826 | return failed; | 799 | return failed; |
827 | } | 800 | } |