diff options
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/audit_tree.c | 49 |
1 files changed, 16 insertions, 33 deletions
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c index f09b42d9c32d..028e85663f27 100644 --- a/kernel/audit_tree.c +++ b/kernel/audit_tree.c | |||
@@ -548,6 +548,11 @@ int audit_remove_tree_rule(struct audit_krule *rule) | |||
548 | return 0; | 548 | return 0; |
549 | } | 549 | } |
550 | 550 | ||
551 | static int compare_root(struct vfsmount *mnt, void *arg) | ||
552 | { | ||
553 | return mnt->mnt_root->d_inode == arg; | ||
554 | } | ||
555 | |||
551 | void audit_trim_trees(void) | 556 | void audit_trim_trees(void) |
552 | { | 557 | { |
553 | struct list_head cursor; | 558 | struct list_head cursor; |
@@ -559,7 +564,6 @@ void audit_trim_trees(void) | |||
559 | struct path path; | 564 | struct path path; |
560 | struct vfsmount *root_mnt; | 565 | struct vfsmount *root_mnt; |
561 | struct node *node; | 566 | struct node *node; |
562 | struct list_head list; | ||
563 | int err; | 567 | int err; |
564 | 568 | ||
565 | tree = container_of(cursor.next, struct audit_tree, list); | 569 | tree = container_of(cursor.next, struct audit_tree, list); |
@@ -577,24 +581,16 @@ void audit_trim_trees(void) | |||
577 | if (!root_mnt) | 581 | if (!root_mnt) |
578 | goto skip_it; | 582 | goto skip_it; |
579 | 583 | ||
580 | list_add_tail(&list, &root_mnt->mnt_list); | ||
581 | spin_lock(&hash_lock); | 584 | spin_lock(&hash_lock); |
582 | list_for_each_entry(node, &tree->chunks, list) { | 585 | list_for_each_entry(node, &tree->chunks, list) { |
583 | struct audit_chunk *chunk = find_chunk(node); | 586 | struct inode *inode = find_chunk(node)->watch.inode; |
584 | struct inode *inode = chunk->watch.inode; | ||
585 | struct vfsmount *mnt; | ||
586 | node->index |= 1U<<31; | 587 | node->index |= 1U<<31; |
587 | list_for_each_entry(mnt, &list, mnt_list) { | 588 | if (iterate_mounts(compare_root, inode, root_mnt)) |
588 | if (mnt->mnt_root->d_inode == inode) { | 589 | node->index &= ~(1U<<31); |
589 | node->index &= ~(1U<<31); | ||
590 | break; | ||
591 | } | ||
592 | } | ||
593 | } | 590 | } |
594 | spin_unlock(&hash_lock); | 591 | spin_unlock(&hash_lock); |
595 | trim_marked(tree); | 592 | trim_marked(tree); |
596 | put_tree(tree); | 593 | put_tree(tree); |
597 | list_del_init(&list); | ||
598 | drop_collected_mounts(root_mnt); | 594 | drop_collected_mounts(root_mnt); |
599 | skip_it: | 595 | skip_it: |
600 | mutex_lock(&audit_filter_mutex); | 596 | mutex_lock(&audit_filter_mutex); |
@@ -622,13 +618,17 @@ void audit_put_tree(struct audit_tree *tree) | |||
622 | put_tree(tree); | 618 | put_tree(tree); |
623 | } | 619 | } |
624 | 620 | ||
621 | static int tag_mount(struct vfsmount *mnt, void *arg) | ||
622 | { | ||
623 | return tag_chunk(mnt->mnt_root->d_inode, arg); | ||
624 | } | ||
625 | |||
625 | /* called with audit_filter_mutex */ | 626 | /* called with audit_filter_mutex */ |
626 | int audit_add_tree_rule(struct audit_krule *rule) | 627 | int audit_add_tree_rule(struct audit_krule *rule) |
627 | { | 628 | { |
628 | struct audit_tree *seed = rule->tree, *tree; | 629 | struct audit_tree *seed = rule->tree, *tree; |
629 | struct path path; | 630 | struct path path; |
630 | struct vfsmount *mnt, *p; | 631 | struct vfsmount *mnt; |
631 | struct list_head list; | ||
632 | int err; | 632 | int err; |
633 | 633 | ||
634 | list_for_each_entry(tree, &tree_list, list) { | 634 | list_for_each_entry(tree, &tree_list, list) { |
@@ -654,16 +654,9 @@ int audit_add_tree_rule(struct audit_krule *rule) | |||
654 | err = -ENOMEM; | 654 | err = -ENOMEM; |
655 | goto Err; | 655 | goto Err; |
656 | } | 656 | } |
657 | list_add_tail(&list, &mnt->mnt_list); | ||
658 | 657 | ||
659 | get_tree(tree); | 658 | get_tree(tree); |
660 | list_for_each_entry(p, &list, mnt_list) { | 659 | err = iterate_mounts(tag_mount, tree, mnt); |
661 | err = tag_chunk(p->mnt_root->d_inode, tree); | ||
662 | if (err) | ||
663 | break; | ||
664 | } | ||
665 | |||
666 | list_del(&list); | ||
667 | drop_collected_mounts(mnt); | 660 | drop_collected_mounts(mnt); |
668 | 661 | ||
669 | if (!err) { | 662 | if (!err) { |
@@ -700,7 +693,6 @@ int audit_tag_tree(char *old, char *new) | |||
700 | int failed = 0; | 693 | int failed = 0; |
701 | struct path path1, path2; | 694 | struct path path1, path2; |
702 | struct vfsmount *tagged; | 695 | struct vfsmount *tagged; |
703 | struct list_head list; | ||
704 | int err; | 696 | int err; |
705 | 697 | ||
706 | err = kern_path(new, 0, &path2); | 698 | err = kern_path(new, 0, &path2); |
@@ -717,15 +709,12 @@ int audit_tag_tree(char *old, char *new) | |||
717 | return err; | 709 | return err; |
718 | } | 710 | } |
719 | 711 | ||
720 | list_add_tail(&list, &tagged->mnt_list); | ||
721 | |||
722 | mutex_lock(&audit_filter_mutex); | 712 | mutex_lock(&audit_filter_mutex); |
723 | list_add(&barrier, &tree_list); | 713 | list_add(&barrier, &tree_list); |
724 | list_add(&cursor, &barrier); | 714 | list_add(&cursor, &barrier); |
725 | 715 | ||
726 | while (cursor.next != &tree_list) { | 716 | while (cursor.next != &tree_list) { |
727 | struct audit_tree *tree; | 717 | struct audit_tree *tree; |
728 | struct vfsmount *p; | ||
729 | int good_one = 0; | 718 | int good_one = 0; |
730 | 719 | ||
731 | tree = container_of(cursor.next, struct audit_tree, list); | 720 | tree = container_of(cursor.next, struct audit_tree, list); |
@@ -746,12 +735,7 @@ int audit_tag_tree(char *old, char *new) | |||
746 | continue; | 735 | continue; |
747 | } | 736 | } |
748 | 737 | ||
749 | list_for_each_entry(p, &list, mnt_list) { | 738 | failed = iterate_mounts(tag_mount, tree, tagged); |
750 | failed = tag_chunk(p->mnt_root->d_inode, tree); | ||
751 | if (failed) | ||
752 | break; | ||
753 | } | ||
754 | |||
755 | if (failed) { | 739 | if (failed) { |
756 | put_tree(tree); | 740 | put_tree(tree); |
757 | mutex_lock(&audit_filter_mutex); | 741 | mutex_lock(&audit_filter_mutex); |
@@ -792,7 +776,6 @@ int audit_tag_tree(char *old, char *new) | |||
792 | } | 776 | } |
793 | list_del(&barrier); | 777 | list_del(&barrier); |
794 | list_del(&cursor); | 778 | list_del(&cursor); |
795 | list_del(&list); | ||
796 | mutex_unlock(&audit_filter_mutex); | 779 | mutex_unlock(&audit_filter_mutex); |
797 | path_put(&path1); | 780 | path_put(&path1); |
798 | drop_collected_mounts(tagged); | 781 | drop_collected_mounts(tagged); |