When the "status_get->mask" is "AUDIT_STATUS_RATE_LIMIT || AUDIT_STATUS_BACKLOG_LIMIT".
If "audit_set_rate_limit" fails and "audit_set_backlog_limit" succeeds, the "err" value will be greater than or equal to 0. It will miss the failure of rate set.
Signed-off-by: Zhang Xiliang <[email protected]>
---
kernel/audit.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index e092f1c..38a4080 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -725,9 +725,11 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
audit_pid = new_pid;
audit_nlk_pid = NETLINK_CB(skb).pid;
}
- if (status_get->mask & AUDIT_STATUS_RATE_LIMIT)
+ if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {
err = audit_set_rate_limit(status_get->rate_limit,
loginuid, sessionid, sid);
+ if (err < 0) return err;
+ }
if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
err = audit_set_backlog_limit(status_get->backlog_limit,
loginuid, sessionid, sid);
--
1.5.4.2
--
Regards
Zhang Xiliang
On Thu, 2008-07-31 at 10:11 +0800, zhangxiliang wrote:
> When the "status_get->mask" is "AUDIT_STATUS_RATE_LIMIT || AUDIT_STATUS_BACKLOG_LIMIT".
> If "audit_set_rate_limit" fails and "audit_set_backlog_limit" succeeds, the "err" value will be greater than or equal to 0. It will miss the failure of rate set.
>
> Signed-off-by: Zhang Xiliang <[email protected]>
man, it gives me the heebee jeebies with the coding style but it follows
everything else
Acked-by: Eric Paris <[email protected]>
> ---
> kernel/audit.c | 4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/kernel/audit.c b/kernel/audit.c
> index e092f1c..38a4080 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -725,9 +725,11 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
> audit_pid = new_pid;
> audit_nlk_pid = NETLINK_CB(skb).pid;
> }
> - if (status_get->mask & AUDIT_STATUS_RATE_LIMIT)
> + if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) {
> err = audit_set_rate_limit(status_get->rate_limit,
> loginuid, sessionid, sid);
> + if (err < 0) return err;
> + }
> if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
> err = audit_set_backlog_limit(status_get->backlog_limit,
> loginuid, sessionid, sid);
> --
> 1.5.4.2
>
>
On Wed, Jul 30, 2008 at 11:15:50PM -0400, Eric Paris wrote:
> On Thu, 2008-07-31 at 10:11 +0800, zhangxiliang wrote:
> > When the "status_get->mask" is "AUDIT_STATUS_RATE_LIMIT || AUDIT_STATUS_BACKLOG_LIMIT".
> > If "audit_set_rate_limit" fails and "audit_set_backlog_limit" succeeds, the "err" value will be greater than or equal to 0. It will miss the failure of rate set.
> >
> > Signed-off-by: Zhang Xiliang <[email protected]>
>
> man, it gives me the heebee jeebies with the coding style but it follows
> everything else
Sanitized, applied, pushed to audit-current (audit.b53)
On Thu, 31 Jul 2008 17:04:38 +0100
Al Viro <[email protected]> wrote:
> On Wed, Jul 30, 2008 at 11:15:50PM -0400, Eric Paris wrote:
> > On Thu, 2008-07-31 at 10:11 +0800, zhangxiliang wrote:
> > > When the "status_get->mask" is "AUDIT_STATUS_RATE_LIMIT || AUDIT_STATUS_BACKLOG_LIMIT".
> > > If "audit_set_rate_limit" fails and "audit_set_backlog_limit" succeeds, the "err" value will be greater than or equal to 0. It will miss the failure of rate set.
> > >
> > > Signed-off-by: Zhang Xiliang <[email protected]>
> >
> > man, it gives me the heebee jeebies with the coding style but it follows
> > everything else
>
> Sanitized, applied, pushed to audit-current (audit.b53)
That tree doesn't appear to be in the linux-next lineup. Fixable, please?