Received: by 2002:a05:6a10:a841:0:0:0:0 with SMTP id d1csp47237pxy; Wed, 21 Apr 2021 18:05:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzZIO9GBFxEUcwmPUarjaEP3QYVPTC2wOdL8Gq1JxcKialLmmkEiYHSblschLvzzSMocGqI X-Received: by 2002:a17:902:bd4a:b029:ec:7b39:9738 with SMTP id b10-20020a170902bd4ab02900ec7b399738mr961458plx.59.1619053516713; Wed, 21 Apr 2021 18:05:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1619053516; cv=none; d=google.com; s=arc-20160816; b=Kk9z45ogMcEED6Q0/xaX/L37n6Ri7zTuF8xc09BAW/YIJyZ3bxTogSGfK0Fud2CucU 7TAPEN7C4sQ1PscS6loAqQPHMIXqYZSgeMK0TL605zhx4cWwL/zUHN86KSCXsv/gxYNV Le1vUUcYLLwQM4oEx5MoWbtZOcUUSgXdm2UB9UPiFAiN9ZSStsbwSpSdi5gb2wZKaDC6 Ier7+9wdkJVQ6BTIYJ5okuinS8SqMeGHRlGBJyX9tOGUg9Kj70EaVGpOFye7amGlXnp7 373guQAOixgEag99/pB4JNyS9m3OIZE0akPsEZ+6LaQ5AQGelVBLXnXQDBwLvEFlTTY3 ieLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=i2gnFyBa30zVwz1K/L6S0r8solVsMJjfsMacMOrQKsU=; b=KQu+ErPsYHihAYEdf26sSjDA9O3Xtl0LhY9sInvJHkNGDCVyBgaIQihZ1Fi8IblNYb EsKsnYnJEBAJIy6fI2JuPccoPmruQNZKtuzNuOq+hKZ8Et6CG5b//O2CHUId9bJrFm6d gJSXyuypKiYk0h6nl5OQastvLr4IhNeArZW6J1jmWHhDuWp2ygsCY5JvAPdKIZdDI+T1 pXFJFhd5v1BeEAECuq7s5DalO0wxpfgJrgSXSSA0LLegHgKYUsTkHVmdlN3gtlPO95Ex +OeFcXiYq6jdurxjZz2RTEpwyY8K4IzSfOIJs7yilKqWDf+B065cgY7MtcRCkKJ9R6aw UV9Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=Ox+u8ztg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f11si1315503pgv.577.2021.04.21.18.05.04; Wed, 21 Apr 2021 18:05:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=Ox+u8ztg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244647AbhDURPg (ORCPT + 99 others); Wed, 21 Apr 2021 13:15:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242773AbhDURPc (ORCPT ); Wed, 21 Apr 2021 13:15:32 -0400 Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA3FFC06174A for ; Wed, 21 Apr 2021 10:14:57 -0700 (PDT) Received: by mail-ed1-x52f.google.com with SMTP id cq11so6619946edb.0 for ; Wed, 21 Apr 2021 10:14:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=i2gnFyBa30zVwz1K/L6S0r8solVsMJjfsMacMOrQKsU=; b=Ox+u8ztgX4f0xss71LqTRBYCI7/8RjrQJ/yjc9wkfY7wNCHyf23bwpjhlZT6iXcDXt HoqdyKMRyN0isaGQkW0HwC/rIXsMxw/pcLEX9PYAM0dMxEy1wGD/2n8j4jVXpkeTS6f8 LO5oL8Ei5UDyNihL30C2zLpzTMz8/DHMaw29Xj6JKTBeTcwgqn3/RKEN0hj/akx4Su6t zWGxYHJtHSNYA4q05RLc/J4jJHtnT7dmKkKoZYdsplJPqyPGXtH6AoI9JaFjB4CCVLeO /wnHA2dQ8KNV4YPrau/DBrfXQckEFQdVmOwXCxgTazQWrV+LUIJi4d+0q8RcoyNfOhfn Hx1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=i2gnFyBa30zVwz1K/L6S0r8solVsMJjfsMacMOrQKsU=; b=Ojpd+jgaAbSBpFYWoZxKFAVq9b4iBYv09K2f3It7alC1kPj0gCND110jYIM34234Zl TFYnKw/ei4tz/XZRKDzpYoK/UtHKpHuy3UrJcPPiZmyR1MwZ5Wt3QLYL0rtxxapVRLvk nHRyEWUaxyvhYsHe62gkksuK4kyvU0gqZf5rZUtbOTQBOj4DmoyWn5UZHqerc6n2zy9G 1c9sIlzEuV9eGgXpQ2AICJMSEcPzXks7nVrSQLayYknbtDinTUlX59e4A6H9+Mi5XDC/ HYRtvGvGPuXj6hfTZMjA+1kY9Uac1HW/BPDqEY9DrE9rXhSekeDMA0RhUyYCqJQGvEqw keIw== X-Gm-Message-State: AOAM533aQw9G4w3Yv6UEwTCOEGWK6IPhWCPhL1LWDCnVESEfSOxG/0eu yxC+TJTgID1obGWAck6BLxZTSbPwhK/VfNLvxxWm X-Received: by 2002:a05:6402:1cc1:: with SMTP id ds1mr38445644edb.135.1619025295842; Wed, 21 Apr 2021 10:14:55 -0700 (PDT) MIME-Version: 1.0 References: <20210421130105.1226686-1-gregkh@linuxfoundation.org> <20210421130105.1226686-86-gregkh@linuxfoundation.org> <20210421170257.GJ3141668@madcap2.tricolour.ca> In-Reply-To: <20210421170257.GJ3141668@madcap2.tricolour.ca> From: Paul Moore Date: Wed, 21 Apr 2021 13:14:44 -0400 Message-ID: Subject: Re: [PATCH 085/190] Revert "audit: fix a memory leak bug" To: Richard Guy Briggs Cc: Greg Kroah-Hartman , linux-kernel@vger.kernel.org, Wenwen Wang Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 21, 2021 at 1:03 PM Richard Guy Briggs wrote: > On 2021-04-21 12:18, Paul Moore wrote: > > On Wed, Apr 21, 2021 at 9:04 AM Greg Kroah-Hartman > > wrote: > > > > > > This reverts commit 70c4cf17e445264453bc5323db3e50aa0ac9e81f. > > > > > > Commits from @umn.edu addresses have been found to be submitted in "bad > > > faith" to try to test the kernel community's ability to review "known > > > malicious" changes. The result of these submissions can be found in a > > > paper published at the 42nd IEEE Symposium on Security and Privacy > > > entitled, "Open Source Insecurity: Stealthily Introducing > > > Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University > > > of Minnesota) and Kangjie Lu (University of Minnesota). > > > > > > Because of this, all submissions from this group must be reverted from > > > the kernel tree and will need to be re-reviewed again to determine if > > > they actually are a valid fix. Until that work is complete, remove this > > > change to ensure that no problems are being introduced into the > > > codebase. > > > > > > Cc: Wenwen Wang > > > Cc: Richard Guy Briggs > > > Cc: Paul Moore > > > Signed-off-by: Greg Kroah-Hartman > > > --- > > > kernel/auditfilter.c | 12 +++++------- > > > 1 file changed, 5 insertions(+), 7 deletions(-) > > > > NACK on this revert. I've looked at the original patch again this > > morning, and the original patch still looks correct and doesn't appear > > to introduce any new faults to the best of my understanding. > > Agreed. Though on review, a much simpler fix to my original patch that > caused this problem requiring this fix > e85322d21cfebeac64f58a204e9adc0bc5c1e46f rgb 2014-10-02 ("audit: cull redundancy in audit_rule_change") > would have been the two-liner in the error path similar to the pattern > in audit_data_to_entry() error path would have been: > > if (entry->rule.tree) > audit_put_tree(entry->rule.tree); /* that's the temporary one */ Given the situation this morning I think it is best to limit discussion on this thread to just the safety of the patches in question and the necessity of the reverts Greg is proposing here. If you have suggestions about how to clean-up or otherwise improve the code relating to these patches I think it is better to have that discussion in the appropriate subsystem list/forum/etc (as one would do normally). -- paul moore www.paul-moore.com