| Message ID | 20230317033733.1450702-1-cuigaosheng1@huawei.com (mailing list archive) |
|---|---|
| State | Rejected |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | [-next] audit: let the caller of audit_get_sk() ensure that net is valid | expand |
On Thu, Mar 16, 2023 at 11:38 PM Gaosheng Cui <cuigaosheng1@huawei.com> wrote: > > The caller of audit_get_sk() must ensure that net is valid, otherwise > there will be null-prt-defer, for example, in the netlink_unicast(). > > Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com> > --- > kernel/audit.c | 7 ++----- > 1 file changed, 2 insertions(+), 5 deletions(-) > > diff --git a/kernel/audit.c b/kernel/audit.c > index 9bc0b0301198..6a42a3801d01 100644 > --- a/kernel/audit.c > +++ b/kernel/audit.c > @@ -285,16 +285,13 @@ static pid_t auditd_pid_vnr(void) > * @net: the destination network namespace > * > * Description: > - * Returns the sock pointer if valid, NULL otherwise. The caller must ensure > - * that a reference is held for the network namespace while the sock is in use. > + * Returns the sock pointer. The caller must ensure than net is valid and > + * a reference is held for the network namespace while the sock is in use. > */ > static struct sock *audit_get_sk(const struct net *net) > { > struct audit_net *aunet; > > - if (!net) > - return NULL; I'd prefer to keep this check in place, and I think it may be required to ensure proper behavior in kauditd_thread()/kauditd_send_queue(). > aunet = net_generic(net, audit_net_id); > return aunet->sk; > } > -- > 2.25.1
> I'd prefer to keep this check in place, and I think it may be required > to ensure proper behavior in kauditd_thread()/kauditd_send_queue(). ok,thanks for taking time to review this patch. On 2023/3/23 23:40, Paul Moore wrote: > On Thu, Mar 16, 2023 at 11:38 PM Gaosheng Cui <cuigaosheng1@huawei.com> wrote: >> The caller of audit_get_sk() must ensure that net is valid, otherwise >> there will be null-prt-defer, for example, in the netlink_unicast(). >> >> Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com> >> --- >> kernel/audit.c | 7 ++----- >> 1 file changed, 2 insertions(+), 5 deletions(-) >> >> diff --git a/kernel/audit.c b/kernel/audit.c >> index 9bc0b0301198..6a42a3801d01 100644 >> --- a/kernel/audit.c >> +++ b/kernel/audit.c >> @@ -285,16 +285,13 @@ static pid_t auditd_pid_vnr(void) >> * @net: the destination network namespace >> * >> * Description: >> - * Returns the sock pointer if valid, NULL otherwise. The caller must ensure >> - * that a reference is held for the network namespace while the sock is in use. >> + * Returns the sock pointer. The caller must ensure than net is valid and >> + * a reference is held for the network namespace while the sock is in use. >> */ >> static struct sock *audit_get_sk(const struct net *net) >> { >> struct audit_net *aunet; >> >> - if (!net) >> - return NULL; > I'd prefer to keep this check in place, and I think it may be required > to ensure proper behavior in kauditd_thread()/kauditd_send_queue(). > >> aunet = net_generic(net, audit_net_id); >> return aunet->sk; >> } >> -- >> 2.25.1
diff --git a/kernel/audit.c b/kernel/audit.c index 9bc0b0301198..6a42a3801d01 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -285,16 +285,13 @@ static pid_t auditd_pid_vnr(void) * @net: the destination network namespace * * Description: - * Returns the sock pointer if valid, NULL otherwise. The caller must ensure - * that a reference is held for the network namespace while the sock is in use. + * Returns the sock pointer. The caller must ensure than net is valid and + * a reference is held for the network namespace while the sock is in use. */ static struct sock *audit_get_sk(const struct net *net) { struct audit_net *aunet; - if (!net) - return NULL; - aunet = net_generic(net, audit_net_id); return aunet->sk; }
The caller of audit_get_sk() must ensure that net is valid, otherwise there will be null-prt-defer, for example, in the netlink_unicast(). Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com> --- kernel/audit.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-)