[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH] Add audit uid to netlink credentials



Hello!

> > Reception of netlink messages in the kernel happens in the context
> > of the sending process, so you can simply call
> > audit_get_loginuid(current->audit_context) in audit_receive_msg().
> 
> Then why does netlink_sendmsg() need to save the effective capability

Yes, when kernel receives a message, it can be processed in context
of another process. This happens with rtnetlink, which queues messages
when someone holds netadmin semaphore and processing of backlog happens
in context of process which holds the semaphore.

Unfortunately, audit uses the same twisted way. Actually, if people
expected synchronous processing, it is better to replace

if (down_trylock(&audit_netlink_sem))
	return;

with plain down(&audit_netlink_sem);

Alexey


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]