[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: patch update to ~51

On Wed, 2005-06-01 at 16:30 -0500, Timothy R. Chavez wrote:
> David and I have been working on ~51 and this patch reflects changes that we've both committed.

I'll build an audit.52 kernel with it -- I've split it back up into my
original abolish-wentry-2 patch and your additions, because my working
(well actually not working at all and not even compiling right now) tree
here is based on just the former and I'd like to be able to patch
against that.

> * Added proper error handling in fs/namei.c (I think ;-))

No likee. See separate mail.

> Two things left that I can think of:
> * Getting rid of blanket allocations of audit_inode_data

I have this half-done, as you saw in the half-complete patch I threw
over the wall last night

Should hopefully have it working today and then will do an audit.53.

> * Allowing a _list_ of watches on a watched inode
>   -> If the same inode is watched from multiple locations (or name spaces)

I think we definitely need this. Test case:

	touch /tmp/fish1
	ln /tmp/fish1 /tmp/fish2
	auditctl -w /tmp/fish1
	auditctl -w /tmp/fish2
	cat /tmp/fish1		# (see watch trigger)
	cat /tmp/fish2		# (see watch trigger)
	mv /tmp/fish2 /tmp/fish3  # (see watch trigger)
	cat /tmp/fish3		# (see watch _NOT_ trigger)
	cat /tmp/fish1		# (see watch trigger)
	cat /tmp/fish3		# (see watch trigger again)

> * Removal of local reader-writer locks on audit_inode_data?
>   -> I'm not sure that this lock is needed any longer now that there's only
>       two ways we can remove from a watchlist and neither will contend with
>       the other.
>      (1) explicit administrative action, no other administrative action can
>            occur at the same time
>      (2) audit_inode_data is being freed, inode is no longer reachable for
>           administrative action

Yeah, that's probably OK, I think.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]