[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH] filesystem location based auditing



	* path_lookup() blocks.  Don't do it under spinlocks; possible
approach is to do it early and pass pointer to nameidata down into
critical area.
	* path_release() blocks.  Dealing with path_lookup() will deal
with that - you simply do it after leaving the critical area.
	* failing path_lookup() => no path_release() is needed in cleanup.
	* spawning a thread blocks; FWIW, I'd try passing a list to
audit_remove_watch() and instead of kthread_... put on that list for
post-processing.
	* inode number alone is not enough to compare fs objects;
several filesystems easily can have inodes with the same inode numbers.
That, BTW, gives a useful test - create a filesystem, copy it to device
of the same size with dd(1), then mount both.  And try to mix watching
the corresponding places on both filesystems.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]