[PATCH V4 (was V6)] audit: save signal match info in case entry passed in is the one deleted

Richard Guy Briggs rgb at redhat.com
Sat Aug 1 19:44:01 UTC 2015


Move the access to the entry for audit_match_signal() to the beginning of the
function in case the entry found is the same one passed in.  This will enable
it to be used by audit_remove_mark_rule().

Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
---
 kernel/auditfilter.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 4cb9b44..afb63b3 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -943,6 +943,7 @@ static inline int audit_del_rule(struct audit_entry *entry)
 	int ret = 0;
 #ifdef CONFIG_AUDITSYSCALL
 	int dont_count = 0;
+	int match_signal = !audit_match_signal(entry);
 
 	/* If either of these, don't count towards total */
 	if (entry->rule.listnr == AUDIT_FILTER_USER ||
@@ -972,7 +973,7 @@ static inline int audit_del_rule(struct audit_entry *entry)
 	if (!dont_count)
 		audit_n_rules--;
 
-	if (!audit_match_signal(entry))
+	if (match_signal)
 		audit_signals--;
 #endif
 	mutex_unlock(&audit_filter_mutex);
-- 
1.7.1




More information about the Linux-audit mailing list