Re: [PATCH] netlink: have netlink per-protocol bind function return an error code.
From: Richard Guy Briggs <rgb(a)redhat.com>
Date: Fri, 21 Mar 2014 12:39:11 -0400
@@ -1441,6 +1441,17 @@ static int netlink_bind(struct socket *sock,
struct sockaddr *addr,
if (!nladdr->nl_groups && (nlk->groups == NULL ||
!(u32)nlk->groups[0]))
return 0;
+ if (nlk->netlink_bind && nladdr->nl_groups) {
+ int i;
+
+ for (i = 0; i < nlk->ngroups; i++)
+ if (test_bit(i, (long unsigned int *)&nladdr->nl_groups)) {
+ err = nlk->netlink_bind(i);
+ if (err)
+ return err;
+ }
+ }
+
You can't just leave a partially set of completed bindings in place.
It's not valid to leave half-baked state like this.
If you return an error, all of the binding state changes must be
completely undone.
If you can't find a way to do this cleanly, you'll need to find
a way for the audit code to not return an error.