Re: [PATCH] audit: remove the audit freelist
Richard Guy Briggs <rgb(a)redhat.com> wrote:
> static void audit_buffer_free(struct audit_buffer *ab)
> {
> - unsigned long flags;
> -
> if (!ab)
> return;
>
> kfree_skb(ab->skb);
> - spin_lock_irqsave(&audit_freelist_lock, flags);
> - if (audit_freelist_count > AUDIT_MAXFREE)
> - kfree(ab);
> - else {
> - audit_freelist_count++;
> - list_add(&ab->list, &audit_freelist);
> - }
> - spin_unlock_irqrestore(&audit_freelist_lock, flags);
> + kfree(ab);
> }
[..]
> nlh = nlmsg_put(ab->skb, 0, 0, type, 0, 0);
> if (!nlh)
> - goto out_kfree_skb;
> + goto err;
>
> return ab;
>
> -out_kfree_skb:
> - kfree_skb(ab->skb);
> - ab->skb = NULL;
Why is the kfree_skb() skipped on error from nlmsg_put()? I don't see
much risk in nlmsg_put() failing considering the very simple arguments,
however the code path is not trivial either.
if nlmsg_put fails we jump to err and ...
> err:
> audit_buffer_free(ab);
> return NULL;
... ab->skb gets free'd by audit_buffer_free() here.