Re: [PATCH 3/5] audit: store audit_pid as a struct pid pointer

On 12/23, Richard Guy Briggs wrote: I started to read the changelog only after I failed to understand the patch. And it looks confusing too. "Refuse to set the current audit_pid if the new value is not its own PID", OK, but if the new value is the caller's pid then it should obviously point to the existing process, current? I can't apply this patch (and the previous one) due to multiple rejects, I guess it depends on other changes? In any case, this patch looks wrong. But this can actually free this pid. Why it is safe to use it elsewhere? This also means that every "if (audit_pid)" is racy. can't understand... find_get_pid(s.pid) is pointless if s.pid == 0 ? struct pid *new_pid = NULL; if (new_pid) { new_pid = find_get_pid(s.pid); if (!new_pid) return -ESRCH; } looks more understandable. again, this looks a bit confusing and suboptimal. Imho it would be better to add if (new_pid != task_tgid(current)) into the "if (s.pid)" above. Hmm, actually task_pid_vnr() above looks simply wrong, we need tgid or I am totally confused. OTOH, if we require s.pid == task_pid_vnr(current), then why do we need find_pid() at all? this lacks put_pid(new_pid). and this can go into the "else" branch. And I can't understand the "it isn't orphaning another process" logic... OK, what if s.pid == 0 and audit_pid == NULL, should we fail in this case? And I do not see how this matches "Refuse to set the current audit_pid if the new value is not its own PID" from the changelog. Another leak, it seems. So is this audit_pid tid or tgid? Its usage looks totally confusing. Anyway, if (audit_pid == task_pid(current)) (or probably task_tgid) looks much better. in this case you need to update Documentation/CodingStyle ;) Oleg.