Re: [PATCH V2 2/6] audit: log namespace serial numbers
On Fri, 2014-05-09 at 20:27 -0400, Richard Guy Briggs wrote:
Not so relevant because you delete all of this code later... But
still...
+#ifdef CONFIG_NAMESPACES
+void audit_log_namespace_info(struct audit_buffer *ab, struct task_struct *tsk)
+{
+ struct nsproxy *nsproxy;
+
+ rcu_read_lock();
ok, so we are under rcu_read_lock() and cannot sleep
+ nsproxy = task_nsproxy(tsk);
+ if (nsproxy != NULL) {
+ audit_log_format(ab, " mntns=%llx", nsproxy->mnt_ns->serial_num);
But this could do an allocation, are we sure that everything used
GFP_ATOMIC when creating the audit buffer? [hint: it doesn't]