(Al, this is a fix for the -mm patch
audit-support-for-context-based-audit-filtering-2.patch. Please fold
in with lspp.b7 3811b185122022cd5e59b1ca85342b820e3b3e22 on next
rebase.)
Use list_for_each_entry_safe() in selinux_audit_rule_update() to
protect against call_rcu() on list entries while traversing.
Signed-off-by: Amy Griffis <amy.griffis(a)hp.com>
---
kernel/auditfilter.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
71476af7bf618dee43c9ac86b0227882df412152
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 7b91a1e..f1151a2 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -1397,7 +1397,7 @@ static inline int audit_rule_has_selinux
* updated rule. */
int selinux_audit_rule_update(void)
{
- struct audit_entry *entry, *nentry;
+ struct audit_entry *entry, *n, *nentry;
struct audit_watch *watch;
int i, err = 0;
@@ -1405,7 +1405,7 @@ int selinux_audit_rule_update(void)
mutex_lock(&audit_filter_mutex);
for (i = 0; i < AUDIT_NR_FILTERS; i++) {
- list_for_each_entry(entry, &audit_filter_list[i], list) {
+ list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) {
if (!audit_rule_has_selinux(&entry->rule))
continue;
--
1.3.0