Re: [PATCH] Add audit uid to netlink credentials
Hello!
> Reception of netlink messages in the kernel happens in the
context
> of the sending process, so you can simply call
> audit_get_loginuid(current->audit_context) in audit_receive_msg().
Then why does netlink_sendmsg() need to save the effective capability
Yes, when kernel receives a message, it can be processed in context
of another process. This happens with rtnetlink, which queues messages
when someone holds netadmin semaphore and processing of backlog happens
in context of process which holds the semaphore.
Unfortunately, audit uses the same twisted way. Actually, if people
expected synchronous processing, it is better to replace
if (down_trylock(&audit_netlink_sem))
return;
with plain down(&audit_netlink_sem);
Alexey