On Sat, Jun 27, 2020 at 11:25 PM Richard Guy Briggs <rgb(a)redhat.com> wrote:
Fixed an inconsistent use of GFP flags in nft_obj_notify() that used
GFP_KERNEL when a GFP flag was passed in to that function. Given this
allocated memory was then used in audit_log_nfcfg() it led to an audit
of all other GFP allocations in net/netfilter/nf_tables_api.c and a
modification of audit_log_nfcfg() to accept a GFP parameter.
Reported-by: Dan Carptenter <dan.carpenter(a)oracle.com>
Signed-off-by: Richard Guy Briggs <rgb(a)redhat.com>
---
Passes audit-testsuite.
include/linux/audit.h | 8 ++++----
kernel/auditsc.c | 4 ++--
net/bridge/netfilter/ebtables.c | 6 +++---
net/netfilter/nf_tables_api.c | 33 +++++++++++++++++++++------------
net/netfilter/x_tables.c | 5 +++--
5 files changed, 33 insertions(+), 23 deletions(-)
Merged into audit/next.
--
paul moore
www.paul-moore.com