Re: [RFC PATCH] audit: the fix RCU locking for the auditd_connection structure

On Fri, Apr 28, 2017 at 12:13 PM, Paul Moore <paul(a)paul-moore.com&gt; wrote: > On Fri, Apr 28, 2017 at 12:09 PM, Paul Moore <pmoore(a)redhat.com&gt; wrote: >> From: Paul Moore <paul(a)paul-moore.com&gt; >> >> Cong Wang correctly pointed out that the RCU read locking of the >> auditd_connection struct was wrong, this patch correct this by >> adopting a more traditional, and correct RCU locking model. >> >> This patch is heavily based on an earlier prototype by Cong Wang. >> >> [XXX: Cong Wang, as mentioned previously, I'd like to add your >> sign-off; please let me know if that is okay with you.] >> >> Cc: <stable(a)vger.kernel.org&gt; # 4.11.x-: 264d509637d9 >> Reported-by: Cong Wang <xiyou.wangcong(a)gmail.com&gt; >> ??!! -> Signed-off-by: Cong Wang <xiyou.wangcong(a)gmail.com&gt; >> Signed-off-by: Paul Moore <paul(a)paul-moore.com&gt; >> --- >> kernel/audit.c | 157 ++++++++++++++++++++++++++++++++++++-------------------- >> 1 file changed, 100 insertions(+), 57 deletions(-) > > A quick note that I haven't tested this yet, I'm in the process of > building a kernel now, I just wanted to send this out early to in case > anyone noticed anything incredibly stupid. I've booted the patch a few times, and run audit-testsuite and selinux-testsuite against it without problem. I'm currently hitting the system with a constant stream of audit records while I restart the audit daemon every five seconds, ~15m and everything still appears to be working correctly. In case anyone wants to play with a Fedora kernel build, you can get a pre-built binary here for x86_64: https://copr.fedorainfracloud.org/coprs/pcmoore/kernel-testing/build/544810