On 2020-07-03 09:36, Paul Moore wrote:
Commit 142240398e50 ("audit: add gfp parameter to
audit_log_nfcfg")
incorrectly passed gfp flags to audit_log_nfcfg() which were not
consistent with the calling function, this commit fixes that.
Fixes: 142240398e50 ("audit: add gfp parameter to audit_log_nfcfg")
Reported-by: Jones Desougi <jones.desougi+netfilter(a)gmail.com>
Signed-off-by: Paul Moore <paul(a)paul-moore.com>
Looks good to me. For what it's worth:
Reviewed-by: Richard Guy Briggs <rgb(a)redhat.com>
---
net/netfilter/nf_tables_api.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index f7ff91479647..886e64291f41 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5953,7 +5953,7 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct
netlink_callback *cb)
goto cont;
if (reset) {
- char *buf = kasprintf(GFP_KERNEL,
+ char *buf = kasprintf(GFP_ATOMIC,
"%s:%llu;?:0",
table->name,
table->handle);
@@ -5962,7 +5962,7 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct
netlink_callback *cb)
family,
obj->handle,
AUDIT_NFT_OP_OBJ_RESET,
- GFP_KERNEL);
+ GFP_ATOMIC);
kfree(buf);
}
@@ -6084,7 +6084,7 @@ static int nf_tables_getobj(struct net *net, struct sock *nlsk,
family,
obj->handle,
AUDIT_NFT_OP_OBJ_RESET,
- GFP_KERNEL);
+ GFP_ATOMIC);
kfree(buf);
}
@@ -6172,7 +6172,7 @@ void nft_obj_notify(struct net *net, const struct nft_table
*table,
event == NFT_MSG_NEWOBJ ?
AUDIT_NFT_OP_OBJ_REGISTER :
AUDIT_NFT_OP_OBJ_UNREGISTER,
- GFP_KERNEL);
+ gfp);
kfree(buf);
if (!report &&
- RGB
--
Richard Guy Briggs <rgb(a)redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635