From: Eric Paris Date: Thu, 11 Jun 2009 18:31:33 +0000 (-0400) Subject: Audit: fix audit watch use after free X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=35aa901c0b66cb3c2eeee23f13624014825a44a8;p=GitHub%2Fexynos8895%2Fandroid_kernel_samsung_universal8895.git Audit: fix audit watch use after free When an audit watch is added to a parent the temporary watch inside the original krule from userspace is freed. Yet the original watch is used after the real watch was created in audit_add_rules() Signed-off-by: Eric Paris --- diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 713098ee5a02..19c0a0a2cede 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1320,6 +1320,8 @@ static inline int audit_add_rule(struct audit_entry *entry) mutex_unlock(&audit_filter_mutex); goto error; } + /* entry->rule.watch may have changed during audit_add_watch() */ + watch = entry->rule.watch; h = audit_hash_ino((u32)watch->ino); list = &audit_inode_hash[h]; }