From 65ada7bc02e2dcea6dea1f11876e712d5ea7e9ba Mon Sep 17 00:00:00 2001 From: Dmitry Monakhov Date: Mon, 1 Apr 2013 11:00:00 +0400 Subject: [PATCH] audit: destroy long filenames correctly filename should be destroyed via final_putname() instead of __putname() Otherwise this result in following BUGON() in case of long names: kernel BUG at mm/slab.c:3006! Call Trace: kmem_cache_free+0x1c1/0x850 audit_putname+0x88/0x90 putname+0x73/0x80 sys_symlinkat+0x120/0x150 sys_symlink+0x16/0x20 system_call_fastpath+0x16/0x1b Introduced-in: 7950e3852 Signed-off-by: Dmitry Monakhov Reviewed-by: Jeff Layton Signed-off-by: Eric Paris --- kernel/auditsc.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 77c705c302f7..b59ffb293ded 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1024,7 +1024,7 @@ static inline void audit_free_names(struct audit_context *context) list_for_each_entry_safe(n, next, &context->names_list, list) { list_del(&n->list); if (n->name && n->name_put) - __putname(n->name); + final_putname(n->name); if (n->should_free) kfree(n); } @@ -2050,7 +2050,7 @@ void audit_putname(struct filename *name) BUG_ON(!context); if (!context->in_syscall) { #if AUDIT_DEBUG == 2 - printk(KERN_ERR "%s:%d(:%d): __putname(%p)\n", + printk(KERN_ERR "%s:%d(:%d): final_putname(%p)\n", __FILE__, __LINE__, context->serial, name); if (context->name_count) { struct audit_names *n; @@ -2061,7 +2061,7 @@ void audit_putname(struct filename *name) n->name, n->name->name ?: "(null)"); } #endif - __putname(name); + final_putname(name); } #if AUDIT_DEBUG else { -- 2.20.1