From: Alexander Viro <aviro@redhat.com> Date: Mon, 8 Dec 2008 02:30:39 -0500 Subject: [audit] assorted audit_filter_task panics on ctx == NULL Message-id: 20081208073039.GA24795@shell.devel.redhat.com O-Subject: [rhel5.4][bz#475147] fix assorted audit_filter_task() panics on ctx == NULL Bugzilla: 475147 RH-Acked-by: Jiri Pirko <jpirko@redhat.com> RH-Acked-by: Pete Zaitcev <zaitcev@redhat.com> RH-Acked-by: Eric Paris <eparis@redhat.com> [on top of rhel5 git] This is a combined backport of mainline commits 980dfb0db340b95094732d78b55311f2c539c1af [PATCH] Fix the kernel panic of audit_filter_task when key field is set 1a61c88defcd611bd148d6c960b498e1b8bbbe00 Re: [PATCH] Fix the kernel panic of audit_filter_task when key field is set by zhangxiliang <zhangxiliang@cn.fujitsu.com> and c4bacefb7aaf49da11a695f29d85d40909f17693 [PATCH] audit: Moved variable declaration to beginning of function by Cordelia <cordsam@linux.vnet.ibm.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 5d3a2a8..6524dcb 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -250,7 +250,10 @@ static inline int open_arg(int flags, int mask) static int audit_match_perm(struct audit_context *ctx, int mask) { - unsigned n = ctx->major; + unsigned n; + if (unlikely(!ctx)) + return 0; + n = ctx->major; switch (audit_classify_syscall(ctx->arch, n)) { case 0: /* native */ if ((mask & AUDIT_PERM_WRITE) && @@ -291,6 +294,8 @@ static int audit_match_filetype(struct audit_context *ctx, int which) { unsigned index = which & ~S_IFMT; mode_t mode = which & S_IFMT; + if (unlikely(!ctx)) + return 0; if (index >= ctx->name_count) return 0; if (ctx->names[index].ino == -1) @@ -604,15 +609,14 @@ static int audit_filter_rules(struct task_struct *tsk, result = audit_match_perm(ctx, f->val); break; case AUDIT_FILETYPE: - if (ctx) - result = audit_match_filetype(ctx, f->val); + result = audit_match_filetype(ctx, f->val); break; } if (!result) return 0; } - if (rule->filterkey) + if (rule->filterkey && ctx) ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC); switch (rule->action) { case AUDIT_NEVER: *state = AUDIT_DISABLED; break;