Commit 00bff392 authored by Xiaotian Feng's avatar Xiaotian Feng Committed by Greg Kroah-Hartman

tty_audit: fix tty_audit_add_data live lock on audit disabled

The current tty_audit_add_data code:

        do {
                size_t run;

                run = N_TTY_BUF_SIZE - buf->valid;
                if (run > size)
                        run = size;
                memcpy(buf->data + buf->valid, data, run);
                buf->valid += run;
                data += run;
                size -= run;
                if (buf->valid == N_TTY_BUF_SIZE)
                        tty_audit_buf_push_current(buf);
        } while (size != 0);

If the current buffer is full, kernel will then call tty_audit_buf_push_current
to empty the buffer. But if we disabled audit at the same time, tty_audit_buf_push()
returns immediately if audit_enabled is zero.  Without emptying the buffer.
With obvious effect on tty_audit_add_data() that ends up spinning in that loop,
copying 0 bytes at each iteration and attempting to push each time without any effect.
Holding the lock all along.
Suggested-by: default avatarAlexander Viro <aviro@redhat.com>
Signed-off-by: default avatarXiaotian Feng <dfeng@redhat.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent b71dc887
...@@ -95,8 +95,10 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid, ...@@ -95,8 +95,10 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
{ {
if (buf->valid == 0) if (buf->valid == 0)
return; return;
if (audit_enabled == 0) if (audit_enabled == 0) {
buf->valid = 0;
return; return;
}
tty_audit_log("tty", tsk, loginuid, sessionid, buf->major, buf->minor, tty_audit_log("tty", tsk, loginuid, sessionid, buf->major, buf->minor,
buf->data, buf->valid); buf->data, buf->valid);
buf->valid = 0; buf->valid = 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment