Re: [PATCH 15/19] kernel: convert audit_tree.count from atomic_t to refcount_t
From: Paul Moore <hidden>
Date: 2017-02-20 22:07:25
Also in:
linux-fsdevel, lkml
On Mon, Feb 20, 2017 at 5:19 AM, Elena Reshetova [off-list ref] wrote:
refcount_t type and corresponding API should be used instead of atomic_t when the variable is used as a reference counter. This allows to avoid accidental refcounter overflows that might lead to use-after-free situations. Signed-off-by: Elena Reshetova <redacted> Signed-off-by: Hans Liljestrand <redacted> Signed-off-by: Kees Cook <redacted> Signed-off-by: David Windsor <redacted> --- kernel/audit_tree.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)
No objection on my end, same for patch 16/19. I have no problem merging both these patches into the audit/next branch after the merge window, is that your goal or are you merging these via a different tree?
quoted hunk ↗ jump to hunk
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c index 7b44195..7ed617b 100644 --- a/kernel/audit_tree.c +++ b/kernel/audit_tree.c@@ -9,7 +9,7 @@ struct audit_tree; struct audit_chunk; struct audit_tree { - atomic_t count; + refcount_t count; int goner; struct audit_chunk *root; struct list_head chunks;@@ -77,7 +77,7 @@ static struct audit_tree *alloc_tree(const char *s) tree = kmalloc(sizeof(struct audit_tree) + strlen(s) + 1, GFP_KERNEL); if (tree) { - atomic_set(&tree->count, 1); + refcount_set(&tree->count, 1); tree->goner = 0; INIT_LIST_HEAD(&tree->chunks); INIT_LIST_HEAD(&tree->rules);@@ -91,12 +91,12 @@ static struct audit_tree *alloc_tree(const char *s) static inline void get_tree(struct audit_tree *tree) { - atomic_inc(&tree->count); + refcount_inc(&tree->count); } static inline void put_tree(struct audit_tree *tree) { - if (atomic_dec_and_test(&tree->count)) + if (refcount_dec_and_test(&tree->count)) kfree_rcu(tree, head); }
-- paul moore www.paul-moore.com