Commit 799b6014 authored by Miklos Szeredi's avatar Miklos Szeredi Committed by Paul Moore

audit: keep inode pinned

Audit rules disappear when an inode they watch is evicted from the cache.
This is likely not what we want.

The guilty commit is "fsnotify: allow marks to not pin inodes in core",
which didn't take into account that audit_tree adds watches with a zero
mask.

Adding any mask should fix this.

Fixes: 90b1e7a5 ("fsnotify: allow marks to not pin inodes in core")
Signed-off-by: default avatarMiklos Szeredi <mszeredi@suse.cz>
Cc: stable@vger.kernel.org # 2.6.36+
Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
parent 897f1acb
...@@ -154,6 +154,7 @@ static struct audit_chunk *alloc_chunk(int count) ...@@ -154,6 +154,7 @@ static struct audit_chunk *alloc_chunk(int count)
chunk->owners[i].index = i; chunk->owners[i].index = i;
} }
fsnotify_init_mark(&chunk->mark, audit_tree_destroy_watch); fsnotify_init_mark(&chunk->mark, audit_tree_destroy_watch);
chunk->mark.mask = FS_IN_IGNORED;
return chunk; return chunk;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment