audit: make sure we never skip the multicast broadcast
When the auditd connection is reset, either intentionally or due to a failure, any records that were in the main backlog queue would not be sent in a multicast broadcast. This patch fixes this problem by not flushing the main backlog queue on a connection reset, the main kauditd_thread() will take care of that normally. Resolves: https://github.com/linux-audit/audit-kernel/issues/41 Reviewed-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Paul Moore
Родитель
c81be52a3a
Коммит
cd33f5f2cb
|
|
@ -605,11 +605,10 @@ static void auditd_reset(const struct auditd_connection *ac)
|
||||||
if (ac_old)
|
if (ac_old)
|
||||||
call_rcu(&ac_old->rcu, auditd_conn_free);
|
call_rcu(&ac_old->rcu, auditd_conn_free);
|
||||||
|
|
||||||
/* flush all of the main and retry queues to the hold queue */
|
/* flush the retry queue to the hold queue, but don't touch the main
|
||||||
|
* queue since we need to process that normally for multicast */
|
||||||
while ((skb = skb_dequeue(&audit_retry_queue)))
|
while ((skb = skb_dequeue(&audit_retry_queue)))
|
||||||
kauditd_hold_skb(skb);
|
kauditd_hold_skb(skb);
|
||||||
while ((skb = skb_dequeue(&audit_queue)))
|
|
||||||
kauditd_hold_skb(skb);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче