summaryrefslogtreecommitdiff
path: root/kernel/audit_watch.c
diff options
context:
space:
mode:
authorAmir Goldstein <amir73il@gmail.com>2020-07-22 15:58:43 +0300
committerJan Kara <jack@suse.cz>2020-07-28 00:16:33 +0300
commit7dbe6080167860df0bf8627e55fd5154f366cc7a (patch)
treed1f584c869fbf1309d5bc759e66f4cb6cde549b7 /kernel/audit_watch.c
parent957f7b472c6b6de4214bf5144b811ab83a9b9465 (diff)
downloadlinux-7dbe6080167860df0bf8627e55fd5154f366cc7a.tar.xz
audit: do not set FS_EVENT_ON_CHILD in audit marks mask
The audit group marks mask does not contain any events possible on a child so setting the flag FS_EVENT_ON_CHILD in the mask is counter productive. It may lead to the undesired outcome of setting the dentry flag DCACHE_FSNOTIFY_PARENT_WATCHED on a directory inode even though it is not watching children, because the audit mark contribute the flag FS_EVENT_ON_CHILD to the inode's fsnotify_mask and another mark could be contributing an event that is possible on child to the inode's mask. Furthermore in the following patches we want to use FS_EVENT_ON_CHILD for non-dir inodes for other purposes so stop using the flag. Link: https://lore.kernel.org/r/20200722125849.17418-4-amir73il@gmail.com Signed-off-by: Amir Goldstein <amir73il@gmail.com> Signed-off-by: Jan Kara <jack@suse.cz>
Diffstat (limited to 'kernel/audit_watch.c')
-rw-r--r--kernel/audit_watch.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
index 61fd601f1edf..e23d54bcc587 100644
--- a/kernel/audit_watch.c
+++ b/kernel/audit_watch.c
@@ -53,7 +53,7 @@ static struct fsnotify_group *audit_watch_group;
/* fsnotify events we care about. */
#define AUDIT_FS_WATCH (FS_MOVE | FS_CREATE | FS_DELETE | FS_DELETE_SELF |\
- FS_MOVE_SELF | FS_EVENT_ON_CHILD | FS_UNMOUNT)
+ FS_MOVE_SELF | FS_UNMOUNT)
static void audit_free_parent(struct audit_parent *parent)
{