Commit 142240398e50 ("audit: add gfp parameter to audit_log_nfcfg")
incorrectly passed gfp flags to audit_log_nfcfg() which were not
consistent with the calling function, this commit fixes that.
Fixes: 142240398e50 ("audit: add gfp parameter to audit_log_nfcfg")
Reported-by: Jones Desougi <[email protected]>
Signed-off-by: Paul Moore <[email protected]>
---
net/netfilter/nf_tables_api.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index f7ff91479647..886e64291f41 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5953,7 +5953,7 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct
netlink_callback *cb)
goto cont;
if (reset) {
- char *buf = kasprintf(GFP_KERNEL,
+ char *buf = kasprintf(GFP_ATOMIC,
"%s:%llu;?:0",
table->name,
table->handle);
@@ -5962,7 +5962,7 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct
netlink_callback *cb)
family,
obj->handle,
AUDIT_NFT_OP_OBJ_RESET,
- GFP_KERNEL);
+ GFP_ATOMIC);
kfree(buf);
}
@@ -6084,7 +6084,7 @@ static int nf_tables_getobj(struct net *net, struct sock
*nlsk,
family,
obj->handle,
AUDIT_NFT_OP_OBJ_RESET,
- GFP_KERNEL);
+ GFP_ATOMIC);
kfree(buf);
}
@@ -6172,7 +6172,7 @@ void nft_obj_notify(struct net *net, const struct
nft_table *table,
event == NFT_MSG_NEWOBJ ?
AUDIT_NFT_OP_OBJ_REGISTER :
AUDIT_NFT_OP_OBJ_UNREGISTER,
- GFP_KERNEL);
+ gfp);
kfree(buf);
if (!report &&
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
