rpms/kernel/FC-4 linux-2.6.13-rc3-audit-git.patch,1.2,1.3
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Jul 18 18:34:31 UTC 2005
- Previous message (by thread): rpms/dbus/devel dbus-0.35.2-selinux-avc-audit.patch, NONE, 1.1 .cvsignore, 1.11, 1.12 dbus.spec, 1.51, 1.52 sources, 1.11, 1.12 dbus-0.23-selinux-avc-audit.patch, 1.2, NONE dbus-0.34-kill-babysitter.patch, 1.1, NONE dbus-0.34-python-threadsync.patch, 1.1, NONE
- Next message (by thread): rpms/dbus/devel dbus.spec,1.52,1.53
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwmw2
Update of /cvs/dist/rpms/kernel/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv13116
Modified Files:
linux-2.6.13-rc3-audit-git.patch
Log Message:
reduce contention on audit_serial()
linux-2.6.13-rc3-audit-git.patch:
MAINTAINERS | 8 +
fs/namei.c | 2
include/linux/audit.h | 36 ++++--
kernel/audit.c | 123 ++++++++++++++-------
kernel/auditsc.c | 231 +++++++++++++++++++++++++++++------------
security/selinux/avc.c | 4
security/selinux/hooks.c | 2
security/selinux/ss/services.c | 4
8 files changed, 285 insertions(+), 125 deletions(-)
Index: linux-2.6.13-rc3-audit-git.patch
===================================================================
RCS file: /cvs/dist/rpms/kernel/FC-4/linux-2.6.13-rc3-audit-git.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- linux-2.6.13-rc3-audit-git.patch 14 Jul 2005 13:42:06 -0000 1.2
+++ linux-2.6.13-rc3-audit-git.patch 18 Jul 2005 18:34:27 -0000 1.3
@@ -287,7 +287,45 @@
nlh = (struct nlmsghdr *)skb_put(ab->skb, NLMSG_SPACE(0));
nlh->nlmsg_type = type;
nlh->nlmsg_flags = 0;
-@@ -644,17 +649,43 @@ static inline void audit_get_stamp(struc
+@@ -605,26 +610,27 @@ err:
+ * (timestamp,serial) tuple is unique for each syscall and is live from
+ * syscall entry to syscall exit.
+ *
+- * Atomic values are only guaranteed to be 24-bit, so we count down.
+- *
+ * NOTE: Another possibility is to store the formatted records off the
+ * audit context (for those records that have a context), and emit them
+ * all at syscall exit. However, this could delay the reporting of
+ * significant errors until syscall exit (or never, if the system
+ * halts). */
++
+ unsigned int audit_serial(void)
+ {
+- static atomic_t serial = ATOMIC_INIT(0xffffff);
+- unsigned int a, b;
++ static spinlock_t serial_lock = SPIN_LOCK_UNLOCKED;
++ static unsigned int serial = 0;
++
++ unsigned long flags;
++ unsigned int ret;
+
++ spin_lock_irqsave(&serial_lock, flags);
+ do {
+- a = atomic_read(&serial);
+- if (atomic_dec_and_test(&serial))
+- atomic_set(&serial, 0xffffff);
+- b = atomic_read(&serial);
+- } while (b != a - 1);
++ ret = ++serial;
++ } while (unlikely(!ret));
++ spin_unlock_irqrestore(&serial_lock, flags);
+
+- return 0xffffff - b;
++ return ret;
+ }
+
+ static inline void audit_get_stamp(struct audit_context *ctx,
+@@ -644,17 +650,43 @@ static inline void audit_get_stamp(struc
* syscall, then the syscall is marked as auditable and an audit record
* will be written at syscall exit. If there is no associated task, tsk
* should be NULL. */
@@ -334,7 +372,7 @@
if (audit_rate_check())
printk(KERN_WARNING
"audit: audit_backlog=%d > "
-@@ -662,10 +693,12 @@ struct audit_buffer *audit_log_start(str
+@@ -662,10 +694,12 @@ struct audit_buffer *audit_log_start(str
skb_queue_len(&audit_skb_queue),
audit_backlog_limit);
audit_log_lost("backlog limit exceeded");
@@ -348,7 +386,7 @@
if (!ab) {
audit_log_lost("out of memory in audit_log_start");
return NULL;
-@@ -689,7 +722,7 @@ static inline int audit_expand(struct au
+@@ -689,7 +723,7 @@ static inline int audit_expand(struct au
{
struct sk_buff *skb = ab->skb;
int ret = pskb_expand_head(skb, skb_headroom(skb), extra,
@@ -357,7 +395,7 @@
if (ret < 0) {
audit_log_lost("out of memory in audit_expand");
return 0;
-@@ -808,7 +841,7 @@ void audit_log_d_path(struct audit_buffe
+@@ -808,7 +842,7 @@ void audit_log_d_path(struct audit_buffe
audit_log_format(ab, " %s", prefix);
/* We will allow 11 spaces for ' (deleted)' to be appended */
@@ -366,7 +404,7 @@
if (!path) {
audit_log_format(ab, "<no memory>");
return;
-@@ -840,7 +873,7 @@ void audit_log_end(struct audit_buffer *
+@@ -840,7 +874,7 @@ void audit_log_end(struct audit_buffer *
ab->skb = NULL;
wake_up_interruptible(&kauditd_wait);
} else {
@@ -375,7 +413,7 @@
}
}
audit_buffer_free(ab);
-@@ -849,12 +882,13 @@ void audit_log_end(struct audit_buffer *
+@@ -849,12 +883,13 @@ void audit_log_end(struct audit_buffer *
/* Log an audit record. This is a convenience function that calls
* audit_log_start, audit_log_vformat, and audit_log_end. It may be
* called in any context. */
@@ -742,7 +780,7 @@
audit_free_context(context);
}
-@@ -876,7 +980,7 @@ void audit_syscall_entry(struct task_str
+@@ -876,11 +980,11 @@ void audit_syscall_entry(struct task_str
state = context->state;
if (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT)
@@ -751,6 +789,11 @@
if (likely(state == AUDIT_DISABLED))
return;
+- context->serial = audit_serial();
++ context->serial = 0;
+ context->ctime = CURRENT_TIME;
+ context->in_syscall = 1;
+ context->auditable = !!(state == AUDIT_RECORD_CONTEXT);
@@ -905,8 +1009,8 @@ void audit_syscall_exit(struct task_stru
if (likely(!context))
return;
@@ -771,7 +814,7 @@
{
int idx;
struct audit_context *context = current->audit_context;
-@@ -1022,12 +1126,13 @@ void audit_inode(const char *name, const
+@@ -1022,17 +1126,20 @@ void audit_inode(const char *name, const
++context->ino_count;
#endif
}
@@ -791,7 +834,14 @@
}
void auditsc_get_stamp(struct audit_context *ctx,
-@@ -1044,7 +1149,7 @@ int audit_set_loginuid(struct task_struc
+ struct timespec *t, unsigned int *serial)
+ {
++ if (!ctx->serial)
++ ctx->serial = audit_serial();
+ t->tv_sec = ctx->ctime.tv_sec;
+ t->tv_nsec = ctx->ctime.tv_nsec;
+ *serial = ctx->serial;
+@@ -1044,7 +1151,7 @@ int audit_set_loginuid(struct task_struc
if (task->audit_context) {
struct audit_buffer *ab;
@@ -800,7 +850,7 @@
if (ab) {
audit_log_format(ab, "login pid=%d uid=%u "
"old auid=%u new auid=%u",
-@@ -1153,7 +1258,7 @@ void audit_signal_info(int sig, struct t
+@@ -1153,7 +1260,7 @@ void audit_signal_info(int sig, struct t
extern pid_t audit_sig_pid;
extern uid_t audit_sig_uid;
- Previous message (by thread): rpms/dbus/devel dbus-0.35.2-selinux-avc-audit.patch, NONE, 1.1 .cvsignore, 1.11, 1.12 dbus.spec, 1.51, 1.52 sources, 1.11, 1.12 dbus-0.23-selinux-avc-audit.patch, 1.2, NONE dbus-0.34-kill-babysitter.patch, 1.1, NONE dbus-0.34-python-threadsync.patch, 1.1, NONE
- Next message (by thread): rpms/dbus/devel dbus.spec,1.52,1.53
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list