Idiocy in audit_serial()
David Woodhouse
dwmw2 at infradead.org
Sat Jul 16 09:41:28 UTC 2005
On Fri, 2005-07-15 at 09:03 +0100, David Woodhouse wrote:
> Someone reported livelock on a 16-way itanic box, in audit_serial().
> Looking at it, that doesn't really surprise me much. An audit.78
> kernel is building with this...
There's still too much contention on it, even if we eliminate the
livelock. There's no real reason why we should be generating a serial
number even when the context isn't auditable, is there? I'm building
audit.79 with this patch. It _might_ complete before I leave for the
airport...
--- linux-2.6.9/kernel/audit.c~ 2005-07-15 08:45:38.000000000 +0100
+++ linux-2.6.9/kernel/audit.c 2005-07-16 10:33:21.000000000 +0100
@@ -693,7 +693,9 @@ unsigned int audit_serial(void)
unsigned int ret;
spin_lock_irqsave(&serial_lock, flags);
- ret = serial++;
+ do {
+ ret = ++serial;
+ } while (unlikely(!ret));
spin_unlock_irqrestore(&serial_lock, flags);
return ret;
--- linux-2.6.9/kernel/auditsc.c~ 2005-07-13 22:38:50.000000000 +0100
+++ linux-2.6.9/kernel/auditsc.c 2005-07-16 10:34:06.000000000 +0100
@@ -1030,7 +1030,7 @@ void audit_syscall_entry(struct task_str
if (likely(state == AUDIT_DISABLED))
return;
- context->serial = audit_serial();
+ context->serial = 0;
context->ctime = CURRENT_TIME;
context->in_syscall = 1;
context->auditable = !!(state == AUDIT_RECORD_CONTEXT);
@@ -1183,6 +1183,8 @@ void audit_inode(const char *name, const
void auditsc_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial)
{
+ if (!ctx->serial)
+ ctx->serial = audit_serial();
t->tv_sec = ctx->ctime.tv_sec;
t->tv_nsec = ctx->ctime.tv_nsec;
*serial = ctx->serial;
--
dwmw2
More information about the Linux-audit
mailing list