[ARCHIVE DEBUG 00/13] audit_debug: diagnostics for audit internal workings
Richard Guy Briggs
rgb at redhat.com
Thu Oct 22 18:58:46 UTC 2015
A number of diagnostic patches including a /proc/audit* interface to get
a better view of what is happenning with what frequency in the audit
queue code.
Richard Guy Briggs (13):
audit_debug: set reserve to same size as backlog
audit_debug: squawk when digging into reserve
audit_debug: proc instrumentation
audit_debug: add /proc counters for overflows, waiters, recovers,
reserves
audit_debug: proc debug output easier to paste
audit_debug: don't let systemd change config
audit_debug: instrument audit_cmd_mutex contention
audit_debug: seperate out audit_titles in proc display
netlink_debug: instrument timing of calls by init/systemd or
audit_pid
audit_debug: bark on impossible reserve process conditions in while
loop
audit_debug: instrument audit_receive timing
audit_debug: list processes and frequencies waiting for auditd
audit_debug: print inode nr for each path when listing exe rules
include/linux/skbuff.h | 16 ++++
kernel/audit.c | 219 ++++++++++++++++++++++++++++++++++++++++++++--
kernel/audit.h | 2 +
kernel/audit_fsnotify.c | 5 +
kernel/auditfilter.c | 1 +
net/netlink/af_netlink.c | 16 ++++
6 files changed, 250 insertions(+), 9 deletions(-)
More information about the Linux-audit
mailing list