[ARCHIVE DEBUG 01/13] audit_debug: set reserve to same size as backlog
Richard Guy Briggs
rgb at redhat.com
Thu Oct 22 18:58:47 UTC 2015
Debug the unlikely possibility that the audit_backlog_limit reserve is
being overflowed too. Make the reserve proportional to the backlog
limit.
Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
---
kernel/audit.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 369cfcc..795d604 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1371,8 +1371,8 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask,
struct audit_buffer *ab = NULL;
struct timespec t;
unsigned int uninitialized_var(serial);
- int reserve = 5; /* Allow atomic callers to go up to five
- entries over the normal backlog limit */
+ /* reserve: Allow atomic callers to go over the normal backlog limit */
+ int reserve = audit_backlog_limit/16;
unsigned long timeout_start = jiffies;
if (audit_initialized != AUDIT_INITIALIZED)
--
1.7.1
More information about the Linux-audit
mailing list