lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

AUDIT: Wait for backlog to clear when generating messages.

Browse Source 
Add a gfp_mask to audit_log_start() and audit_log(), to reduce the
amount of GFP_ATOMIC allocation -- most of it doesn't need to be 
GFP_ATOMIC. Also if the mask includes __GFP_WAIT, then wait up to
60 seconds for the auditd backlog to clear instead of immediately 
abandoning the message. 

The timeout should probably be made configurable, but for now it'll 
suffice that it only happens if auditd is actually running.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This commit is contained in:
David Woodhouse
2005-06-22 15:04:33 +01:00
parent 177bbc733a
commit 9ad9ad385b
6 changed files with 61 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
security/selinux/avc.c
View File

@ -242,7 +242,7 @@ void __init avc_init(void)
avc_node_cachep = kmem_cache_create("avc_node", sizeof(struct avc_node),
0, SLAB_PANIC, NULL, NULL);
audit_log(current->audit_context, AUDIT_KERNEL, "AVC INITIALIZED\n");
audit_log(current->audit_context, GFP_KERNEL, AUDIT_KERNEL, "AVC INITIALIZED\n");
}
int avc_get_hash_stats(char *page)
@ -550,7 +550,7 @@ void avc_audit(u32 ssid, u32 tsid,
return;
}
ab = audit_log_start(current->audit_context, AUDIT_AVC);
ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_AVC);
if (!ab)
return; /* audit_panic has been called */
audit_log_format(ab, "avc: %s ", denied ? "denied" : "granted");