Date: Fri, 1 Aug 2008 02:46:25 GMT From: Diego Giagio <diego@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 146360 for review Message-ID: <200808010246.m712kPqk003305@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=146360 Change 146360 by diego@diego_black on 2008/08/01 02:45:34 Use a queue of records instead of a single record. That would let us: - Pre-allocate records outside without locks held. - Make it possible to have more than one record being constructed by a given thread. Affected files ... .. //depot/projects/soc2008/diego-audit/src/sys/security/audit/audit.c#5 edit .. //depot/projects/soc2008/diego-audit/src/sys/sys/proc.h#5 edit Differences ... ==== //depot/projects/soc2008/diego-audit/src/sys/security/audit/audit.c#5 (text) ==== @@ -73,10 +73,10 @@ #include <vm/uma.h> static uma_zone_t audit_record_zone; -static MALLOC_DEFINE(M_AUDITCRED, "audit_cred", "Audit cred storage"); MALLOC_DEFINE(M_AUDITDATA, "audit_data", "Audit data storage"); MALLOC_DEFINE(M_AUDITPATH, "audit_path", "Audit path storage"); MALLOC_DEFINE(M_AUDITTEXT, "audit_text", "Audit text storage"); +MALLOC_DEFINE(M_AUDITRECQ, "audit_recq", "Audit record queue storage"); SYSCTL_NODE(_security, OID_AUTO, audit, CTLFLAG_RW, 0, "TrustedBSD audit controls"); @@ -483,6 +483,30 @@ mtx_unlock(&audit_mtx); } +static void +audit_enter(struct thread *td) +{ + /* + * Check if there's already a record being constructed. If true, move + * it temporarily into our record queue. currecord() will now point to + * the new record. + */ + if (td->td_ar != NULL) + TAILQ_INSERT_TAIL(td->td_arq, td->td_ar, k_q); +} + +static void +audit_exit(struct thread *td) +{ + /* + * If there were a previous record begin constructed, return it to + * currecord() and remove it from record queue. + */ + td->td_ar = TAILQ_LAST(td->td_arq, kaudit_queue); + if (td->td_ar != NULL) + TAILQ_REMOVE(td->td_arq, td->td_ar, k_q); +} + /* * audit_syscall_enter() is called on entry to each system call. It is * responsible for deciding whether or not to audit the call (preselection), @@ -494,8 +518,6 @@ { au_event_t event; - KASSERT(td->td_ar == NULL, ("audit_syscall_enter: td->td_ar != NULL")); - /* * In FreeBSD, each ABI has its own system call table, and hence * mapping of system call codes to audit events. Convert the code to @@ -511,6 +533,7 @@ if (event == AUE_NULL) return; + audit_enter(td); td->td_ar = audit_begin(event, td); } @@ -537,7 +560,7 @@ retval = td->td_retval[0]; audit_commit(td->td_ar, error, retval); - td->td_ar = NULL; + audit_exit(td); } void @@ -585,6 +608,8 @@ { td->td_ar = NULL; + td->td_arq = malloc(sizeof(struct kaudit_queue), M_AUDITRECQ, M_WAITOK); + TAILQ_INIT(td->td_arq); } void @@ -592,6 +617,9 @@ { KASSERT(td->td_ar == NULL, ("audit_thread_free: td_ar != NULL")); + KASSERT(TAILQ_EMPTY(td->td_arq), + ("audit_thread_free: td_arq not empty")); + free(td->td_arq, M_AUDITRECQ); } void ==== //depot/projects/soc2008/diego-audit/src/sys/sys/proc.h#5 (text+ko) ==== @@ -153,6 +153,7 @@ * for write access. */ struct kaudit_record; +struct kaudit_queue; struct td_sched; struct nlminfo; struct kaioinfo; @@ -269,6 +270,7 @@ struct mdthread td_md; /* (k) Any machine-dependent fields. */ struct td_sched *td_sched; /* (*) Scheduler-specific data. */ struct kaudit_record *td_ar; /* (k) Active audit record, if any. */ + struct kaudit_queue *td_arq; /* (k) Queue of audit records. */ int td_syscalls; /* per-thread syscall count (used by NFS :)) */ struct lpohead td_lprof[2]; /* (a) lock profiling objects. */ struct kdtrace_thread *td_dtrace; /* (*) DTrace-specific data. */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808010246.m712kPqk003305>