From nobody Wed Jun 18 17:57:56 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bMs0N6Tktz5pwMr; Wed, 18 Jun 2025 17:57:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4bMs0N5nNRz3WT9; Wed, 18 Jun 2025 17:57:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1750269476; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QOLKC+1jnPHXMMo40gp7c8+U1JBnPKvxIqi48oJB0No=; b=fZNCaUUjjLWybne9O4Ea+DF0r7HDcTByHbwMyfeXvTOiaINmb6WxGnlzSHPbxAsMIbfDwt bL3XQFIQxr0Qvs2zkIVFotmDt/+fBaxEW4eBuDogLpPFeEnvDgtnazkoquhewBc8ZeJIUB JZLvhOqUoIaT8x4YArXuvzL+uvCUosst45L2WNWCKXRqqTbX4XZgwZyMrCI2CVNNv2aiLy E69P80OcyUn5NkGxtLAuZMJJqpMcmljQKxnTKrwGrc4/hEghPXuYjvewCUSJV5b7RvfBR3 6Y3tpLEOKu4rIRR18ErEgUOdcE2B5QJM3VgoTwTRvpqXT/EE1fxt3XdhCrJvWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1750269476; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QOLKC+1jnPHXMMo40gp7c8+U1JBnPKvxIqi48oJB0No=; b=XtmsBvVk5ce108qVPul0OwwowUJ2L7HshnbF3Wf2uteq8z5vVfMtgwgNfrr9Ur7Aa5NWP2 g/B9zNao4gzg9+xcuB74bovvc7nwnIkD3TH2mljt4aZ3Qts7gOPaV7gNC4/kBphk1pQpQV leFi53Jsk9AJlNcG1UO7D9hZ1waH7Va0Nm9u0hxta8gaeKNNTxIwBPCLzZHCRnDQhX5ctZ AbGBcApfLXlsWIEnGmyBJAy+n3tHlFR4w/o1nNELpfYF1iyrursMObpMXL4y18ae0s43dZ GfUlBB7GFcCVk8o92MnEFOJ9BnmQ5C7FwU9mkFHoiWd19qMoq/CXkLrGSylrsw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1750269476; a=rsa-sha256; cv=none; b=xdCr1McJAKmo/A59Y45eAFqh1vNoIeS4iry7pqejMUoeLik+PBKXRSpCb/xOOJ7aTFf6PH Y9Cb0odQ1uWTbegVFOJAU3CgcV8KNjCXce/81hyCpVWG4cWq90ZpM8rTA2jVWOROn3Al5V FggBd3Q/6fXUEJGyPuJoN5sGeWL2jVpx2pPQDfuozL2NJu4tJNEAPkSvjDDCzjQ9yLqbjY qdIpaBqg+GRPPgI40NJnNg8WQ/Izf5s6v7RNxp6U8SETOTss+bwLQXVaH6txxbeu0uVR5w 4IsQM06zmETEHEjkJz6z4KzK3InbzYHCiYUJVJXYMUY43GEIBbFtqRhOxRLwtA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bMs0N4zXpzglm; Wed, 18 Jun 2025 17:57:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 55IHvu2k092933; Wed, 18 Jun 2025 17:57:56 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 55IHvuO3092930; Wed, 18 Jun 2025 17:57:56 GMT (envelope-from git) Date: Wed, 18 Jun 2025 17:57:56 GMT Message-Id: <202506181757.55IHvuO3092930@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 0452f5f7b37a - main - audit: move the wait from the queue length from the commit to alloc List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0452f5f7b37af81dba3953c7127385fe6f307790 Auto-Submitted: auto-generated The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=0452f5f7b37af81dba3953c7127385fe6f307790 commit 0452f5f7b37af81dba3953c7127385fe6f307790 Author: Konstantin Belousov AuthorDate: 2025-06-16 16:01:12 +0000 Commit: Konstantin Belousov CommitDate: 2025-06-18 17:57:49 +0000 audit: move the wait from the queue length from the commit to alloc AUDIT_SYSCALL_EXIT() and indirectly audit_commit() is intended to be called from arbitrary top-level context. This means that any sleepable locks can be owned by the caller, and which makes the sleeping in audit_commit() forbidden. Since we need to sleep for the record in audit_alloc() anyway, move the sleep for the queue limit there. At worst, if the audit is suspended is disabled when we actually reach the commit location, this means that we lost time uselessly. PR: 287566 Reviewed by: markj Tested by: pho Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D50879 --- sys/security/audit/audit.c | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index a47bc9554712..05928f1c33e8 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -411,15 +411,22 @@ currecord(void) return (curthread->td_ar); } -/* - * XXXAUDIT: Shouldn't there be logic here to sleep waiting on available - * pre_q space, suspending the system call until there is room? - */ struct kaudit_record * audit_new(int event, struct thread *td) { struct kaudit_record *ar; + mtx_lock(&audit_mtx); + audit_pre_q_len++; + + /* + * Constrain the number of committed audit records based on + * the configurable parameter. + */ + while (audit_q_len >= audit_qctrl.aq_hiwater) + cv_wait(&audit_watermark_cv, &audit_mtx); + mtx_unlock(&audit_mtx); + /* * Note: the number of outstanding uncommitted audit records is * limited to the number of concurrent threads servicing system calls @@ -427,11 +434,6 @@ audit_new(int event, struct thread *td) */ ar = uma_zalloc_arg(audit_record_zone, td, M_WAITOK); ar->k_ar.ar_event = event; - - mtx_lock(&audit_mtx); - audit_pre_q_len++; - mtx_unlock(&audit_mtx); - return (ar); } @@ -565,13 +567,6 @@ audit_commit(struct kaudit_record *ar, int error, int retval) return; } - /* - * Constrain the number of committed audit records based on the - * configurable parameter. - */ - while (audit_q_len >= audit_qctrl.aq_hiwater) - cv_wait(&audit_watermark_cv, &audit_mtx); - TAILQ_INSERT_TAIL(&audit_q, ar, k_q); audit_q_len++; audit_pre_q_len--;