From owner-trustedbsd-cvs@FreeBSD.ORG Mon Dec 4 18:35:07 2006 Return-Path: X-Original-To: trustedbsd-cvs@freebsd.org Delivered-To: trustedbsd-cvs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5FF1116A514 for ; Mon, 4 Dec 2006 18:35:07 +0000 (UTC) (envelope-from owner-perforce@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4933243CBF for ; Mon, 4 Dec 2006 18:34:31 +0000 (GMT) (envelope-from owner-perforce@freebsd.org) Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by cyrus.watson.org (Postfix) with ESMTP id A401146F58 for ; Mon, 4 Dec 2006 13:35:04 -0500 (EST) Received: from hub.freebsd.org (hub.freebsd.org [69.147.83.54]) by mx2.freebsd.org (Postfix) with ESMTP id 1336863A31; Mon, 4 Dec 2006 18:34:18 +0000 (GMT) (envelope-from owner-perforce@freebsd.org) Received: by hub.freebsd.org (Postfix, from userid 32767) id 8772F16A4B3; Mon, 4 Dec 2006 18:34:23 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4B28716A4AB for ; Mon, 4 Dec 2006 18:34:23 +0000 (UTC) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8C5643CA7 for ; Mon, 4 Dec 2006 18:33:48 +0000 (GMT) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id kB4IYMH7089538 for ; Mon, 4 Dec 2006 18:34:22 GMT (envelope-from millert@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id kB4IYM7k089535 for perforce@freebsd.org; Mon, 4 Dec 2006 18:34:22 GMT (envelope-from millert@freebsd.org) Date: Mon, 4 Dec 2006 18:34:22 GMT Message-Id: <200612041834.kB4IYM7k089535@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to millert@freebsd.org using -f From: Todd Miller To: Perforce Change Reviews Cc: Subject: PERFORCE change 111046 for review X-BeenThere: trustedbsd-cvs@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: TrustedBSD CVS and Perforce commit message list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Dec 2006 18:35:07 -0000 http://perforce.freebsd.org/chv.cgi?CH=111046 Change 111046 by millert@millert_g5tower on 2006/12/04 18:34:01 Remove rate limiting, it was removed in selinux long ago. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.c#12 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.c#12 (text+ko) ==== @@ -148,14 +148,9 @@ #define NOTIF_LOCK lck_mtx_lock(notif_lock) #define NOTIF_UNLOCK lck_mtx_unlock(notif_lock) -static lck_mtx_t *ratelimit_lock; -#define RATELIM_LOCK lck_mtx_lock(ratelimit_lock) -#define RATELIM_UNLOCK lck_mtx_unlock(ratelimit_lock) - static struct avc_cache avc_cache; static struct avc_callback_node *avc_callbacks; static zone_t avc_node_cachep; -static uint64_t avc_msg_cost, avc_msg_burst; static inline int avc_hash(u32 ssid, u32 tsid, u16 tclass) { @@ -277,7 +272,6 @@ /* allocate avc mutexes */ avc_log_lock = lck_mtx_alloc_init(avc_lck_grp, avc_lck_attr); notif_lock = lck_mtx_alloc_init(avc_lck_grp, avc_lck_attr); - ratelimit_lock = lck_mtx_alloc_init(avc_lck_grp, avc_lck_attr); for (i = 0; i < AVC_CACHE_SLOTS; i++) { LIST_INIT(&avc_cache.slots[i]); @@ -291,10 +285,6 @@ lck_attr_free(avc_lck_attr); lck_grp_attr_free(avc_lck_grp_attr); - /* For avc_ratelimit() */ - nanoseconds_to_absolutetime(5000000000ULL, &avc_msg_cost); - avc_msg_burst = 10 * avc_msg_cost; - avc_node_cachep = mac_zinit(sizeof(struct avc_node), AVC_CACHE_MAXNODES * sizeof(struct avc_node), AVC_CACHE_RECLAIM * sizeof(struct avc_node), "avc node"); @@ -575,63 +565,6 @@ } #endif /* __linux__ */ - -#define AVC_MSG_COST avc_msg_cost -#define AVC_MSG_BURST avc_msg_burst - -/* - * This enforces a rate limit: not more than one kernel message - * every 5secs to make a denial-of-service attack impossible. - */ -static int avc_ratelimit(void) -{ - static uint64_t toks; - static uint64_t last_msg; - static int missed, rc; - uint64_t now; - - now = mach_absolute_time(); - - RATELIM_LOCK; - toks += now - last_msg; - last_msg = now; - if (toks > AVC_MSG_BURST) - toks = AVC_MSG_BURST; - if (toks >= AVC_MSG_COST) { - int lost = missed; - missed = 0; - toks -= AVC_MSG_COST; - RATELIM_UNLOCK; - if (lost) - printk(KERN_WARNING "AVC: %d messages suppressed.\n", - lost); - rc = 1; - goto out; - } - missed++; - RATELIM_UNLOCK; -out: - return rc; -} - -static inline int check_avc_ratelimit(void) -{ - - /* - * If auditing is not enabled, suppress all messages. - */ - if (!selinux_auditing) - return 0; - - /* - * If in permissive mode, display all messages. - */ - if (!selinux_enforcing) - return 1; - - return avc_ratelimit(); -} - /** * avc_audit - Audit the granting or denial of permissions. * @ssid: source security identifier @@ -672,9 +605,6 @@ return; } - if (!check_avc_ratelimit()) - return; - ab = audit_log_start(); if (!ab) return; /* audit_panic has been called */