From owner-trustedbsd-cvs@FreeBSD.ORG Sun Mar 19 19:21:11 2006 Return-Path: X-Original-To: trustedbsd-cvs@freebsd.org Delivered-To: trustedbsd-cvs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 081BF16A427 for ; Sun, 19 Mar 2006 19:21:11 +0000 (UTC) (envelope-from owner-perforce@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3198C43D48 for ; Sun, 19 Mar 2006 19:21:08 +0000 (GMT) (envelope-from owner-perforce@freebsd.org) Received: from mx2.freebsd.org (mx2.freebsd.org [216.136.204.119]) by cyrus.watson.org (Postfix) with ESMTP id 67C9646C78 for ; Sun, 19 Mar 2006 14:20:40 -0500 (EST) Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 9382956794; Sun, 19 Mar 2006 19:21:04 +0000 (GMT) (envelope-from owner-perforce@freebsd.org) Received: by hub.freebsd.org (Postfix, from userid 32767) id 8B96216A423; Sun, 19 Mar 2006 19:21:04 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C17D16A41F for ; Sun, 19 Mar 2006 19:21:04 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9A3E43D53 for ; Sun, 19 Mar 2006 19:21:02 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k2JJL2DD020894 for ; Sun, 19 Mar 2006 19:21:02 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k2JJL2Ek020891 for perforce@freebsd.org; Sun, 19 Mar 2006 19:21:02 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Sun, 19 Mar 2006 19:21:02 GMT Message-Id: <200603191921.k2JJL2Ek020891@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 93588 for review X-BeenThere: trustedbsd-cvs@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: TrustedBSD CVS and Perforce commit message list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Mar 2006 19:21:11 -0000 http://perforce.freebsd.org/chv.cgi?CH=93588 Change 93588 by rwatson@rwatson_peppercorn on 2006/03/19 19:20:12 Assert audit mtx in audit_worker_drain(). Break out logic to call audit_record_write() and handle error conditions into audit_worker_process_record(). This will be the future home of some logic now present in audit_record_write() also. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#6 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#6 (text+ko) ==== @@ -376,6 +376,8 @@ { struct kaudit_record *ar; + mtx_assert(&audit_mtx, MA_OWNED); + while ((ar = TAILQ_FIRST(&audit_q))) { TAILQ_REMOVE(&audit_q, ar, k_q); audit_free(ar); @@ -384,6 +386,31 @@ } /* + * Given a kernel audit record, process as required. Currently, that means + * passing it to audit_record_write(), but in the future it will mean + * converting it to BSM and then routing it to various possible output + * streams, including the audit trail and audit pipes. The caller will free + * the record. + */ +static void +audit_worker_process_record(struct vnode *audit_vp, struct ucred *audit_cred, + struct thread *audit_td, struct kaudit_record *ar) +{ + int error; + + if (audit_vp == NULL) + return; + + error = audit_record_write(audit_vp, ar, audit_cred, audit_td); + if (error) { + if (audit_panic_on_write_fail) + panic("audit_worker: write error %d\n", error); + else + printf("audit_worker: write error %d\n", error); + } +} + +/* * The audit_worker thread is responsible for watching the event queue, * dequeueing records, converting them to BSM format, and committing them to * disk. In order to minimize lock thrashing, records are dequeued in sets @@ -399,7 +426,7 @@ struct ucred *audit_cred; struct thread *audit_td; struct vnode *audit_vp; - int error, lowater_signal; + int lowater_signal; AUDIT_PRINTF(("audit_worker starting\n")); @@ -465,16 +492,8 @@ mtx_unlock(&audit_mtx); while ((ar = TAILQ_FIRST(&ar_worklist))) { TAILQ_REMOVE(&ar_worklist, ar, k_q); - if (audit_vp != NULL) { - error = audit_record_write(audit_vp, ar, - audit_cred, audit_td); - if (error && audit_panic_on_write_fail) - panic("audit_worker: write error %d\n", - error); - else if (error) - printf("audit_worker: write error %d\n", - error); - } + audit_worker_process_record(audit_vp, audit_cred, + audit_td, ar); audit_free(ar); } mtx_lock(&audit_mtx);