From owner-svn-src-all@FreeBSD.ORG Mon Mar 16 17:25:09 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A94A0106566C; Mon, 16 Mar 2009 17:25:09 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 950D38FC0A; Mon, 16 Mar 2009 17:25:09 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n2GHP9cf067293; Mon, 16 Mar 2009 17:25:09 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n2GHP94b067289; Mon, 16 Mar 2009 17:25:09 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <200903161725.n2GHP94b067289@svn.freebsd.org> From: Robert Watson Date: Mon, 16 Mar 2009 17:25:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r189890 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb security/audit sys X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Mar 2009 17:25:10 -0000 Author: rwatson Date: Mon Mar 16 17:25:09 2009 New Revision: 189890 URL: http://svn.freebsd.org/changeset/base/189890 Log: Merge r189570 from head to stable/7: Add a new thread-private flag, TDP_AUDITREC, to indicate whether or not there is an audit record hung off of td_ar on the current thread. Test this flag instead of td_ar when auditing syscall arguments or checking for an audit record to commit on syscall return. Under these circumstances, td_pflags is much more likely to be in the cache (especially if there is no auditing of the current system call), so this should help reduce cache misses in the system call return path. Reported by: kris Obtained from: TrustedBSD Project Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/security/audit/audit.c stable/7/sys/security/audit/audit.h stable/7/sys/security/audit/audit_syscalls.c stable/7/sys/sys/proc.h Modified: stable/7/sys/security/audit/audit.c ============================================================================== --- stable/7/sys/security/audit/audit.c Mon Mar 16 17:15:02 2009 (r189889) +++ stable/7/sys/security/audit/audit.c Mon Mar 16 17:25:09 2009 (r189890) @@ -446,6 +446,8 @@ audit_syscall_enter(unsigned short code, au_id_t auid; KASSERT(td->td_ar == NULL, ("audit_syscall_enter: td->td_ar != NULL")); + KASSERT((td->td_pflags & TDP_AUDITREC) == 0, + ("audit_syscall_enter: TDP_AUDITREC set")); /* * In FreeBSD, each ABI has its own system call table, and hence @@ -496,9 +498,13 @@ audit_syscall_enter(unsigned short code, panic("audit_failing_stop: thread continued"); } td->td_ar = audit_new(event, td); - } else if (audit_pipe_preselect(auid, event, class, AU_PRS_BOTH, 0)) + if (td->td_ar != NULL) + td->td_pflags |= TDP_AUDITREC; + } else if (audit_pipe_preselect(auid, event, class, AU_PRS_BOTH, 0)) { td->td_ar = audit_new(event, td); - else + if (td->td_ar != NULL) + td->td_pflags |= TDP_AUDITREC; + } else td->td_ar = NULL; } @@ -526,6 +532,7 @@ audit_syscall_exit(int error, struct thr audit_commit(td->td_ar, error, retval); td->td_ar = NULL; + td->td_pflags &= ~TDP_AUDITREC; } void @@ -580,6 +587,8 @@ audit_thread_free(struct thread *td) { KASSERT(td->td_ar == NULL, ("audit_thread_free: td_ar != NULL")); + KASSERT((td->td_pflags & TDP_AUDITREC) == 0, + ("audit_thread_free: TDP_AUDITREC set")); } void Modified: stable/7/sys/security/audit/audit.h ============================================================================== --- stable/7/sys/security/audit/audit.h Mon Mar 16 17:15:02 2009 (r189889) +++ stable/7/sys/security/audit/audit.h Mon Mar 16 17:25:09 2009 (r189890) @@ -186,7 +186,7 @@ void audit_thread_free(struct thread *t * audit_enabled flag before performing the actual call. */ #define AUDIT_ARG(op, args...) do { \ - if (td->td_ar != NULL) \ + if (td->td_pflags & TDP_AUDITREC) \ audit_arg_ ## op (args); \ } while (0) @@ -202,7 +202,7 @@ void audit_thread_free(struct thread *t * auditing is disabled, so we don't just check audit_enabled here. */ #define AUDIT_SYSCALL_EXIT(error, td) do { \ - if (td->td_ar != NULL) \ + if (td->td_pflags & TDP_AUDITREC) \ audit_syscall_exit(error, td); \ } while (0) @@ -210,7 +210,7 @@ void audit_thread_free(struct thread *t * A Macro to wrap the audit_sysclose() function. */ #define AUDIT_SYSCLOSE(td, fd) do { \ - if (audit_enabled) \ + if (td->td_pflags & TDP_AUDITREC) \ audit_sysclose(td, fd); \ } while (0) Modified: stable/7/sys/security/audit/audit_syscalls.c ============================================================================== --- stable/7/sys/security/audit/audit_syscalls.c Mon Mar 16 17:15:02 2009 (r189889) +++ stable/7/sys/security/audit/audit_syscalls.c Mon Mar 16 17:25:09 2009 (r189890) @@ -96,6 +96,7 @@ audit(struct thread *td, struct audit_ar td->td_ar = audit_new(AUE_NULL, td); if (td->td_ar == NULL) return (ENOTSUP); + td->td_pflags |= TDP_AUDITREC; ar = td->td_ar; } Modified: stable/7/sys/sys/proc.h ============================================================================== --- stable/7/sys/sys/proc.h Mon Mar 16 17:15:02 2009 (r189889) +++ stable/7/sys/sys/proc.h Mon Mar 16 17:25:09 2009 (r189890) @@ -379,6 +379,7 @@ do { \ #define TDP_WAKEUP 0x00080000 /* Don't sleep in umtx cond_wait */ #define TDP_INBDFLUSH 0x00100000 /* Already in BO_BDFLUSH, do not recurse */ #define TDP_IGNSUSP 0x00800000 /* Permission to ignore the MNTK_SUSPEND* */ +#define TDP_AUDITREC 0x01000000 /* Audit record pending on thread */ /* * Reasons that the current thread can not be run yet.