Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 5 Oct 2005 23:22:07 GMT
From:      Wayne Salamon <wsalamon@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 84872 for review
Message-ID:  <200510052322.j95NM7DF083492@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=84872

Change 84872 by wsalamon@gretsch on 2005/10/05 23:21:29

	Move the extern declares of the audit control variables to the 
	private header file.
	Clean up kern_audit.c by removing dead code, renaming the record
	free function to be more descriptive, some better comments.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_private.h#7 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#3 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#44 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_private.h#7 (text+ko) ====

@@ -42,6 +42,16 @@
 #endif
 
 /*
+ * Audit control variables that are usually set/read via system calls
+ * and used to control various aspects of auditing.
+ */
+extern struct au_qctrl audit_qctrl;
+extern struct audit_fstat audit_fstat;
+extern struct au_mask audit_nae_mask;
+extern int audit_panic_on_write_fail;
+extern int audit_fail_stop;
+
+/*
  * Success/failure conditions for the conversion of a kernel audit record to
  * BSM format.
  */

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#3 (text+ko) ====

@@ -34,13 +34,6 @@
 
 #ifdef AUDIT
 
-/* XXX replace these externs with accessor functions? */
-extern struct au_qctrl audit_qctrl;
-extern struct audit_fstat audit_fstat;
-extern struct au_mask audit_nae_mask;
-extern int audit_panic_on_write_fail;
-extern int audit_fail_stop;
-
 /*
  * MPSAFE
  *

==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#44 (text+ko) ====

@@ -83,11 +83,38 @@
 
 MALLOC_DEFINE(M_AUDIT, "audit", "Audit event records");
 
+/*
+ * Audit control settings that are set/read by system calls and are 
+ * hence non-static.
+ */
 /* 
  * Define the audit control flags.
  */
-int	audit_enabled;
-int	audit_suspended;
+int					audit_enabled;
+int					audit_suspended;
+
+/*
+ * Flags controlling behavior in low storage situations.
+ * Should we panic if a write fails?  Should we fail stop
+ * if we're out of disk space?
+ */
+int					audit_panic_on_write_fail;
+int					audit_fail_stop;
+
+/*
+ * Audit queue control settings (minimum free, low/high water marks, etc.)
+ */
+struct au_qctrl				audit_qctrl;
+
+/*
+ * Global audit statistiscs. 
+ */
+struct audit_fstat 			audit_fstat;
+
+/*
+ * Preselection mask for non-attributable events.
+ */
+struct au_mask			 	audit_nae_mask;
 
 /*
  * Mutex to protect global variables shared between various threads and
@@ -155,42 +182,21 @@
  */
 static struct cv			audit_fail_cv;
 
-/* XXX make a function to access this variable, then make it static */
-struct au_qctrl			audit_qctrl;
-
-/*
- * Global audit statistiscs. 
- */
-/* XXX make a function to access this variable, then make it static */
-struct audit_fstat 	audit_fstat;
-
-/*
- Preselection mask for non-attributable events.
- */
-/* XXX make a function to access this variable, then make it static */
-struct au_mask	 	audit_nae_mask;
-
 /*
  * Flags related to Kernel->user-space communication.
  */
 static int			audit_file_rotate_wait;
 
 /*
- * Flags controlling behavior in low storage situations.
- * Should we panic if a write fails?  Should we fail stop
- * if we're out of disk space?  Are we currently "failing
- * stop" due to out of disk space?
+ * Are we currently "failing stop" due to out of disk space?
  */
-/* XXX make a function to access these variables, then make them static */
-int			 audit_panic_on_write_fail;
-int			 audit_fail_stop;
 static int			 audit_in_failure;
 
 /*
- * XXXAUDIT: For consistency, perhaps audit_record_free()?
+ * Perform a deep free of an audit record (core record and referenced objects)
  */
 static void
-audit_free(struct kaudit_record *ar)
+audit_record_free(struct kaudit_record *ar)
 {
 
 	if (ar->k_ar.ar_arg_upath1 != NULL) {
@@ -510,7 +516,8 @@
 		 * conditional allocation and queueing.  Go back to
 		 * waiting when we're done.
 		 *
-		 * XXX: We go out of our way to avoid calling audit_free()
+		 * XXX: We go out of our way to avoid calling 
+		 * audit_record_free().
 		 * with the audit_mtx held, to avoid a lock order reversal
 		 * as free() may grab Giant.  This should be fixed at
 		 * some point.
@@ -527,7 +534,7 @@
 			mtx_unlock(&audit_mtx);
 			while ((ar = TAILQ_FIRST(&ar_worklist))) {
 				TAILQ_REMOVE(&ar_worklist, ar, k_q);
-				audit_free(ar);
+				audit_record_free(ar);
 			}
 			mtx_lock(&audit_mtx);
 			continue;
@@ -540,7 +547,8 @@
 		 * records and perform our own clustering, if the lower
 		 * layers aren't doing it automatically enough.
 		 *
-		 * XXX: We go out of our way to avoid calling audit_free()
+		 * XXX: We go out of our way to avoid calling
+		 * audit_record_free()
 		 * with the audit_mtx held, to avoid a lock order reversal
 		 * as free() may grab Giant.  This should be fixed at
 		 * some point.
@@ -569,7 +577,7 @@
 					printf("audit_worker: write error %d\n",
 					    error);
 			}
-			audit_free(ar);
+			audit_record_free(ar);
 		}
 		mtx_lock(&audit_mtx);
 	}
@@ -683,11 +691,6 @@
 	    "audit_worker (flag " "now %d)\n", audit_replacement_flag));
 	mtx_unlock(&audit_mtx);
 
-	/* XXX  Need to figure out how the kernel->userspace file full
-	 * signalling will take place.
-	 *
-	 * XXXAUDIT: This comment may now be obsolete.
-	 */
 	audit_file_rotate_wait = 0; /* We can now request another rotation */
 }
 
@@ -793,20 +796,6 @@
 
 /*
  * MPSAFE
- * XXXAUDIT: So far, this is unused, and should probably be GC'd.
- */
-void
-audit_abort(struct kaudit_record *ar)
-{
-
-	mtx_lock(&audit_mtx);
-	audit_pre_q_len--;
-	mtx_unlock(&audit_mtx);
-	audit_free(ar);
-}
-
-/*
- * MPSAFE
  */
 void
 audit_commit(struct kaudit_record *ar, int error, int retval)
@@ -863,7 +852,7 @@
 		mtx_lock(&audit_mtx);
 		audit_pre_q_len--;
 		mtx_unlock(&audit_mtx);
-		audit_free(ar);
+		audit_record_free(ar);
 		return;
 	}
 
@@ -889,7 +878,7 @@
 	if (audit_suspended || !audit_enabled) {
 		audit_pre_q_len--;
 		mtx_unlock(&audit_mtx);
-		audit_free(ar);
+		audit_record_free(ar);
 		return;
 	}
 	



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510052322.j95NM7DF083492>