Date: Sun, 19 Mar 2006 19:21:02 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 93588 for review Message-ID: <200603191921.k2JJL2Ek020891@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=93588 Change 93588 by rwatson@rwatson_peppercorn on 2006/03/19 19:20:12 Assert audit mtx in audit_worker_drain(). Break out logic to call audit_record_write() and handle error conditions into audit_worker_process_record(). This will be the future home of some logic now present in audit_record_write() also. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#6 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#6 (text+ko) ==== @@ -376,6 +376,8 @@ { struct kaudit_record *ar; + mtx_assert(&audit_mtx, MA_OWNED); + while ((ar = TAILQ_FIRST(&audit_q))) { TAILQ_REMOVE(&audit_q, ar, k_q); audit_free(ar); @@ -384,6 +386,31 @@ } /* + * Given a kernel audit record, process as required. Currently, that means + * passing it to audit_record_write(), but in the future it will mean + * converting it to BSM and then routing it to various possible output + * streams, including the audit trail and audit pipes. The caller will free + * the record. + */ +static void +audit_worker_process_record(struct vnode *audit_vp, struct ucred *audit_cred, + struct thread *audit_td, struct kaudit_record *ar) +{ + int error; + + if (audit_vp == NULL) + return; + + error = audit_record_write(audit_vp, ar, audit_cred, audit_td); + if (error) { + if (audit_panic_on_write_fail) + panic("audit_worker: write error %d\n", error); + else + printf("audit_worker: write error %d\n", error); + } +} + +/* * The audit_worker thread is responsible for watching the event queue, * dequeueing records, converting them to BSM format, and committing them to * disk. In order to minimize lock thrashing, records are dequeued in sets @@ -399,7 +426,7 @@ struct ucred *audit_cred; struct thread *audit_td; struct vnode *audit_vp; - int error, lowater_signal; + int lowater_signal; AUDIT_PRINTF(("audit_worker starting\n")); @@ -465,16 +492,8 @@ mtx_unlock(&audit_mtx); while ((ar = TAILQ_FIRST(&ar_worklist))) { TAILQ_REMOVE(&ar_worklist, ar, k_q); - if (audit_vp != NULL) { - error = audit_record_write(audit_vp, ar, - audit_cred, audit_td); - if (error && audit_panic_on_write_fail) - panic("audit_worker: write error %d\n", - error); - else if (error) - printf("audit_worker: write error %d\n", - error); - } + audit_worker_process_record(audit_vp, audit_cred, + audit_td, ar); audit_free(ar); } mtx_lock(&audit_mtx);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603191921.k2JJL2Ek020891>