Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

AUDIT: Reduce contention in audit_serial()
... by generating serial numbers only if an audit context is actually
_used_, rather than doing so at syscall entry even when the context
isn't necessarily marked auditable.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

David Woodhouse 20 years ago
parent
d5b454f2c4
commit
ce625a8016
2 changed files with 6 additions and 2 deletions
Split View Show Diff Stats
  1. 3 1
      kernel/audit.c
  2. 3 1
      kernel/auditsc.c

+ 3 - 1
kernel/audit.c
View File 

@@ -625,7 +625,9 @@ unsigned int audit_serial(void)
 
 	unsigned int ret;
 
 
 	spin_lock_irqsave(&serial_lock, flags);
 
-	ret = serial++;
 
+	do {
 
+		ret = ++serial;
 
+	} while (unlikely(!ret));
 
 	spin_unlock_irqrestore(&serial_lock, flags);
 
 
 	return ret;

+ 3 - 1
kernel/auditsc.c
View File 

@@ -984,7 +984,7 @@ void audit_syscall_entry(struct task_struct *tsk, int arch, int major,
 
 	if (likely(state == AUDIT_DISABLED))
 
 		return;
 
 
-	context->serial     = audit_serial();
 
+	context->serial     = 0;
 
 	context->ctime      = CURRENT_TIME;
 
 	context->in_syscall = 1;
 
 	context->auditable  = !!(state == AUDIT_RECORD_CONTEXT);
 
@@ -1138,6 +1138,8 @@ void audit_inode(const char *name, const struct inode *inode, unsigned flags)
 
 void auditsc_get_stamp(struct audit_context *ctx,
 
 		       struct timespec *t, unsigned int *serial)
 
 {
 
+	if (!ctx->serial)
 
+		ctx->serial = audit_serial();
 
 	t->tv_sec  = ctx->ctime.tv_sec;
 
 	t->tv_nsec = ctx->ctime.tv_nsec;
 
 	*serial    = ctx->serial;