AUDIT: Reduce contention in audit_serial()
... by generating serial numbers only if an audit context is actually _used_, rather than doing so at syscall entry even when the context isn't necessarily marked auditable. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This commit is contained in:
parent
d5b454f2c4
commit
ce625a8016
@ -625,7 +625,9 @@ unsigned int audit_serial(void)
|
|||||||
unsigned int ret;
|
unsigned int ret;
|
||||||
|
|
||||||
spin_lock_irqsave(&serial_lock, flags);
|
spin_lock_irqsave(&serial_lock, flags);
|
||||||
ret = serial++;
|
do {
|
||||||
|
ret = ++serial;
|
||||||
|
} while (unlikely(!ret));
|
||||||
spin_unlock_irqrestore(&serial_lock, flags);
|
spin_unlock_irqrestore(&serial_lock, flags);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
|
@ -984,7 +984,7 @@ void audit_syscall_entry(struct task_struct *tsk, int arch, int major,
|
|||||||
if (likely(state == AUDIT_DISABLED))
|
if (likely(state == AUDIT_DISABLED))
|
||||||
return;
|
return;
|
||||||
|
|
||||||
context->serial = audit_serial();
|
context->serial = 0;
|
||||||
context->ctime = CURRENT_TIME;
|
context->ctime = CURRENT_TIME;
|
||||||
context->in_syscall = 1;
|
context->in_syscall = 1;
|
||||||
context->auditable = !!(state == AUDIT_RECORD_CONTEXT);
|
context->auditable = !!(state == AUDIT_RECORD_CONTEXT);
|
||||||
@ -1138,6 +1138,8 @@ void audit_inode(const char *name, const struct inode *inode, unsigned flags)
|
|||||||
void auditsc_get_stamp(struct audit_context *ctx,
|
void auditsc_get_stamp(struct audit_context *ctx,
|
||||||
struct timespec *t, unsigned int *serial)
|
struct timespec *t, unsigned int *serial)
|
||||||
{
|
{
|
||||||
|
if (!ctx->serial)
|
||||||
|
ctx->serial = audit_serial();
|
||||||
t->tv_sec = ctx->ctime.tv_sec;
|
t->tv_sec = ctx->ctime.tv_sec;
|
||||||
t->tv_nsec = ctx->ctime.tv_nsec;
|
t->tv_nsec = ctx->ctime.tv_nsec;
|
||||||
*serial = ctx->serial;
|
*serial = ctx->serial;
|
||||||
|
Loading…
Reference in New Issue
Block a user