AUDIT_SYSCALL_EXIT() and indirectly audit_commit() is intended to be called from arbitrary top-level context. This means that any sleepable locks can be owned by the caller, and which makes the sleeping in audit_commit() forbidden. Since we need to sleep for the record in audit_alloc() anyway, move the sleep for the queue limit there. At worst, if the audit is suspended is disabled when we actually reach the commit location, this means that we lost time uselessly. PR: 287566
Details
Details
Diff Detail
Diff Detail
- Repository
- rG FreeBSD src repository
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
sys/security/audit/audit.c | ||
---|---|---|
443 | Shouldn't this come before the increment of audit_pre_q_len? Otherwise there is some theoretical risk of deadlock if audit_qctrl.aq_hiwater threads enter this sleep. |
sys/security/audit/audit.c | ||
---|---|---|
443 | I am not sure why. Note that we still check for audit_q_len, not audit_pre_q_len against high watermark. audit_q_len should eventually go down while audit records are processed. Also it is really not different from the current watermark organization, I only moved the wait place earlier, still before audit_q_len increment. |
sys/security/audit/audit.c | ||
---|---|---|
443 | Ok, I see now. I might also move the allocation of ar to the end of the function. |