From: Casey Schaufler <casey@schaufler-ca.com>
To: Richard Guy Briggs <rgb@redhat.com>,
linux-audit@redhat.com, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/3] smack: call WARN_ONCE() instead of calling audit_log_start()
Date: Fri, 06 Dec 2013 10:40:56 -0800 [thread overview]
Message-ID: <52A21A38.40802@schaufler-ca.com> (raw)
In-Reply-To: <f18b900087454601b1431183f705f61acd4932c7.1386206544.git.rgb@redhat.com>
On 12/4/2013 6:45 PM, Richard Guy Briggs wrote:
> Remove the call to audit_log() (which call audit_log_start()) and deal with
> the errors in the caller, logging only once if the condition is met. Calling
> audit_log_start() in this location makes buffer allocation and locking more
> complicated in the calling tree (audit_filter_user()).
>
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
I'm not opposed to this change, but have you actually tried it?
> ---
> security/smack/smack_lsm.c | 5 ++---
> 1 files changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 8825375..185e2e7 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3615,9 +3615,8 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule,
> struct smack_known *skp;
> char *rule = vrule;
>
> - if (!rule) {
> - audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,
> - "Smack: missing rule\n");
> + if (unlikely(!rule)) {
> + WARN_ONCE(1, "Smack: missing rule\n");
> return -ENOENT;
> }
>
WARNING: multiple messages have this Message-ID (diff)
From: Casey Schaufler <casey@schaufler-ca.com>
To: Richard Guy Briggs <rgb@redhat.com>,
linux-audit@redhat.com, linux-kernel@vger.kernel.org
Cc: Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH 2/3] smack: call WARN_ONCE() instead of calling audit_log_start()
Date: Fri, 06 Dec 2013 10:40:56 -0800 [thread overview]
Message-ID: <52A21A38.40802@schaufler-ca.com> (raw)
In-Reply-To: <f18b900087454601b1431183f705f61acd4932c7.1386206544.git.rgb@redhat.com>
On 12/4/2013 6:45 PM, Richard Guy Briggs wrote:
> Remove the call to audit_log() (which call audit_log_start()) and deal with
> the errors in the caller, logging only once if the condition is met. Calling
> audit_log_start() in this location makes buffer allocation and locking more
> complicated in the calling tree (audit_filter_user()).
>
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
I'm not opposed to this change, but have you actually tried it?
> ---
> security/smack/smack_lsm.c | 5 ++---
> 1 files changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 8825375..185e2e7 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3615,9 +3615,8 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule,
> struct smack_known *skp;
> char *rule = vrule;
>
> - if (!rule) {
> - audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,
> - "Smack: missing rule\n");
> + if (unlikely(!rule)) {
> + WARN_ONCE(1, "Smack: missing rule\n");
> return -ENOENT;
> }
>
next prev parent reply other threads:[~2013-12-06 18:40 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-11 1:36 [BUG][PATCH][RFC] audit: hang up in audit_log_start executed on auditd Toshiyuki Okajima
2013-10-11 1:36 ` Toshiyuki Okajima
2013-10-11 9:33 ` Gao feng
2013-10-11 12:29 ` Toshiyuki Okajima (smtp-b.css)
2013-10-15 4:43 ` [BUG][PATCH] audit: audit_log_start running on auditd should not stop Toshiyuki Okajima
2013-10-15 6:30 ` Gao feng
2013-10-15 7:07 ` Toshiyuki Okajima
2013-10-15 7:58 ` [BUG][PATCH V3] " Toshiyuki Okajima
2013-10-15 9:41 ` Gao feng
2013-10-23 19:55 ` [BUG][PATCH] " Richard Guy Briggs
2013-10-24 5:55 ` Gao feng
2013-10-24 19:35 ` Richard Guy Briggs
2013-10-25 1:36 ` Toshiyuki Okajima
2013-10-25 15:12 ` Eric Paris
2013-10-28 9:20 ` Toshiyuki Okajima
2013-12-05 2:45 ` [PATCH 0/3] audit: remove audit_log_start() contention in AUDIT_USER type calls Richard Guy Briggs
2013-12-05 2:45 ` [PATCH 1/3] selinux: call WARN_ONCE() instead of calling audit_log_start() Richard Guy Briggs
2013-12-05 2:45 ` [PATCH 2/3] smack: " Richard Guy Briggs
2013-12-06 18:40 ` Casey Schaufler [this message]
2013-12-06 18:40 ` Casey Schaufler
2013-12-08 22:17 ` Richard Guy Briggs
2013-12-05 2:45 ` [PATCH 3/3] audit: drop audit_cmd_lock in AUDIT_USER family of cases Richard Guy Briggs
2013-12-05 2:45 ` Richard Guy Briggs
2013-12-09 2:31 ` Toshiyuki Okajima
2013-12-09 2:31 ` Toshiyuki Okajima
2013-12-05 7:15 ` [RESEND][BUG][PATCH V3] audit: audit_log_start running on auditd should not stop Toshiyuki Okajima
2013-12-05 7:15 ` Toshiyuki Okajima
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52A21A38.40802@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rgb@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.