From: Klaus Heinrich Kiwi <klausk@br.ibm.com>
To: Linux-audit@redhat.com
Subject: [PATCH 05/07][RFC] RACF audit plugin - queue interface
Date: Fri, 28 Sep 2007 10:28:30 -0300 [thread overview]
Message-ID: <1190986110.4113.54.camel@klausk.br.ibm.com> (raw)
In-Reply-To: <1190985127.4113.32.camel@klausk.br.ibm.com>
This patch implements a queue for already-encoded BER elements for the
racf plugin.
This is entirely based on audit dispatcher code by Steve Grubb.
Signed-off-by: Klaus Heinrich Kiwi <klausk@br.ibm.com>
diff -purN audit-1.6.2/audisp/plugins/racf/racf-queue.h audit-1.6.2_racf/audisp/plugins/racf/racf-queue.h
--- audit-1.6.2/audisp/plugins/racf/racf-queue.h 1969-12-31 21:00:00.000000000 -0300
+++ audit-1.6.2_racf/audisp/plugins/racf/racf-queue.h 2007-09-28 09:18:08.000000000 -0300
@@ -0,0 +1,38 @@
+/***************************************************************************
+ * Copyright (C) 2007 International Business Machines Corp. *
+ * All Rights Reserved. *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ * *
+ * Authors: *
+ * Klaus Heinrich Kiwi <klausk@br.ibm.com> *
+ * based on code by Steve Grubb <sgrubb@redhat.com> *
+ ***************************************************************************/
+
+#ifndef _RACF_QUEUE_H
+#define _RACF_QUEUE_H
+
+#include <lber.h>
+
+int init_queue(unsigned int size);
+void enqueue(BerElement *);
+BerElement *dequeue(void);
+void nudge_queue(void);
+void increase_queue_depth(unsigned int size);
+void destroy_queue(void);
+
+#endif /* _RACF_QUEUE_H */
+
diff -purN audit-1.6.2/audisp/plugins/racf/racf-queue.c audit-1.6.2_racf/audisp/plugins/racf/racf-queue.c
--- audit-1.6.2/audisp/plugins/racf/racf-queue.c 1969-12-31 21:00:00.000000000 -0300
+++ audit-1.6.2_racf/audisp/plugins/racf/racf-queue.c 2007-09-28 09:18:08.000000000 -0300
@@ -0,0 +1,144 @@
+/***************************************************************************
+ * Copyright (C) 2007 International Business Machines Corp. *
+ * All Rights Reserved. *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ * *
+ * Authors: *
+ * Klaus Heinrich Kiwi <klausk@br.ibm.com> *
+ * based on code by Steve Grubb <sgrubb@redhat.com> *
+ ***************************************************************************/
+
+#include "racf-queue.h"
+
+#include <stdlib.h>
+#include <pthread.h>
+#include <syslog.h>
+#include "racf-log.h"
+
+static volatile BerElement **q;
+static pthread_mutex_t queue_lock;
+static pthread_cond_t queue_nonempty;
+static unsigned int q_next, q_last, q_depth;
+
+
+int init_queue(unsigned int size)
+{
+ unsigned int i;
+
+ q_next = 0;
+ q_last = 0;
+ q_depth = size;
+ q = malloc(q_depth * sizeof(BerElement *));
+ if (q == NULL)
+ return -1;
+
+ for (i=0; i<q_depth; i++)
+ q[i] = NULL;
+
+ /* Setup IPC mechanisms */
+ pthread_mutex_init(&queue_lock, NULL);
+ pthread_cond_init(&queue_nonempty, NULL);
+
+ return 0;
+}
+
+void enqueue(BerElement *ber)
+{
+ unsigned int n, retry_cnt = 0;
+
+retry:
+ /* We allow 3 retries and then its over */
+ if (retry_cnt > 3) {
+ log_err("queue is full - dropping event");
+ return;
+ }
+ pthread_mutex_lock(&queue_lock);
+
+ /* OK, have lock add event */
+ n = q_next%q_depth;
+ if (q[n] == NULL) {
+ q[n] = ber;
+ q_next = (n+1) % q_depth;
+ pthread_cond_signal(&queue_nonempty);
+ pthread_mutex_unlock(&queue_lock);
+ } else {
+ pthread_mutex_unlock(&queue_lock);
+ pthread_yield(); /* Let dequeue thread run to clear queue */
+ retry_cnt++;
+ goto retry;
+ }
+}
+
+BerElement *dequeue(void)
+{
+ BerElement *ber;
+ unsigned int n;
+
+ /* Wait until its got something in it */
+ pthread_mutex_lock(&queue_lock);
+ n = q_last%q_depth;
+ if (q[n] == NULL) {
+ pthread_cond_wait(&queue_nonempty, &queue_lock);
+ n = q_last%q_depth;
+ }
+
+ /* OK, grab the next event */
+ if (q[n] != NULL) {
+ ber = (BerElement *) q[n];
+ q[n] = NULL;
+ q_last = (n+1) % q_depth;
+ } else
+ ber = NULL;
+
+ pthread_mutex_unlock(&queue_lock);
+
+ /* Process the event */
+ return ber;
+}
+
+void nudge_queue(void)
+{
+ pthread_cond_signal(&queue_nonempty);
+}
+
+void increase_queue_depth(unsigned int size)
+{
+ pthread_mutex_lock(&queue_lock);
+ if (size > q_depth) {
+ unsigned int i;
+ void *tmp_q;
+
+ tmp_q = realloc(q, size * sizeof(BerElement *));
+ q = tmp_q;
+ for (i=q_depth; i<size; i++)
+ q[i] = NULL;
+ q_depth = size;
+ }
+ pthread_mutex_unlock(&queue_lock);
+}
+
+void destroy_queue(void)
+{
+ unsigned int i;
+
+ for (i=0; i<q_depth; i++) {
+ ber_free(q[i], 1);
+ }
+
+ free(q);
+}
+
next prev parent reply other threads:[~2007-09-28 13:28 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1190983565.4113.2.camel@klausk.br.ibm.com>
2007-09-28 13:28 ` [PATCH 01/07][RFC] RACF audit plugin - configuration files Klaus Heinrich Kiwi
[not found] ` <1190983925.4113.8.camel@klausk.br.ibm.com>
2007-09-28 13:28 ` [PATCH 02/07][RFC] RACF audit plugin - configuration interface Klaus Heinrich Kiwi
[not found] ` <1190984128.4113.12.camel@klausk.br.ibm.com>
2007-09-28 13:28 ` [PATCH 03/07][RFC] RACF audit plugin - LDAP interface Klaus Heinrich Kiwi
[not found] ` <1190984843.4113.25.camel@klausk.br.ibm.com>
2007-09-28 13:28 ` [PATCH 04/07][RFC] RACF audit plugin - logging interface Klaus Heinrich Kiwi
[not found] ` <1190985127.4113.32.camel@klausk.br.ibm.com>
2007-09-28 13:28 ` Klaus Heinrich Kiwi [this message]
[not found] ` <1190985276.4113.35.camel@klausk.br.ibm.com>
2007-09-28 13:28 ` [PATCH 06/07][RFC] RACF audit plugin - plugin main code Klaus Heinrich Kiwi
[not found] ` <1190985692.4113.42.camel@klausk.br.ibm.com>
2007-09-28 13:28 ` [PATCH 07/07][RFC] RACF audit plugin - build and packaging integration Klaus Heinrich Kiwi
2007-09-28 20:43 ` Klaus Heinrich Kiwi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1190986110.4113.54.camel@klausk.br.ibm.com \
--to=klausk@br.ibm.com \
--cc=Linux-audit@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox