From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter Hurley Subject: [RESEND][PATCH 00/15] Rework tty audit Date: Sat, 9 Jan 2016 20:58:53 -0800 Message-ID: <1452401948-30790-1-git-send-email-peter@hurleysoftware.com> References: <1447207560-16410-1-git-send-email-peter@hurleysoftware.com> Return-path: In-Reply-To: <1447207560-16410-1-git-send-email-peter@hurleysoftware.com> Sender: linux-kernel-owner@vger.kernel.org To: Greg Kroah-Hartman Cc: Jiri Slaby , linux-audit@redhat.com, linux-kernel@vger.kernel.org, Peter Hurley List-Id: linux-audit@redhat.com Hi Greg, Here's a resend of the original tty audit series from Nov 10; no objections from the audit maintainers. Original message follows: This patch series overhauls tty audit support. The goal was to simplify and speed up tty auditing, which was a significant performance hit even when disabled. The main features of this series are: * Remove reference counting; the purpose of reference counting the per- process tty_audit_buf was to prevent premature deletion if the buffer was in-use when tty auditing was exited for the process. However, since the process is single-threaded at tty_audit_exit(), the buffer cannot be in-use by another thread. Patch 11/15. * Remove functionally dead code, such as tty_put_user(). Patch 2/15. * Atomically modify tty audit enable/disable flags to support lockless read. Patch 9/15. Regards, Peter Hurley (15): tty: audit: Early-out pty master reads earlier tty: audit: Never audit packet mode tty: audit: Remove icanon mode from call chain tty: audit: Defer audit buffer association tty: audit: Take siglock directly tty: audit: Ignore current association for audit push tty: audit: Combine push functions tty: audit: Track tty association with dev_t tty: audit: Handle tty audit enable atomically tty: audit: Remove false memory optimization tty: audit: Remove tty_audit_buf reference counting tty: audit: Simplify first-use allocation tty: audit: Check audit enable first tty: audit: Always push audit buffer before TIOCSTI tty: audit: Poison tty_audit_buf while process exits drivers/tty/n_tty.c | 25 ++---- drivers/tty/tty_audit.c | 231 ++++++++++++++---------------------------------- include/linux/audit.h | 4 + include/linux/sched.h | 1 - include/linux/tty.h | 12 +-- kernel/audit.c | 27 +++--- 6 files changed, 97 insertions(+), 203 deletions(-) -- 2.7.0