From: Eric Paris <eparis@redhat.com>
To: linux-audit@redhat.com
Cc: viro@zeniv.linux.org.uk
Subject: [PATCH 11/26] audit: inline checks for not needing to collect aux records
Date: Thu, 17 Nov 2011 17:03:43 -0500 [thread overview]
Message-ID: <20111117220343.23481.40953.stgit@paris.rdu.redhat.com> (raw)
In-Reply-To: <20111117220244.23481.96785.stgit@paris.rdu.redhat.com>
A number of audit hooks make function calls before they determine that
auxilary records do not need to be collected. Do those checks as static
inlines since the most common case is going to be that records are not
needed and we can skip the function call overhead.
Signed-off-by: Eric Paris <eparis@redhat.com>
---
include/linux/audit.h | 23 ++++++++++++++++++++---
kernel/auditsc.c | 15 +++------------
2 files changed, 23 insertions(+), 15 deletions(-)
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 83e4c02..68df4f4 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -489,9 +489,9 @@ extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
extern void audit_log_task_context(struct audit_buffer *ab);
extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
-extern int audit_bprm(struct linux_binprm *bprm);
-extern void audit_socketcall(int nargs, unsigned long *args);
-extern int audit_sockaddr(int len, void *addr);
+extern int __audit_bprm(struct linux_binprm *bprm);
+extern void __audit_socketcall(int nargs, unsigned long *args);
+extern int __audit_sockaddr(int len, void *addr);
extern void __audit_fd_pair(int fd1, int fd2);
extern int audit_set_macxattr(const char *name);
extern void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr);
@@ -519,6 +519,23 @@ static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid
if (unlikely(!audit_dummy_context()))
__audit_ipc_set_perm(qbytes, uid, gid, mode);
}
+static inline int audit_bprm(struct linux_binprm *bprm)
+{
+ if (unlikely(!audit_dummy_context()))
+ return __audit_bprm(bprm);
+ return 0;
+}
+static inline void audit_socketcall(int nargs, unsigned long *args)
+{
+ if (unlikely(!audit_dummy_context()))
+ __audit_socketcall(nargs, args);
+}
+static inline int audit_sockaddr(int len, void *addr)
+{
+ if (unlikely(!audit_dummy_context()))
+ return __audit_sockaddr(len, addr);
+ return 0;
+}
static inline void audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr)
{
if (unlikely(!audit_dummy_context()))
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index e6f0e1e..d600146 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2309,14 +2309,11 @@ void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mod
context->ipc.has_perm = 1;
}
-int audit_bprm(struct linux_binprm *bprm)
+int __audit_bprm(struct linux_binprm *bprm)
{
struct audit_aux_data_execve *ax;
struct audit_context *context = current->audit_context;
- if (likely(!audit_enabled || !context || context->dummy))
- return 0;
-
ax = kmalloc(sizeof(*ax), GFP_KERNEL);
if (!ax)
return -ENOMEM;
@@ -2337,13 +2334,10 @@ int audit_bprm(struct linux_binprm *bprm)
* @args: args array
*
*/
-void audit_socketcall(int nargs, unsigned long *args)
+void __audit_socketcall(int nargs, unsigned long *args)
{
struct audit_context *context = current->audit_context;
- if (likely(!context || context->dummy))
- return;
-
context->type = AUDIT_SOCKETCALL;
context->socketcall.nargs = nargs;
memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long));
@@ -2369,13 +2363,10 @@ void __audit_fd_pair(int fd1, int fd2)
*
* Returns 0 for success or NULL context or < 0 on error.
*/
-int audit_sockaddr(int len, void *a)
+int __audit_sockaddr(int len, void *a)
{
struct audit_context *context = current->audit_context;
- if (likely(!context || context->dummy))
- return 0;
-
if (!context->sockaddr) {
void *p = kmalloc(sizeof(struct sockaddr_storage), GFP_KERNEL);
if (!p)
next prev parent reply other threads:[~2011-11-17 22:03 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-17 22:02 [PATCH 01/26] audit: make filetype matching consistent with other filters Eric Paris
2011-11-17 22:02 ` [PATCH 02/26] audit: dynamically allocate audit_names when not enough space is in the names array Eric Paris
2011-11-17 22:02 ` [PATCH 03/26] audit: drop the meaningless and format breaking word 'user' Eric Paris
2011-11-17 22:03 ` [PATCH 04/26] audit: check current inode and containing object when filtering on major and minor Eric Paris
2011-11-17 22:03 ` [PATCH 05/26] seccomp: audit abnormal end to a process due to seccomp Eric Paris
2011-11-17 22:03 ` [PATCH 06/26] Audit: push audit success and retcode into arch ptrace.h Eric Paris
2011-11-17 22:03 ` [PATCH 07/26] audit: ia32entry.S sign extend error codes when calling 64 bit code Eric Paris
2011-11-17 22:03 ` [PATCH 08/26] audit: inline audit_syscall_entry to reduce burdon on archs Eric Paris
2011-11-17 22:03 ` [PATCH 09/26] audit: remove AUDIT_SETUP_CONTEXT as it isn't used Eric Paris
2011-11-17 22:03 ` [PATCH 10/26] audit: drop some potentially inadvisable likely notations Eric Paris
2011-11-17 22:03 ` Eric Paris [this message]
2011-11-17 22:03 ` [PATCH 12/26] audit: drop audit_set_macxattr as it doesn't do anything Eric Paris
2011-11-17 22:03 ` [PATCH 13/26] audit: inline audit_free to simplify the look of generic code Eric Paris
2011-11-17 22:04 ` [PATCH 14/26] audit: reject entry,always rules Eric Paris
2011-11-17 22:04 ` [PATCH 15/26] audit: remove audit_finish_fork as it can't be called Eric Paris
2011-11-17 22:04 ` [PATCH 16/26] audit: allow matching on obj_uid Eric Paris
2011-11-17 22:04 ` [PATCH 17/26] audit: allow audit matching on inode gid Eric Paris
2011-11-17 22:04 ` [PATCH 18/26] audit: allow interfield comparison in audit rules Eric Paris
2011-11-17 22:04 ` [PATCH 19/26] audit: complex interfield comparison helper Eric Paris
2011-11-17 22:04 ` [PATCH 20/26] audit: allow interfield comparison between gid and ogid Eric Paris
2011-11-17 22:04 ` [PATCH 21/26] audit: remove task argument to audit_set_loginuid Eric Paris
2011-11-17 22:04 ` [PATCH 22/26] audit: only allow tasks to set their loginuid if it is -1 Eric Paris
2011-11-17 22:04 ` [PATCH 23/26] audit: do not call audit_getname on error Eric Paris
2011-11-17 22:04 ` [PATCH 24/26] Kernel: Audit Support For The ARM Platform Eric Paris
2011-11-17 22:05 ` [PATCH 25/26] audit: fix mark refcounting Eric Paris
2011-11-17 22:05 ` [PATCH 26/26] audit: collect path information when possible Eric Paris
2011-11-17 22:47 ` Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111117220343.23481.40953.stgit@paris.rdu.redhat.com \
--to=eparis@redhat.com \
--cc=linux-audit@redhat.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox