From: Richard Guy Briggs <rgb@redhat.com>
To: "Paris, Eric" <eparis@parisplace.org>
Cc: linux-audit@redhat.com, "Eric W. Biederman" <ebiederm@xmission.com>
Subject: Re: [PATCH 2/2] audit: shrink audit_krule by using smaller bitfields
Date: Tue, 23 Dec 2014 15:42:45 -0500 [thread overview]
Message-ID: <20141223204245.GH29998@madcap2.tricolour.ca> (raw)
In-Reply-To: <CACLa4puEKh8ow5O1gyRYWDr1Yx_5RmjP_Dn1xA9cZhLvEbNKjw@mail.gmail.com>
On 14/12/23, Paris, Eric wrote:
> It's probably not a problem, but one needs to remember that all
> updates to all bit fields need to be under the same lock/protection.
> Bitfields + concurrent access is dangerous, but may well be
> appropriate in this case.
Good point. I'll go back and check for any issues, but as you point
out, in this case it may be appropriate. All these fields should only
change during a rule addition in a newly allocated struct (under
audit_cmd_mutex) before they are referenceable by other parts of the
code.
Thanks, Eric.
> -Eric
>
> On Tue, Dec 23, 2014 at 1:20 PM, Richard Guy Briggs <rgb@redhat.com> wrote:
> > Replace five 32-bit fields with one. Move a nearby 32-bit field to enable
> > 64-bit alignment.
> >
> > Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> > ---
> > include/linux/audit.h | 13 +++++++------
> > 1 files changed, 7 insertions(+), 6 deletions(-)
> >
> > diff --git a/include/linux/audit.h b/include/linux/audit.h
> > index b481779..bd06f92 100644
> > --- a/include/linux/audit.h
> > +++ b/include/linux/audit.h
> > @@ -46,13 +46,14 @@ struct audit_tree;
> > struct sk_buff;
> >
> > struct audit_krule {
> > - u32 pflags;
> > - u32 flags;
> > - u32 listnr;
> > - u32 action;
> > - u32 mask[AUDIT_BITMASK_SIZE];
> > + u32 listnr:4,
> > + flags:5,
> > + action:2,
> > + pflags:1,
> > + field_count:7,
> > + reserved:13;
> > u32 buflen; /* for data alloc on list rules */
> > - u32 field_count;
> > + u32 mask[AUDIT_BITMASK_SIZE];
> > char *filterkey; /* ties events to rules */
> > struct audit_field *fields;
> > struct audit_field *arch_f; /* quick access to arch field */
> > --
> > 1.7.1
- RGB
--
Richard Guy Briggs <rbriggs@redhat.com>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545
next prev parent reply other threads:[~2014-12-23 20:42 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-23 18:02 [PATCH 1/2] audit: restore AUDIT_LOGINUID unset ABI Richard Guy Briggs
2014-12-23 18:20 ` [PATCH 2/2] audit: shrink audit_krule by using smaller bitfields Richard Guy Briggs
2014-12-23 18:33 ` Paris, Eric
2014-12-23 20:42 ` Richard Guy Briggs [this message]
2014-12-23 19:04 ` Steve Grubb
2014-12-23 20:43 ` Richard Guy Briggs
2014-12-23 21:29 ` Paul Moore
2014-12-23 21:26 ` [PATCH 1/2] audit: restore AUDIT_LOGINUID unset ABI Paul Moore
2014-12-23 21:41 ` Paris, Eric
2014-12-23 21:46 ` Paul Moore
2014-12-23 23:02 ` Richard Guy Briggs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141223204245.GH29998@madcap2.tricolour.ca \
--to=rgb@redhat.com \
--cc=ebiederm@xmission.com \
--cc=eparis@parisplace.org \
--cc=linux-audit@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox