diff options
author | Serge E. Hallyn <serue@us.ibm.com> | 2006-04-27 23:45:14 +0200 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-06-20 11:25:23 +0200 |
commit | 5d136a010de3bc16fe595987feb9ef8868f064c2 (patch) | |
tree | ce0dbf3d5da61bc9b69fa557f0f578cd980f3147 | |
parent | [PATCH] fix audit_krule_to_{rule,data} return values (diff) | |
download | linux-5d136a010de3bc16fe595987feb9ef8868f064c2.tar.xz linux-5d136a010de3bc16fe595987feb9ef8868f064c2.zip |
[PATCH] minor audit updates
Just a few minor proposed updates. Only the last one will
actually affect behavior. The rest are just misleading
code.
Several AUDIT_SET functions return 'old' value, but only
return value <0 is checked for. So just return 0.
propagate audit_set_rate_limit and audit_set_backlog_limit
error values
In audit_buffer_free, the audit_freelist_count was being
incremented even when we discard the return buffer, so
audit_freelist_count can end up wrong. This could cause
the actual freelist to shrink over time, eventually
threatening to degrate audit performance.
Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | kernel/audit.c | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index bb20922d08cc..0738a4b290e6 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -251,7 +251,7 @@ static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sid) "audit_rate_limit=%d old=%d by auid=%u", limit, old, loginuid); audit_rate_limit = limit; - return old; + return 0; } static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid) @@ -274,7 +274,7 @@ static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid) "audit_backlog_limit=%d old=%d by auid=%u", limit, old, loginuid); audit_backlog_limit = limit; - return old; + return 0; } static int audit_set_enabled(int state, uid_t loginuid, u32 sid) @@ -300,7 +300,7 @@ static int audit_set_enabled(int state, uid_t loginuid, u32 sid) "audit_enabled=%d old=%d by auid=%u", state, old, loginuid); audit_enabled = state; - return old; + return 0; } static int audit_set_failure(int state, uid_t loginuid, u32 sid) @@ -328,7 +328,7 @@ static int audit_set_failure(int state, uid_t loginuid, u32 sid) "audit_failure=%d old=%d by auid=%u", state, old, loginuid); audit_failure = state; - return old; + return 0; } static int kauditd_thread(void *dummy) @@ -364,7 +364,6 @@ static int kauditd_thread(void *dummy) remove_wait_queue(&kauditd_wait, &wait); } } - return 0; } int audit_send_list(void *_dest) @@ -551,10 +550,10 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) audit_pid = status_get->pid; } if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) - audit_set_rate_limit(status_get->rate_limit, + err = audit_set_rate_limit(status_get->rate_limit, loginuid, sid); if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) - audit_set_backlog_limit(status_get->backlog_limit, + err = audit_set_backlog_limit(status_get->backlog_limit, loginuid, sid); break; case AUDIT_USER: @@ -727,10 +726,12 @@ static void audit_buffer_free(struct audit_buffer *ab) kfree_skb(ab->skb); spin_lock_irqsave(&audit_freelist_lock, flags); - if (++audit_freelist_count > AUDIT_MAXFREE) + if (audit_freelist_count > AUDIT_MAXFREE) kfree(ab); - else + else { + audit_freelist_count++; list_add(&ab->list, &audit_freelist); + } spin_unlock_irqrestore(&audit_freelist_lock, flags); } |