summaryrefslogtreecommitdiffstats
path: root/kernel/audit_watch.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-12-17 21:24:22 -0500
committerEric Paris <eparis@redhat.com>2010-07-28 09:58:51 -0400
commit220d14df0dc587c06b97762829a41157c9375b94 (patch)
treecea58c9859b86ea112f4dfc0c6c2bbbb6504edcc /kernel/audit_watch.c
parentffab83402f01555a5fa32efb48a4dd0ce8d12ef5 (diff)
downloadlinux-220d14df0dc587c06b97762829a41157c9375b94.tar.gz
linux-220d14df0dc587c06b97762829a41157c9375b94.tar.bz2
linux-220d14df0dc587c06b97762829a41157c9375b94.zip
Audit: only set group mask when something is being watched
Currently the audit watch group always sets a mask equal to all events it might care about. We instead should only set the group mask if we are actually watching inodes. This should be a perf win when audit watches are compiled in. Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/audit_watch.c')
-rw-r--r--kernel/audit_watch.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
index 0f03a6ab96ed..87408b282118 100644
--- a/kernel/audit_watch.c
+++ b/kernel/audit_watch.c
@@ -167,6 +167,8 @@ static struct audit_parent *audit_init_parent(struct nameidata *ndp)
return ERR_PTR(ret);
}
+ fsnotify_recalc_group_mask(audit_watch_group);
+
return parent;
}
@@ -353,6 +355,9 @@ static void audit_remove_parent_watches(struct audit_parent *parent)
mutex_unlock(&audit_filter_mutex);
fsnotify_destroy_mark_by_entry(&parent->mark);
+
+ fsnotify_recalc_group_mask(audit_watch_group);
+
}
/* Get path information necessary for adding watches. */
@@ -503,6 +508,9 @@ void audit_remove_watch_rule(struct audit_krule *krule)
audit_put_parent(parent);
}
}
+
+ fsnotify_recalc_group_mask(audit_watch_group);
+
}
static bool audit_watch_should_send_event(struct fsnotify_group *group, struct inode *inode,
@@ -577,8 +585,7 @@ static const struct fsnotify_ops audit_watch_fsnotify_ops = {
static int __init audit_watch_init(void)
{
- audit_watch_group = fsnotify_alloc_group(AUDIT_FS_WATCH,
- &audit_watch_fsnotify_ops);
+ audit_watch_group = fsnotify_alloc_group(0, &audit_watch_fsnotify_ops);
if (IS_ERR(audit_watch_group)) {
audit_watch_group = NULL;
audit_panic("cannot create audit fsnotify group");