summaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-07-18 14:24:46 -0400
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-07-18 14:24:46 -0400
commitce625a801664d8ed7344117bbb57510e4e0e872c (patch)
tree50e6760a0b1b506b234700afddc7296b28918650 /kernel
parentd5b454f2c40c9efd0cc113bc3220ebcb66b7c022 (diff)
downloadlinux-ce625a801664d8ed7344117bbb57510e4e0e872c.tar.gz
linux-ce625a801664d8ed7344117bbb57510e4e0e872c.tar.bz2
linux-ce625a801664d8ed7344117bbb57510e4e0e872c.zip
AUDIT: Reduce contention in audit_serial()
... by generating serial numbers only if an audit context is actually _used_, rather than doing so at syscall entry even when the context isn't necessarily marked auditable. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/audit.c4
-rw-r--r--kernel/auditsc.c4
2 files changed, 6 insertions, 2 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 27ffcf363f8d..d321e251d32b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -625,7 +625,9 @@ unsigned int audit_serial(void)
unsigned int ret;
spin_lock_irqsave(&serial_lock, flags);
- ret = serial++;
+ do {
+ ret = ++serial;
+ } while (unlikely(!ret));
spin_unlock_irqrestore(&serial_lock, flags);
return ret;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 242d45e53738..46b45abceb9a 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -984,7 +984,7 @@ void audit_syscall_entry(struct task_struct *tsk, int arch, int major,
if (likely(state == AUDIT_DISABLED))
return;
- context->serial = audit_serial();
+ context->serial = 0;
context->ctime = CURRENT_TIME;
context->in_syscall = 1;
context->auditable = !!(state == AUDIT_RECORD_CONTEXT);
@@ -1138,6 +1138,8 @@ void audit_inode(const char *name, const struct inode *inode, unsigned flags)
void auditsc_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial)
{
+ if (!ctx->serial)
+ ctx->serial = audit_serial();
t->tv_sec = ctx->ctime.tv_sec;
t->tv_nsec = ctx->ctime.tv_nsec;
*serial = ctx->serial;