audit.c (156889) | audit.c (159261) |
---|---|
1/* 2 * Copyright (c) 1999-2005 Apple Computer, Inc. 3 * Copyright (c) 2006 Robert N. M. Watson 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 13 unchanged lines hidden (view full) --- 22 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 * | 1/* 2 * Copyright (c) 1999-2005 Apple Computer, Inc. 3 * Copyright (c) 2006 Robert N. M. Watson 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 13 unchanged lines hidden (view full) --- 22 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 * |
30 * $FreeBSD: head/sys/security/audit/audit.c 156889 2006-03-19 17:34:00Z rwatson $ | 30 * $FreeBSD: head/sys/security/audit/audit.c 159261 2006-06-05 13:43:57Z rwatson $ |
31 */ 32 33#include <sys/param.h> 34#include <sys/condvar.h> 35#include <sys/conf.h> 36#include <sys/file.h> 37#include <sys/filedesc.h> 38#include <sys/fcntl.h> --- 92 unchanged lines hidden (view full) --- 131 */ 132struct au_qctrl audit_qctrl; 133 134/* 135 * Condition variable to signal to the worker that it has work to do: 136 * either new records are in the queue, or a log replacement is taking 137 * place. 138 */ | 31 */ 32 33#include <sys/param.h> 34#include <sys/condvar.h> 35#include <sys/conf.h> 36#include <sys/file.h> 37#include <sys/filedesc.h> 38#include <sys/fcntl.h> --- 92 unchanged lines hidden (view full) --- 131 */ 132struct au_qctrl audit_qctrl; 133 134/* 135 * Condition variable to signal to the worker that it has work to do: 136 * either new records are in the queue, or a log replacement is taking 137 * place. 138 */ |
139struct cv audit_cv; | 139struct cv audit_worker_cv; |
140 141/* | 140 141/* |
142 * Condition variable to signal to the worker that it has work to do: 143 * either new records are in the queue, or a log replacement is taking 144 * place. 145 * 146 * XXXRW: This description is incorrect. | 142 * Condition variable to flag when crossing the low watermark, meaning that 143 * threads blocked due to hitting the high watermark can wake up and continue 144 * to commit records. |
147 */ | 145 */ |
148struct cv audit_commit_cv; | 146struct cv audit_watermark_cv; |
149 150/* 151 * Condition variable for auditing threads wait on when in fail-stop mode. 152 * Threads wait on this CV forever (and ever), never seeing the light of 153 * day again. 154 */ 155static struct cv audit_fail_cv; 156 --- 77 unchanged lines hidden (view full) --- 234 audit_q_len = 0; 235 audit_pre_q_len = 0; 236 audit_qctrl.aq_hiwater = AQ_HIWATER; 237 audit_qctrl.aq_lowater = AQ_LOWATER; 238 audit_qctrl.aq_bufsz = AQ_BUFSZ; 239 audit_qctrl.aq_minfree = AU_FS_MINFREE; 240 241 mtx_init(&audit_mtx, "audit_mtx", NULL, MTX_DEF); | 147 148/* 149 * Condition variable for auditing threads wait on when in fail-stop mode. 150 * Threads wait on this CV forever (and ever), never seeing the light of 151 * day again. 152 */ 153static struct cv audit_fail_cv; 154 --- 77 unchanged lines hidden (view full) --- 232 audit_q_len = 0; 233 audit_pre_q_len = 0; 234 audit_qctrl.aq_hiwater = AQ_HIWATER; 235 audit_qctrl.aq_lowater = AQ_LOWATER; 236 audit_qctrl.aq_bufsz = AQ_BUFSZ; 237 audit_qctrl.aq_minfree = AU_FS_MINFREE; 238 239 mtx_init(&audit_mtx, "audit_mtx", NULL, MTX_DEF); |
242 cv_init(&audit_cv, "audit_cv"); 243 cv_init(&audit_commit_cv, "audit_commit_cv"); | 240 cv_init(&audit_worker_cv, "audit_worker_cv"); 241 cv_init(&audit_watermark_cv, "audit_watermark_cv"); |
244 cv_init(&audit_fail_cv, "audit_fail_cv"); 245 246 audit_record_zone = uma_zcreate("audit_record_zone", 247 sizeof(struct kaudit_record), audit_record_ctor, 248 audit_record_dtor, NULL, NULL, UMA_ALIGN_PTR, 0); 249 250 /* Initialize the BSM audit subsystem. */ 251 kau_init(); --- 170 unchanged lines hidden (view full) --- 422 423 /* 424 * Constrain the number of committed audit records based on 425 * the configurable parameter. 426 */ 427 while (audit_q_len >= audit_qctrl.aq_hiwater) { 428 AUDIT_PRINTF(("audit_commit: sleeping to wait for " 429 "audit queue to drain below high water mark\n")); | 242 cv_init(&audit_fail_cv, "audit_fail_cv"); 243 244 audit_record_zone = uma_zcreate("audit_record_zone", 245 sizeof(struct kaudit_record), audit_record_ctor, 246 audit_record_dtor, NULL, NULL, UMA_ALIGN_PTR, 0); 247 248 /* Initialize the BSM audit subsystem. */ 249 kau_init(); --- 170 unchanged lines hidden (view full) --- 420 421 /* 422 * Constrain the number of committed audit records based on 423 * the configurable parameter. 424 */ 425 while (audit_q_len >= audit_qctrl.aq_hiwater) { 426 AUDIT_PRINTF(("audit_commit: sleeping to wait for " 427 "audit queue to drain below high water mark\n")); |
430 cv_wait(&audit_commit_cv, &audit_mtx); | 428 cv_wait(&audit_watermark_cv, &audit_mtx); |
431 AUDIT_PRINTF(("audit_commit: woke up waiting for " 432 "audit queue draining\n")); 433 } 434 435 TAILQ_INSERT_TAIL(&audit_q, ar, k_q); 436 audit_q_len++; 437 audit_pre_q_len--; | 429 AUDIT_PRINTF(("audit_commit: woke up waiting for " 430 "audit queue draining\n")); 431 } 432 433 TAILQ_INSERT_TAIL(&audit_q, ar, k_q); 434 audit_q_len++; 435 audit_pre_q_len--; |
438 cv_signal(&audit_cv); | 436 cv_signal(&audit_worker_cv); |
439 mtx_unlock(&audit_mtx); 440} 441 442/* 443 * audit_syscall_enter() is called on entry to each system call. It is 444 * responsible for deciding whether or not to audit the call (preselection), 445 * and if so, allocating a per-thread audit record. audit_new() will fill in 446 * basic thread/credential properties. --- 194 unchanged lines hidden --- | 437 mtx_unlock(&audit_mtx); 438} 439 440/* 441 * audit_syscall_enter() is called on entry to each system call. It is 442 * responsible for deciding whether or not to audit the call (preselection), 443 * and if so, allocating a per-thread audit record. audit_new() will fill in 444 * basic thread/credential properties. --- 194 unchanged lines hidden --- |