PERFORCE change 84872 for review
Wayne Salamon
wsalamon at FreeBSD.org
Wed Oct 5 23:22:07 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=84872
Change 84872 by wsalamon at gretsch on 2005/10/05 23:21:29
Move the extern declares of the audit control variables to the
private header file.
Clean up kern_audit.c by removing dead code, renaming the record
free function to be more descriptive, some better comments.
Affected files ...
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_private.h#7 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#3 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#44 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_private.h#7 (text+ko) ====
@@ -42,6 +42,16 @@
#endif
/*
+ * Audit control variables that are usually set/read via system calls
+ * and used to control various aspects of auditing.
+ */
+extern struct au_qctrl audit_qctrl;
+extern struct audit_fstat audit_fstat;
+extern struct au_mask audit_nae_mask;
+extern int audit_panic_on_write_fail;
+extern int audit_fail_stop;
+
+/*
* Success/failure conditions for the conversion of a kernel audit record to
* BSM format.
*/
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#3 (text+ko) ====
@@ -34,13 +34,6 @@
#ifdef AUDIT
-/* XXX replace these externs with accessor functions? */
-extern struct au_qctrl audit_qctrl;
-extern struct audit_fstat audit_fstat;
-extern struct au_mask audit_nae_mask;
-extern int audit_panic_on_write_fail;
-extern int audit_fail_stop;
-
/*
* MPSAFE
*
==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#44 (text+ko) ====
@@ -83,11 +83,38 @@
MALLOC_DEFINE(M_AUDIT, "audit", "Audit event records");
+/*
+ * Audit control settings that are set/read by system calls and are
+ * hence non-static.
+ */
/*
* Define the audit control flags.
*/
-int audit_enabled;
-int audit_suspended;
+int audit_enabled;
+int audit_suspended;
+
+/*
+ * Flags controlling behavior in low storage situations.
+ * Should we panic if a write fails? Should we fail stop
+ * if we're out of disk space?
+ */
+int audit_panic_on_write_fail;
+int audit_fail_stop;
+
+/*
+ * Audit queue control settings (minimum free, low/high water marks, etc.)
+ */
+struct au_qctrl audit_qctrl;
+
+/*
+ * Global audit statistiscs.
+ */
+struct audit_fstat audit_fstat;
+
+/*
+ * Preselection mask for non-attributable events.
+ */
+struct au_mask audit_nae_mask;
/*
* Mutex to protect global variables shared between various threads and
@@ -155,42 +182,21 @@
*/
static struct cv audit_fail_cv;
-/* XXX make a function to access this variable, then make it static */
-struct au_qctrl audit_qctrl;
-
-/*
- * Global audit statistiscs.
- */
-/* XXX make a function to access this variable, then make it static */
-struct audit_fstat audit_fstat;
-
-/*
- Preselection mask for non-attributable events.
- */
-/* XXX make a function to access this variable, then make it static */
-struct au_mask audit_nae_mask;
-
/*
* Flags related to Kernel->user-space communication.
*/
static int audit_file_rotate_wait;
/*
- * Flags controlling behavior in low storage situations.
- * Should we panic if a write fails? Should we fail stop
- * if we're out of disk space? Are we currently "failing
- * stop" due to out of disk space?
+ * Are we currently "failing stop" due to out of disk space?
*/
-/* XXX make a function to access these variables, then make them static */
-int audit_panic_on_write_fail;
-int audit_fail_stop;
static int audit_in_failure;
/*
- * XXXAUDIT: For consistency, perhaps audit_record_free()?
+ * Perform a deep free of an audit record (core record and referenced objects)
*/
static void
-audit_free(struct kaudit_record *ar)
+audit_record_free(struct kaudit_record *ar)
{
if (ar->k_ar.ar_arg_upath1 != NULL) {
@@ -510,7 +516,8 @@
* conditional allocation and queueing. Go back to
* waiting when we're done.
*
- * XXX: We go out of our way to avoid calling audit_free()
+ * XXX: We go out of our way to avoid calling
+ * audit_record_free().
* with the audit_mtx held, to avoid a lock order reversal
* as free() may grab Giant. This should be fixed at
* some point.
@@ -527,7 +534,7 @@
mtx_unlock(&audit_mtx);
while ((ar = TAILQ_FIRST(&ar_worklist))) {
TAILQ_REMOVE(&ar_worklist, ar, k_q);
- audit_free(ar);
+ audit_record_free(ar);
}
mtx_lock(&audit_mtx);
continue;
@@ -540,7 +547,8 @@
* records and perform our own clustering, if the lower
* layers aren't doing it automatically enough.
*
- * XXX: We go out of our way to avoid calling audit_free()
+ * XXX: We go out of our way to avoid calling
+ * audit_record_free()
* with the audit_mtx held, to avoid a lock order reversal
* as free() may grab Giant. This should be fixed at
* some point.
@@ -569,7 +577,7 @@
printf("audit_worker: write error %d\n",
error);
}
- audit_free(ar);
+ audit_record_free(ar);
}
mtx_lock(&audit_mtx);
}
@@ -683,11 +691,6 @@
"audit_worker (flag " "now %d)\n", audit_replacement_flag));
mtx_unlock(&audit_mtx);
- /* XXX Need to figure out how the kernel->userspace file full
- * signalling will take place.
- *
- * XXXAUDIT: This comment may now be obsolete.
- */
audit_file_rotate_wait = 0; /* We can now request another rotation */
}
@@ -793,20 +796,6 @@
/*
* MPSAFE
- * XXXAUDIT: So far, this is unused, and should probably be GC'd.
- */
-void
-audit_abort(struct kaudit_record *ar)
-{
-
- mtx_lock(&audit_mtx);
- audit_pre_q_len--;
- mtx_unlock(&audit_mtx);
- audit_free(ar);
-}
-
-/*
- * MPSAFE
*/
void
audit_commit(struct kaudit_record *ar, int error, int retval)
@@ -863,7 +852,7 @@
mtx_lock(&audit_mtx);
audit_pre_q_len--;
mtx_unlock(&audit_mtx);
- audit_free(ar);
+ audit_record_free(ar);
return;
}
@@ -889,7 +878,7 @@
if (audit_suspended || !audit_enabled) {
audit_pre_q_len--;
mtx_unlock(&audit_mtx);
- audit_free(ar);
+ audit_record_free(ar);
return;
}
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list