diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-06-01 13:53:37 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-06-01 13:53:37 +0000 |
commit | e62312b69263d9a3edcc6deaf63ed19f723df1f4 (patch) | |
tree | 00048fb16cc229bcdb3e6fad3be69927e10d5f60 /sys/security/audit | |
parent | f978918265146648d92dec52ff74fbf46eb3f5f9 (diff) | |
download | FreeBSD-src-e62312b69263d9a3edcc6deaf63ed19f723df1f4.zip FreeBSD-src-e62312b69263d9a3edcc6deaf63ed19f723df1f4.tar.gz |
Remove AUDIT_PRINTF() debugging statements and definition; clean up or
remove associated comments.
Slip audit_file_rotate_wait assignment in audit_rotate_vnode() before
the drop of the global audit mutex.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security/audit')
-rw-r--r-- | sys/security/audit/audit.c | 15 | ||||
-rw-r--r-- | sys/security/audit/audit_private.h | 13 | ||||
-rw-r--r-- | sys/security/audit/audit_worker.c | 37 |
3 files changed, 10 insertions, 55 deletions
diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index 97da0df..8a7e47f 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -427,16 +427,11 @@ audit_commit(struct kaudit_record *ar, int error, int retval) } /* - * Constrain the number of committed audit records based on - * the configurable parameter. + * Constrain the number of committed audit records based on the + * configurable parameter. */ - while (audit_q_len >= audit_qctrl.aq_hiwater) { - AUDIT_PRINTF(("audit_commit: sleeping to wait for " - "audit queue to drain below high water mark\n")); + while (audit_q_len >= audit_qctrl.aq_hiwater) cv_wait(&audit_watermark_cv, &audit_mtx); - AUDIT_PRINTF(("audit_commit: woke up waiting for " - "audit queue draining\n")); - } TAILQ_INSERT_TAIL(&audit_q, ar, k_q); audit_q_len++; @@ -540,11 +535,7 @@ audit_syscall_exit(int error, struct thread *td) retval = td->td_retval[0]; audit_commit(td->td_ar, error, retval); - if (td->td_ar != NULL) - AUDIT_PRINTF(("audit record committed by pid %d\n", - td->td_proc->p_pid)); td->td_ar = NULL; - } /* diff --git a/sys/security/audit/audit_private.h b/sys/security/audit/audit_private.h index 497c4e3..541e5af 100644 --- a/sys/security/audit/audit_private.h +++ b/sys/security/audit/audit_private.h @@ -53,19 +53,6 @@ MALLOC_DECLARE(M_AUDITTEXT); #endif /* - * The AUDIT_EXCESSIVELY_VERBOSE define enables a number of gratuitously - * noisy printf's to the console. Due to the volume, it should be left off - * unless you want your system to churn a lot whenever the audit record flow - * gets high. - */ -//#define AUDIT_EXCESSIVELY_VERBOSE -#ifdef AUDIT_EXCESSIVELY_VERBOSE -#define AUDIT_PRINTF(x) printf x -#else -#define AUDIT_PRINTF(x) -#endif - -/* * Audit control variables that are usually set/read via system calls and * used to control various aspects of auditing. */ diff --git a/sys/security/audit/audit_worker.c b/sys/security/audit/audit_worker.c index 88b1d1b..8f9479e 100644 --- a/sys/security/audit/audit_worker.c +++ b/sys/security/audit/audit_worker.c @@ -324,7 +324,6 @@ audit_worker_rotate(struct ucred **audit_credp, struct vnode **audit_vpp, audit_enabled = (*audit_vpp != NULL); if (old_vp != NULL) { - AUDIT_PRINTF(("Closing old audit file\n")); mtx_unlock(&audit_mtx); vfslocked = VFS_LOCK_GIANT(old_vp->v_mount); vn_close(old_vp, AUDIT_CLOSE_FLAGS, old_cred, @@ -334,10 +333,6 @@ audit_worker_rotate(struct ucred **audit_credp, struct vnode **audit_vpp, mtx_lock(&audit_mtx); old_cred = NULL; old_vp = NULL; - AUDIT_PRINTF(("Audit file closed\n")); - } - if (*audit_vpp != NULL) { - AUDIT_PRINTF(("Opening new audit file\n")); } do_replacement_signal = 1; } @@ -443,8 +438,6 @@ audit_worker(void *arg) struct vnode *audit_vp; int lowater_signal; - AUDIT_PRINTF(("audit_worker starting\n")); - /* * These are thread-local variables requiring no synchronization. */ @@ -460,14 +453,8 @@ audit_worker(void *arg) /* * Wait for record or rotation events. */ - while (!audit_replacement_flag && TAILQ_EMPTY(&audit_q)) { - AUDIT_PRINTF(("audit_worker waiting\n")); + while (!audit_replacement_flag && TAILQ_EMPTY(&audit_q)) cv_wait(&audit_worker_cv, &audit_mtx); - AUDIT_PRINTF(("audit_worker woken up\n")); - AUDIT_PRINTF(("audit_worker: new vp = %p; value of " - "flag %d\n", audit_replacement_vp, - audit_replacement_flag)); - } /* * First priority: replace the audit log target if requested. @@ -530,36 +517,26 @@ audit_rotate_vnode(struct ucred *cred, struct vnode *vp) * until they've finished before continuing. */ mtx_lock(&audit_mtx); - while (audit_replacement_flag != 0) { - AUDIT_PRINTF(("audit_rotate_vnode: sleeping to wait for " - "flag\n")); + while (audit_replacement_flag != 0) cv_wait(&audit_replacement_cv, &audit_mtx); - AUDIT_PRINTF(("audit_rotate_vnode: woken up (flag %d)\n", - audit_replacement_flag)); - } audit_replacement_cred = cred; audit_replacement_flag = 1; audit_replacement_vp = vp; /* - * Wake up the audit worker to perform the exchange once we - * release the mutex. + * Wake up the audit worker to perform the exchange once we release + * the mutex. */ cv_signal(&audit_worker_cv); /* * Wait for the audit_worker to broadcast that a replacement has - * taken place; we know that once this has happened, our vnode - * has been replaced in, so we can return successfully. + * taken place; we know that once this has happened, our vnode has + * been replaced in, so we can return successfully. */ - AUDIT_PRINTF(("audit_rotate_vnode: waiting for news of " - "replacement\n")); cv_wait(&audit_replacement_cv, &audit_mtx); - AUDIT_PRINTF(("audit_rotate_vnode: change acknowledged by " - "audit_worker (flag " "now %d)\n", audit_replacement_flag)); - mtx_unlock(&audit_mtx); - audit_file_rotate_wait = 0; /* We can now request another rotation */ + mtx_unlock(&audit_mtx); } void |