diff options
author | rwatson <rwatson@FreeBSD.org> | 2006-06-05 13:46:55 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2006-06-05 13:46:55 +0000 |
commit | 03ff784a40dec8c8d8b361cd3391f330e9293a61 (patch) | |
tree | 151e1d8fe31fead699b5e85a40f5372214e168c6 /sys/security | |
parent | 9c450e4c0276184d2ffa296c1b728fe3ef2ddc3b (diff) | |
download | FreeBSD-src-03ff784a40dec8c8d8b361cd3391f330e9293a61.zip FreeBSD-src-03ff784a40dec8c8d8b361cd3391f330e9293a61.tar.gz |
Assert audit mtx in audit_worker_drain().
Break out logic to call audit_record_write() and handle error
conditions into audit_worker_process_record(). This will be the
future home of some logic now present in audit_record_write()
also.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security')
-rw-r--r-- | sys/security/audit/audit_worker.c | 41 |
1 files changed, 30 insertions, 11 deletions
diff --git a/sys/security/audit/audit_worker.c b/sys/security/audit/audit_worker.c index 8e34748..d9cbdbf 100644 --- a/sys/security/audit/audit_worker.c +++ b/sys/security/audit/audit_worker.c @@ -376,6 +376,8 @@ audit_worker_drain(void) { struct kaudit_record *ar; + mtx_assert(&audit_mtx, MA_OWNED); + while ((ar = TAILQ_FIRST(&audit_q))) { TAILQ_REMOVE(&audit_q, ar, k_q); audit_free(ar); @@ -384,6 +386,31 @@ audit_worker_drain(void) } /* + * Given a kernel audit record, process as required. Currently, that means + * passing it to audit_record_write(), but in the future it will mean + * converting it to BSM and then routing it to various possible output + * streams, including the audit trail and audit pipes. The caller will free + * the record. + */ +static void +audit_worker_process_record(struct vnode *audit_vp, struct ucred *audit_cred, + struct thread *audit_td, struct kaudit_record *ar) +{ + int error; + + if (audit_vp == NULL) + return; + + error = audit_record_write(audit_vp, ar, audit_cred, audit_td); + if (error) { + if (audit_panic_on_write_fail) + panic("audit_worker: write error %d\n", error); + else + printf("audit_worker: write error %d\n", error); + } +} + +/* * The audit_worker thread is responsible for watching the event queue, * dequeueing records, converting them to BSM format, and committing them to * disk. In order to minimize lock thrashing, records are dequeued in sets @@ -399,7 +426,7 @@ audit_worker(void *arg) struct ucred *audit_cred; struct thread *audit_td; struct vnode *audit_vp; - int error, lowater_signal; + int lowater_signal; AUDIT_PRINTF(("audit_worker starting\n")); @@ -465,16 +492,8 @@ audit_worker(void *arg) mtx_unlock(&audit_mtx); while ((ar = TAILQ_FIRST(&ar_worklist))) { TAILQ_REMOVE(&ar_worklist, ar, k_q); - if (audit_vp != NULL) { - error = audit_record_write(audit_vp, ar, - audit_cred, audit_td); - if (error && audit_panic_on_write_fail) - panic("audit_worker: write error %d\n", - error); - else if (error) - printf("audit_worker: write error %d\n", - error); - } + audit_worker_process_record(audit_vp, audit_cred, + audit_td, ar); audit_free(ar); } mtx_lock(&audit_mtx); |