diff options
| author | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-08-17 09:49:57 -0400 |
|---|---|---|
| committer | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-08-17 09:49:57 -0400 |
| commit | c3896495942392f1a792da1cafba7a573cbf6fc2 (patch) | |
| tree | 1a042845b7a57118b1eb993b6dacdfe9cca7d440 /kernel | |
| parent | 413a1c7520ad6207c9122a749983c500f29e3e32 (diff) | |
AUDIT: Speed up audit_filter_syscall() for the non-auditable case.
It was showing up fairly high on profiles even when no rules were set.
Make sure the common path stays as fast as possible.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/auditsc.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index a73176eaa57d..818ef9fdab3c 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -513,20 +513,23 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk, | |||
| 513 | struct list_head *list) | 513 | struct list_head *list) |
| 514 | { | 514 | { |
| 515 | struct audit_entry *e; | 515 | struct audit_entry *e; |
| 516 | enum audit_state state; | 516 | enum audit_state state; |
| 517 | int word = AUDIT_WORD(ctx->major); | ||
| 518 | int bit = AUDIT_BIT(ctx->major); | ||
| 519 | 517 | ||
| 520 | if (audit_pid && tsk->tgid == audit_pid) | 518 | if (audit_pid && tsk->tgid == audit_pid) |
| 521 | return AUDIT_DISABLED; | 519 | return AUDIT_DISABLED; |
| 522 | 520 | ||
| 523 | rcu_read_lock(); | 521 | rcu_read_lock(); |
| 524 | list_for_each_entry_rcu(e, list, list) { | 522 | if (!list_empty(list)) { |
| 525 | if ((e->rule.mask[word] & bit) == bit | 523 | int word = AUDIT_WORD(ctx->major); |
| 526 | && audit_filter_rules(tsk, &e->rule, ctx, &state)) { | 524 | int bit = AUDIT_BIT(ctx->major); |
| 527 | rcu_read_unlock(); | 525 | |
| 528 | return state; | 526 | list_for_each_entry_rcu(e, list, list) { |
| 529 | } | 527 | if ((e->rule.mask[word] & bit) == bit |
| 528 | && audit_filter_rules(tsk, &e->rule, ctx, &state)) { | ||
| 529 | rcu_read_unlock(); | ||
| 530 | return state; | ||
| 531 | } | ||
| 532 | } | ||
| 530 | } | 533 | } |
| 531 | rcu_read_unlock(); | 534 | rcu_read_unlock(); |
| 532 | return AUDIT_BUILD_CONTEXT; | 535 | return AUDIT_BUILD_CONTEXT; |
| @@ -1023,7 +1026,6 @@ void audit_syscall_exit(struct task_struct *tsk, int valid, long return_code) | |||
| 1023 | } else { | 1026 | } else { |
| 1024 | audit_free_names(context); | 1027 | audit_free_names(context); |
| 1025 | audit_free_aux(context); | 1028 | audit_free_aux(context); |
| 1026 | audit_zero_context(context, context->state); | ||
| 1027 | tsk->audit_context = context; | 1029 | tsk->audit_context = context; |
| 1028 | } | 1030 | } |
| 1029 | out: | 1031 | out: |