upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Assert audit mtx in audit_worker_drain().

Browse source 
Break out logic to call audit_record_write() and handle error
conditions into audit_worker_process_record().  This will be the
future home of some logic now present in audit_record_write()
also.

Obtained from:	TrustedBSD Project
This commit is contained in:
Robert Watson 2006-06-05 13:46:55 +00:00
parent b3ae6323f0
commit 62bb2e9199
1 changed files with 30 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
sys/security/audit/audit_worker.c
View file

@ -376,6 +376,8 @@ audit_worker_drain(void)
{
struct kaudit_record *ar;
mtx_assert(&audit_mtx, MA_OWNED);
while ((ar = TAILQ_FIRST(&audit_q))) {
TAILQ_REMOVE(&audit_q, ar, k_q);
audit_free(ar);
@ -383,6 +385,31 @@ audit_worker_drain(void)
}
}
/*
* Given a kernel audit record, process as required. Currently, that means
* passing it to audit_record_write(), but in the future it will mean
* converting it to BSM and then routing it to various possible output
* streams, including the audit trail and audit pipes. The caller will free
* the record.
*/
static void
audit_worker_process_record(struct vnode *audit_vp, struct ucred *audit_cred,
struct thread *audit_td, struct kaudit_record *ar)
{
int error;
if (audit_vp == NULL)
return;
error = audit_record_write(audit_vp, ar, audit_cred, audit_td);
if (error) {
if (audit_panic_on_write_fail)
panic("audit_worker: write error %d\n", error);
else
printf("audit_worker: write error %d\n", error);
}
}
/*
* The audit_worker thread is responsible for watching the event queue,
* dequeueing records, converting them to BSM format, and committing them to
@ -399,7 +426,7 @@ audit_worker(void *arg)
struct ucred *audit_cred;
struct thread *audit_td;
struct vnode *audit_vp;
int error, lowater_signal;
int lowater_signal;
AUDIT_PRINTF(("audit_worker starting\n"));
@ -465,16 +492,8 @@ audit_worker(void *arg)
mtx_unlock(&audit_mtx);
while ((ar = TAILQ_FIRST(&ar_worklist))) {
TAILQ_REMOVE(&ar_worklist, ar, k_q);
if (audit_vp != NULL) {
error = audit_record_write(audit_vp, ar,
audit_cred, audit_td);
if (error && audit_panic_on_write_fail)
panic("audit_worker: write error %d\n",
error);
else if (error)
printf("audit_worker: write error %d\n",
error);
}
audit_worker_process_record(audit_vp, audit_cred,
audit_td, ar);
audit_free(ar);
}
mtx_lock(&audit_mtx);