Re: [PATCH v2 2/5] audit: account backlog waiting time in audit_receive()

From: Paul Moore
Date: Fri May 19 2023 - 16:54:47 EST

Next message: Paul Moore: "Re: [PATCH v2 3/5] audit: convert DECLARE_WAITQUEUE to DEFINE_WAIT"
Previous message: Paul Moore: "Re: [PATCH v2 1/5] audit: refactor queue full checks"
Next in thread: Eiichi Tsukata: "Re: [PATCH v2 2/5] audit: account backlog waiting time in audit_receive()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On May 11, 2023 Eiichi Tsukata <eiichi.tsukata@xxxxxxxxxxx> wrote:
>
> Currently backlog waiting time in audit_receive() is not accounted as
> audit_backlog_wait_time_actual. Accounts it as well.
>
> Signed-off-by: Eiichi Tsukata <eiichi.tsukata@xxxxxxxxxxx>
> ---
> kernel/audit.c | 44 ++++++++++++++++++++++++++------------------
> 1 file changed, 26 insertions(+), 18 deletions(-)

The audit_receive() wait is different from that in audit_log_start()
as processes calling into audit_receive() are performing an explicit
audit operation whereas those processes calling audit_log_start() are
likely doing something else, e.g. opening a file, that happens to
result in an audit record being generated. The fact that the
audit_receive() accounting logic, as well as the timeout calculation
used, is different from audit_log_start() is intentional.

--
paul-moore.com

Next message: Paul Moore: "Re: [PATCH v2 3/5] audit: convert DECLARE_WAITQUEUE to DEFINE_WAIT"
Previous message: Paul Moore: "Re: [PATCH v2 1/5] audit: refactor queue full checks"
Next in thread: Eiichi Tsukata: "Re: [PATCH v2 2/5] audit: account backlog waiting time in audit_receive()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]