Re: [RFC PATCH 7/7] audit: wake up kauditd_thread after auditd registers
On Thursday, October 22, 2015 02:53:20 PM Richard Guy Briggs wrote:
When auditd is restarted, even though the kauditd_thread is present,
it
remains dormant until the next audit log message is queued.
Wake up the kauditd_thread in the kauditd_wait queue immediately when
auditd registers its availability to drain the queue.
Signed-off-by: Richard Guy Briggs <rgb(a)redhat.com>
---
kernel/audit.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
See my 6/7 comment ... this could/should go in the auditd_register() function.
diff --git a/kernel/audit.c b/kernel/audit.c
index 688fa1e..369cfcc 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -885,6 +885,8 @@ static int audit_receive_msg(struct sk_buff *skb, struct
nlmsghdr *nlh) audit_sock = skb->sk;
if (!audit_pid)
wake_up(&audit_backlog_wait);
+ if (audit_pid)
+ wake_up_interruptible(&kauditd_wait);
}
if (s.mask & AUDIT_STATUS_RATE_LIMIT) {
err = audit_set_rate_limit(s.rate_limit);
--
paul moore
www.paul-moore.com