Re: handling disk full

We are talking about 2 different things: 1) handling disk full 2) suspending the process whenever there are no kernel resources. 1) For handling disk full I am doing the following: Whenever the disk full (or log reached its limit) is detected the auditd sends an AUDIT_SUSPEND message to the kernel. On receipt of this message the kernel will set a flag "disk_full_flag". If this disk_full_flag is set audit_log_start will call audit_suspend to queue the process in a wait queue. Whenever the disk_full_flag is reset all the processes in the wait queue will be rescheduled. 2) For suspending the process whenever there are no kernel resources: I was thinking of using sigsuspend whenever audit_log_lost is called depending on the "failure flag". The failure flag currently can be set ,only, to: do nothing, print a message or panic. I was thinking to add a fourth option to this flag to suspend the processes. sigsuspend puts the process in the TASK_INTERRUPTIBLE state, the process will only wake up when a nonignored, nonblocked signal is sent to it. From the dicussion so far this may not be a good way to go about solving this requirement, specially if the process is holding locks or whatever. I need to either add to this solution or come up with a different one.