Possible performance bug

Hi, I was looking at the case where a user boots up with audit daemon installed. It turns on auditing. This means that all processes that fork will start getting a context built. Then the user decides to do a benchmark and turns the audit system off by auditctl -e 0. The system doesn't really get performance back as if auditing was never turned on. If you look at audit_syscall_exit, there is this check: if (likely(!context)) goto out; Don't all the running processes still have a context? Shouldn't this also have a check that if audit_enabled == 0, that the context is reclaimed and context set to NULL? What reaps the context for these processes. They all still seem to be penalized. -Steve