Re: Possible performance bug
* Steve Grubb (sgrubb(a)redhat.com) wrote:
On Friday 09 September 2005 17:10, Chris Wright wrote:
> How's this one go?
I did the decision at the fork code to avoid pushing vars, doing call, doing
return, and popping the stack. I think we need to start doing that to avoid
overhead.
OK, just don't clutter core code with audit enabled tests.
thanks,
-chris
--
include/linux/audit.h | 10 +++++++++-
kernel/auditsc.c | 8 +-------
2 files changed, 10 insertions(+), 8 deletions(-)
Index: linus-2.6/kernel/auditsc.c
===================================================================
--- linus-2.6.orig/kernel/auditsc.c
+++ linus-2.6/kernel/auditsc.c
@@ -47,9 +47,6 @@
*/
#define AUDIT_DEBUG 0
-/* No syscall auditing will take place unless audit_enabled != 0. */
-extern int audit_enabled;
-
/* AUDIT_NAMES is the number of slots we reserve in the audit_context
* for saving names from getname(). */
#define AUDIT_NAMES 20
@@ -601,14 +598,11 @@ static inline struct audit_context *audi
* if necessary. Doing so turns on system call auditing for the
* specified task. This is called from copy_process, so no lock is
* needed. */
-int audit_alloc(struct task_struct *tsk)
+int do_audit_alloc(struct task_struct *tsk)
{
struct audit_context *context;
enum audit_state state;
- if (likely(!audit_enabled))
- return 0; /* Return if not auditing. */
-
state = audit_filter_task(tsk);
if (likely(state == AUDIT_DISABLED))
return 0;
Index: linus-2.6/include/linux/audit.h
===================================================================
--- linus-2.6.orig/include/linux/audit.h
+++ linus-2.6/include/linux/audit.h
@@ -200,6 +200,8 @@ struct audit_buffer;
struct audit_context;
struct inode;
+extern int audit_enabled;
+
#define AUDITSC_INVALID 0
#define AUDITSC_SUCCESS 1
#define AUDITSC_FAILURE 2
@@ -207,7 +209,13 @@ struct inode;
#ifdef CONFIG_AUDITSYSCALL
/* These are defined in auditsc.c */
/* Public API */
-extern int audit_alloc(struct task_struct *task);
+extern int do_audit_alloc(struct task_struct *task);
+static inline int audit_alloc(struct task_struct *task) {
+ if (likely(!audit_enabled))
+ clear_tsk_thread_flag(task, TIF_SYSCALL_AUDIT);
+ return 0;
+ return do_audit_alloc(task);
+}
extern void audit_free(struct task_struct *task);
extern void audit_syscall_entry(struct task_struct *task, int arch,
int major, unsigned long a0, unsigned long a1,