From owner-p4-projects@FreeBSD.ORG  Fri Aug  1 02:46:26 2008
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 429061065673; Fri,  1 Aug 2008 02:46:26 +0000 (UTC)
Delivered-To: perforce@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E2D551065675
	for <perforce@FreeBSD.org>; Fri,  1 Aug 2008 02:46:25 +0000 (UTC)
	(envelope-from diego@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id D06D38FC1B
	for <perforce@FreeBSD.org>; Fri,  1 Aug 2008 02:46:25 +0000 (UTC)
	(envelope-from diego@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m712kPwW003307
	for <perforce@FreeBSD.org>; Fri, 1 Aug 2008 02:46:25 GMT
	(envelope-from diego@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m712kPqk003305
	for perforce@freebsd.org; Fri, 1 Aug 2008 02:46:25 GMT
	(envelope-from diego@FreeBSD.org)
Date: Fri, 1 Aug 2008 02:46:25 GMT
Message-Id: <200808010246.m712kPqk003305@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	diego@FreeBSD.org using -f
From: Diego Giagio <diego@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Cc: 
Subject: PERFORCE change 146360 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Aug 2008 02:46:26 -0000

http://perforce.freebsd.org/chv.cgi?CH=146360

Change 146360 by diego@diego_black on 2008/08/01 02:45:34

	Use a queue of records instead of a single record. That would let us:
	- Pre-allocate records outside without locks held.
	- Make it possible to have more than one record being constructed by
	  a given thread.

Affected files ...

.. //depot/projects/soc2008/diego-audit/src/sys/security/audit/audit.c#5 edit
.. //depot/projects/soc2008/diego-audit/src/sys/sys/proc.h#5 edit

Differences ...

==== //depot/projects/soc2008/diego-audit/src/sys/security/audit/audit.c#5 (text) ====

@@ -73,10 +73,10 @@
 #include <vm/uma.h>
 
 static uma_zone_t	audit_record_zone;
-static MALLOC_DEFINE(M_AUDITCRED, "audit_cred", "Audit cred storage");
 MALLOC_DEFINE(M_AUDITDATA, "audit_data", "Audit data storage");
 MALLOC_DEFINE(M_AUDITPATH, "audit_path", "Audit path storage");
 MALLOC_DEFINE(M_AUDITTEXT, "audit_text", "Audit text storage");
+MALLOC_DEFINE(M_AUDITRECQ, "audit_recq", "Audit record queue storage");
 
 SYSCTL_NODE(_security, OID_AUTO, audit, CTLFLAG_RW, 0,
     "TrustedBSD audit controls");
@@ -483,6 +483,30 @@
 	mtx_unlock(&audit_mtx);
 }
 
+static void
+audit_enter(struct thread *td)
+{
+	/*
+	 * Check if there's already a record being constructed. If true, move 
+	 * it temporarily into our record queue. currecord() will now point to
+	 * the new record.
+	 */
+	if (td->td_ar != NULL)
+		TAILQ_INSERT_TAIL(td->td_arq, td->td_ar, k_q);
+}
+
+static void
+audit_exit(struct thread *td)
+{
+	/*
+	 * If there were a previous record begin constructed, return it to
+	 * currecord() and remove it from record queue.
+	 */
+	td->td_ar = TAILQ_LAST(td->td_arq, kaudit_queue);
+	if (td->td_ar != NULL)
+		TAILQ_REMOVE(td->td_arq, td->td_ar, k_q);
+}
+
 /*
  * audit_syscall_enter() is called on entry to each system call.  It is
  * responsible for deciding whether or not to audit the call (preselection),
@@ -494,8 +518,6 @@
 {
 	au_event_t event;
 
-	KASSERT(td->td_ar == NULL, ("audit_syscall_enter: td->td_ar != NULL"));
-
 	/*
 	 * In FreeBSD, each ABI has its own system call table, and hence
 	 * mapping of system call codes to audit events.  Convert the code to
@@ -511,6 +533,7 @@
 	if (event == AUE_NULL)
 		return;
 
+	audit_enter(td);
 	td->td_ar = audit_begin(event, td);
 }
 
@@ -537,7 +560,7 @@
 		retval = td->td_retval[0];
 
 	audit_commit(td->td_ar, error, retval);
-	td->td_ar = NULL;
+	audit_exit(td);
 }
 
 void
@@ -585,6 +608,8 @@
 {
 
 	td->td_ar = NULL;
+	td->td_arq = malloc(sizeof(struct kaudit_queue), M_AUDITRECQ, M_WAITOK);
+	TAILQ_INIT(td->td_arq);
 }
 
 void
@@ -592,6 +617,9 @@
 {
 
 	KASSERT(td->td_ar == NULL, ("audit_thread_free: td_ar != NULL"));
+	KASSERT(TAILQ_EMPTY(td->td_arq),
+	    ("audit_thread_free: td_arq not empty"));
+	free(td->td_arq, M_AUDITRECQ);
 }
 
 void

==== //depot/projects/soc2008/diego-audit/src/sys/sys/proc.h#5 (text+ko) ====

@@ -153,6 +153,7 @@
  * for write access.
  */
 struct kaudit_record;
+struct kaudit_queue;
 struct td_sched;
 struct nlminfo;
 struct kaioinfo;
@@ -269,6 +270,7 @@
 	struct mdthread td_md;		/* (k) Any machine-dependent fields. */
 	struct td_sched	*td_sched;	/* (*) Scheduler-specific data. */
 	struct kaudit_record	*td_ar;	/* (k) Active audit record, if any. */
+	struct kaudit_queue	*td_arq; /* (k) Queue of audit records. */
 	int		td_syscalls;	/* per-thread syscall count (used by NFS :)) */
 	struct lpohead	td_lprof[2];	/* (a) lock profiling objects. */
 	struct kdtrace_thread	*td_dtrace; /* (*) DTrace-specific data. */