git: 533f1a4d6b6e - stable/14 - audit: move the wait from the queue length from the commit to alloc

Tue, 24 Jun 2025 17:51:09 -0700 

The branch stable/14 has been updated by kib:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=533f1a4d6b6ef0ba575d99b16a45b96fb5e91e59

commit 533f1a4d6b6ef0ba575d99b16a45b96fb5e91e59
Author:     Konstantin Belousov <k...@freebsd.org>
AuthorDate: 2025-06-16 16:01:12 +0000
Commit:     Konstantin Belousov <k...@freebsd.org>
CommitDate: 2025-06-24 01:15:06 +0000

    audit: move the wait from the queue length from the commit to alloc
    
    PR:     287566
    
    (cherry picked from commit 0452f5f7b37af81dba3953c7127385fe6f307790)
---
 sys/security/audit/audit.c | 27 +++++++++++----------------
 1 file changed, 11 insertions(+), 16 deletions(-)

diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c
index 6f935ede5371..21d950ede416 100644
--- a/sys/security/audit/audit.c
+++ b/sys/security/audit/audit.c
@@ -412,15 +412,22 @@ currecord(void)
        return (curthread->td_ar);
 }
 
-/*
- * XXXAUDIT: Shouldn't there be logic here to sleep waiting on available
- * pre_q space, suspending the system call until there is room?
- */
 struct kaudit_record *
 audit_new(int event, struct thread *td)
 {
        struct kaudit_record *ar;
 
+       mtx_lock(&audit_mtx);
+       audit_pre_q_len++;
+
+       /*
+        * Constrain the number of committed audit records based on
+        * the configurable parameter.
+        */
+       while (audit_q_len >= audit_qctrl.aq_hiwater)
+               cv_wait(&audit_watermark_cv, &audit_mtx);
+       mtx_unlock(&audit_mtx);
+
        /*
         * Note: the number of outstanding uncommitted audit records is
         * limited to the number of concurrent threads servicing system calls
@@ -428,11 +435,6 @@ audit_new(int event, struct thread *td)
         */
        ar = uma_zalloc_arg(audit_record_zone, td, M_WAITOK);
        ar->k_ar.ar_event = event;
-
-       mtx_lock(&audit_mtx);
-       audit_pre_q_len++;
-       mtx_unlock(&audit_mtx);
-
        return (ar);
 }
 
@@ -566,13 +568,6 @@ audit_commit(struct kaudit_record *ar, int error, int 
retval)
                return;
        }
 
-       /*
-        * Constrain the number of committed audit records based on the
-        * configurable parameter.
-        */
-       while (audit_q_len >= audit_qctrl.aq_hiwater)
-               cv_wait(&audit_watermark_cv, &audit_mtx);
-
        TAILQ_INSERT_TAIL(&audit_q, ar, k_q);
        audit_q_len++;
        audit_pre_q_len--;

Reply via email to