Wrap sx locking of the audit worker sleep lock in macros, update comments.

MFC after:	2 months
Sponsored by:	Apple, Inc.
This commit is contained in:
Robert Watson 2008-11-10 22:06:24 +00:00
parent 7b874a7b2b
commit b713bf6e3a

@ -1,5 +1,5 @@
/*-
* Copyright (c) 1999-2005 Apple Inc.
* Copyright (c) 1999-2008 Apple Inc.
* Copyright (c) 2006-2008 Robert N. M. Watson
* All rights reserved.
*
@ -78,17 +78,24 @@ static struct proc *audit_thread;
/*
* audit_cred and audit_vp are the stored credential and vnode to use for
* active audit trail. They are protected by audit_worker_sx, which will be
* held across all I/O and all rotation to prevent them from being replaced
* (rotated) while in use. The audit_file_rotate_wait flag is set when the
* kernel has delivered a trigger to auditd to rotate the trail, and is
* cleared when the next rotation takes place. It is also protected by
* audit_worker_sx.
* active audit trail. They are protected by the audit worker lock, which
* will be held across all I/O and all rotation to prevent them from being
* replaced (rotated) while in use. The audit_file_rotate_wait flag is set
* when the kernel has delivered a trigger to auditd to rotate the trail, and
* is cleared when the next rotation takes place. It is also protected by
* the audit worker lock.
*/
static int audit_file_rotate_wait;
static struct sx audit_worker_sx;
static struct ucred *audit_cred;
static struct vnode *audit_vp;
static struct sx audit_worker_lock;
#define AUDIT_WORKER_LOCK_INIT() sx_init(&audit_worker_lock, \
"audit_worker_lock");
#define AUDIT_WORKER_LOCK_ASSERT() sx_assert(&audit_worker_lock, \
SA_XLOCKED)
#define AUDIT_WORKER_LOCK() sx_xlock(&audit_worker_lock)
#define AUDIT_WORKER_UNLOCK() sx_xunlock(&audit_worker_lock)
/*
* Write an audit record to a file, performed as the last stage after both
@ -111,7 +118,7 @@ audit_record_write(struct vnode *vp, struct ucred *cred, void *data,
struct vattr vattr;
long temp;
sx_assert(&audit_worker_sx, SA_LOCKED); /* audit_file_rotate_wait. */
AUDIT_WORKER_LOCK_ASSERT();
if (vp == NULL)
return;
@ -191,7 +198,7 @@ audit_record_write(struct vnode *vp, struct ucred *cred, void *data,
*/
if ((audit_fstat.af_filesz != 0) && (audit_file_rotate_wait == 0) &&
(vattr.va_size >= audit_fstat.af_filesz)) {
sx_assert(&audit_worker_sx, SA_XLOCKED);
AUDIT_WORKER_LOCK_ASSERT();
audit_file_rotate_wait = 1;
(void)audit_send_trigger(AUDIT_TRIGGER_ROTATE_KERNEL);
@ -300,20 +307,20 @@ audit_worker_process_record(struct kaudit_record *ar)
au_event_t event;
au_id_t auid;
int error, sorf;
int trail_locked;
int locked;
/*
* We hold the audit_worker_sx lock over both writes, if there are
* two, so that the two records won't be split across a rotation and
* end up in two different trail files.
* We hold the audit worker lock over both writes, if there are two,
* so that the two records won't be split across a rotation and end
* up in two different trail files.
*/
if (((ar->k_ar_commit & AR_COMMIT_USER) &&
(ar->k_ar_commit & AR_PRESELECT_USER_TRAIL)) ||
(ar->k_ar_commit & AR_PRESELECT_TRAIL)) {
sx_xlock(&audit_worker_sx);
trail_locked = 1;
AUDIT_WORKER_LOCK();
locked = 1;
} else
trail_locked = 0;
locked = 0;
/*
* First, handle the user record, if any: commit to the system trail
@ -321,7 +328,7 @@ audit_worker_process_record(struct kaudit_record *ar)
*/
if ((ar->k_ar_commit & AR_COMMIT_USER) &&
(ar->k_ar_commit & AR_PRESELECT_USER_TRAIL)) {
sx_assert(&audit_worker_sx, SA_XLOCKED);
AUDIT_WORKER_LOCK_ASSERT();
audit_record_write(audit_vp, audit_cred, ar->k_udata,
ar->k_ulen);
}
@ -360,7 +367,7 @@ audit_worker_process_record(struct kaudit_record *ar)
}
if (ar->k_ar_commit & AR_PRESELECT_TRAIL) {
sx_assert(&audit_worker_sx, SA_XLOCKED);
AUDIT_WORKER_LOCK_ASSERT();
audit_record_write(audit_vp, audit_cred, bsm->data, bsm->len);
}
@ -371,8 +378,8 @@ audit_worker_process_record(struct kaudit_record *ar)
kau_free(bsm);
out:
if (trail_locked)
sx_xunlock(&audit_worker_sx);
if (locked)
AUDIT_WORKER_UNLOCK();
}
/*
@ -453,14 +460,14 @@ audit_rotate_vnode(struct ucred *cred, struct vnode *vp)
* Rotate the vnode/cred, and clear the rotate flag so that we will
* send a rotate trigger if the new file fills.
*/
sx_xlock(&audit_worker_sx);
AUDIT_WORKER_LOCK();
old_audit_cred = audit_cred;
old_audit_vp = audit_vp;
audit_cred = cred;
audit_vp = vp;
audit_file_rotate_wait = 0;
audit_enabled = (audit_vp != NULL);
sx_xunlock(&audit_worker_sx);
AUDIT_WORKER_UNLOCK();
/*
* If there was an old vnode/credential, close and free.
@ -479,7 +486,7 @@ audit_worker_init(void)
{
int error;
sx_init(&audit_worker_sx, "audit_worker_sx");
AUDIT_WORKER_LOCK_INIT();
error = kproc_create(audit_worker, NULL, &audit_thread, RFHIGHPID,
0, "audit");
if (error)