freebsd-nq/sys/security
Robert Watson 22b7bca620 Rework the way errors are handled with respect to how audit records are
written to the audit trail file:

- audit_record_write() now returns void, and all file system specific
  error handling occurs inside this function.  This pushes error handling
  complexity out of the record demux routine that hands off to both the
  trail and audit pipes, and makes trail behavior more consistent with
  pipes as a record destination.

- Rate limit kernel printfs associated with running low on space.  Rate
  limit audit triggers for low space.  Rate limit printfs for fail stop
  events.  Rate limit audit worker write error printfs.

- Document in detail the types of limits and space checks we perform, and
  combine common cases.

This improves the audit subsystems tolerance to low space conditions by
avoiding toasting the console with printfs are waking up the audit daemon
continuously.

MFC after:	3 days
Obtained from:	TrustedBSD Project
2006-09-24 13:35:58 +00:00
..
audit Rework the way errors are handled with respect to how audit records are 2006-09-24 13:35:58 +00:00
mac Remove MAC_DEBUG label counters, which were used to debug leaks and 2006-09-20 13:33:41 +00:00
mac_biba Introduce a new entry point, mac_create_mbuf_from_firewall. This entry point 2006-09-12 04:25:13 +00:00
mac_bsdextended Add some new options to mac_bsdestended. We can now match on: 2006-04-23 17:06:18 +00:00
mac_ifoff
mac_lomac Introduce a new entry point, mac_create_mbuf_from_firewall. This entry point 2006-09-12 04:25:13 +00:00
mac_mls Introduce a new entry point, mac_create_mbuf_from_firewall. This entry point 2006-09-12 04:25:13 +00:00
mac_none
mac_partition
mac_portacl
mac_seeotheruids
mac_stub
mac_test