PERFORCE change 93588 for review

Sun Mar 19 19:21:11 UTC 2006

http://perforce.freebsd.org/chv.cgi?CH=93588

Change 93588 by rwatson at rwatson_peppercorn on 2006/03/19 19:20:12

	Assert audit mtx in audit_worker_drain().
	
	Break out logic to call audit_record_write() and handle error
	conditions into audit_worker_process_record().  This will be the
	future home of some logic now present in audit_record_write()
	also.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#6 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#6 (text+ko) ====

@@ -376,6 +376,8 @@
 {
 	struct kaudit_record *ar;
 
+	mtx_assert(&audit_mtx, MA_OWNED);
+
 	while ((ar = TAILQ_FIRST(&audit_q))) {
 		TAILQ_REMOVE(&audit_q, ar, k_q);
 		audit_free(ar);
@@ -384,6 +386,31 @@
 }
 
 /*
+ * Given a kernel audit record, process as required.  Currently, that means
+ * passing it to audit_record_write(), but in the future it will mean
+ * converting it to BSM and then routing it to various possible output
+ * streams, including the audit trail and audit pipes.  The caller will free
+ * the record.
+ */
+static void
+audit_worker_process_record(struct vnode *audit_vp, struct ucred *audit_cred,
+    struct thread *audit_td, struct kaudit_record *ar)
+{
+	int error;
+
+	if (audit_vp == NULL)
+		return;
+
+	error = audit_record_write(audit_vp, ar, audit_cred, audit_td);
+	if (error) {
+		if (audit_panic_on_write_fail)
+			panic("audit_worker: write error %d\n", error);
+		else
+			printf("audit_worker: write error %d\n", error);
+	}
+}
+
+/*
  * The audit_worker thread is responsible for watching the event queue,
  * dequeueing records, converting them to BSM format, and committing them to
  * disk.  In order to minimize lock thrashing, records are dequeued in sets
@@ -399,7 +426,7 @@
 	struct ucred *audit_cred;
 	struct thread *audit_td;
 	struct vnode *audit_vp;
-	int error, lowater_signal;
+	int lowater_signal;
 
 	AUDIT_PRINTF(("audit_worker starting\n"));
 
@@ -465,16 +492,8 @@
 		mtx_unlock(&audit_mtx);
 		while ((ar = TAILQ_FIRST(&ar_worklist))) {
 			TAILQ_REMOVE(&ar_worklist, ar, k_q);
-			if (audit_vp != NULL) {
-				error = audit_record_write(audit_vp, ar,
-				    audit_cred, audit_td);
-				if (error && audit_panic_on_write_fail)
-					panic("audit_worker: write error %d\n",
-					    error);
-				else if (error)
-					printf("audit_worker: write error %d\n",
-					    error);
-			}
+			audit_worker_process_record(audit_vp, audit_cred,
+			    audit_td, ar);
 			audit_free(ar);
 		}
 		mtx_lock(&audit_mtx);
