audit: inline checks for not needing to collect aux records
A number of audit hooks make function calls before they determine that auxilary records do not need to be collected. Do those checks as static inlines since the most common case is going to be that records are not needed and we can skip the function call overhead. Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
Родитель
56179a6ec6
Коммит
07c4941787
|
@ -489,9 +489,9 @@ extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
|
|||
extern void audit_log_task_context(struct audit_buffer *ab);
|
||||
extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
|
||||
extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
|
||||
extern int audit_bprm(struct linux_binprm *bprm);
|
||||
extern void audit_socketcall(int nargs, unsigned long *args);
|
||||
extern int audit_sockaddr(int len, void *addr);
|
||||
extern int __audit_bprm(struct linux_binprm *bprm);
|
||||
extern void __audit_socketcall(int nargs, unsigned long *args);
|
||||
extern int __audit_sockaddr(int len, void *addr);
|
||||
extern void __audit_fd_pair(int fd1, int fd2);
|
||||
extern int audit_set_macxattr(const char *name);
|
||||
extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
|
||||
|
@ -519,6 +519,23 @@ static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid
|
|||
if (unlikely(!audit_dummy_context()))
|
||||
__audit_ipc_set_perm(qbytes, uid, gid, mode);
|
||||
}
|
||||
static inline int audit_bprm(struct linux_binprm *bprm)
|
||||
{
|
||||
if (unlikely(!audit_dummy_context()))
|
||||
return __audit_bprm(bprm);
|
||||
return 0;
|
||||
}
|
||||
static inline void audit_socketcall(int nargs, unsigned long *args)
|
||||
{
|
||||
if (unlikely(!audit_dummy_context()))
|
||||
__audit_socketcall(nargs, args);
|
||||
}
|
||||
static inline int audit_sockaddr(int len, void *addr)
|
||||
{
|
||||
if (unlikely(!audit_dummy_context()))
|
||||
return __audit_sockaddr(len, addr);
|
||||
return 0;
|
||||
}
|
||||
static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
|
||||
{
|
||||
if (unlikely(!audit_dummy_context()))
|
||||
|
|
|
@ -2309,14 +2309,11 @@ void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mo
|
|||
context->ipc.has_perm = 1;
|
||||
}
|
||||
|
||||
int audit_bprm(struct linux_binprm *bprm)
|
||||
int __audit_bprm(struct linux_binprm *bprm)
|
||||
{
|
||||
struct audit_aux_data_execve *ax;
|
||||
struct audit_context *context = current->audit_context;
|
||||
|
||||
if (likely(!audit_enabled || !context || context->dummy))
|
||||
return 0;
|
||||
|
||||
ax = kmalloc(sizeof(*ax), GFP_KERNEL);
|
||||
if (!ax)
|
||||
return -ENOMEM;
|
||||
|
@ -2337,13 +2334,10 @@ int audit_bprm(struct linux_binprm *bprm)
|
|||
* @args: args array
|
||||
*
|
||||
*/
|
||||
void audit_socketcall(int nargs, unsigned long *args)
|
||||
void __audit_socketcall(int nargs, unsigned long *args)
|
||||
{
|
||||
struct audit_context *context = current->audit_context;
|
||||
|
||||
if (likely(!context || context->dummy))
|
||||
return;
|
||||
|
||||
context->type = AUDIT_SOCKETCALL;
|
||||
context->socketcall.nargs = nargs;
|
||||
memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long));
|
||||
|
@ -2369,13 +2363,10 @@ void __audit_fd_pair(int fd1, int fd2)
|
|||
*
|
||||
* Returns 0 for success or NULL context or < 0 on error.
|
||||
*/
|
||||
int audit_sockaddr(int len, void *a)
|
||||
int __audit_sockaddr(int len, void *a)
|
||||
{
|
||||
struct audit_context *context = current->audit_context;
|
||||
|
||||
if (likely(!context || context->dummy))
|
||||
return 0;
|
||||
|
||||
if (!context->sockaddr) {
|
||||
void *p = kmalloc(sizeof(struct sockaddr_storage), GFP_KERNEL);
|
||||
if (!p)
|
||||
|
|
Загрузка…
Ссылка в новой задаче