Commit 07c49417 authored by Eric Paris's avatar Eric Paris Committed by Al Viro

audit: inline checks for not needing to collect aux records

A number of audit hooks make function calls before they determine that
auxilary records do not need to be collected.  Do those checks as static
inlines since the most common case is going to be that records are not
needed and we can skip the function call overhead.
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
parent 56179a6e
...@@ -489,9 +489,9 @@ extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); ...@@ -489,9 +489,9 @@ extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
extern void audit_log_task_context(struct audit_buffer *ab); extern void audit_log_task_context(struct audit_buffer *ab);
extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp); extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode); extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode);
extern int audit_bprm(struct linux_binprm *bprm); extern int __audit_bprm(struct linux_binprm *bprm);
extern void audit_socketcall(int nargs, unsigned long *args); extern void __audit_socketcall(int nargs, unsigned long *args);
extern int audit_sockaddr(int len, void *addr); extern int __audit_sockaddr(int len, void *addr);
extern void __audit_fd_pair(int fd1, int fd2); extern void __audit_fd_pair(int fd1, int fd2);
extern int audit_set_macxattr(const char *name); extern int audit_set_macxattr(const char *name);
extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr); extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr);
...@@ -519,6 +519,23 @@ static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid ...@@ -519,6 +519,23 @@ static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid
if (unlikely(!audit_dummy_context())) if (unlikely(!audit_dummy_context()))
__audit_ipc_set_perm(qbytes, uid, gid, mode); __audit_ipc_set_perm(qbytes, uid, gid, mode);
} }
static inline int audit_bprm(struct linux_binprm *bprm)
{
if (unlikely(!audit_dummy_context()))
return __audit_bprm(bprm);
return 0;
}
static inline void audit_socketcall(int nargs, unsigned long *args)
{
if (unlikely(!audit_dummy_context()))
__audit_socketcall(nargs, args);
}
static inline int audit_sockaddr(int len, void *addr)
{
if (unlikely(!audit_dummy_context()))
return __audit_sockaddr(len, addr);
return 0;
}
static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
{ {
if (unlikely(!audit_dummy_context())) if (unlikely(!audit_dummy_context()))
......
...@@ -2309,14 +2309,11 @@ void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mo ...@@ -2309,14 +2309,11 @@ void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mo
context->ipc.has_perm = 1; context->ipc.has_perm = 1;
} }
int audit_bprm(struct linux_binprm *bprm) int __audit_bprm(struct linux_binprm *bprm)
{ {
struct audit_aux_data_execve *ax; struct audit_aux_data_execve *ax;
struct audit_context *context = current->audit_context; struct audit_context *context = current->audit_context;
if (likely(!audit_enabled || !context || context->dummy))
return 0;
ax = kmalloc(sizeof(*ax), GFP_KERNEL); ax = kmalloc(sizeof(*ax), GFP_KERNEL);
if (!ax) if (!ax)
return -ENOMEM; return -ENOMEM;
...@@ -2337,13 +2334,10 @@ int audit_bprm(struct linux_binprm *bprm) ...@@ -2337,13 +2334,10 @@ int audit_bprm(struct linux_binprm *bprm)
* @args: args array * @args: args array
* *
*/ */
void audit_socketcall(int nargs, unsigned long *args) void __audit_socketcall(int nargs, unsigned long *args)
{ {
struct audit_context *context = current->audit_context; struct audit_context *context = current->audit_context;
if (likely(!context || context->dummy))
return;
context->type = AUDIT_SOCKETCALL; context->type = AUDIT_SOCKETCALL;
context->socketcall.nargs = nargs; context->socketcall.nargs = nargs;
memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long)); memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long));
...@@ -2369,13 +2363,10 @@ void __audit_fd_pair(int fd1, int fd2) ...@@ -2369,13 +2363,10 @@ void __audit_fd_pair(int fd1, int fd2)
* *
* Returns 0 for success or NULL context or < 0 on error. * Returns 0 for success or NULL context or < 0 on error.
*/ */
int audit_sockaddr(int len, void *a) int __audit_sockaddr(int len, void *a)
{ {
struct audit_context *context = current->audit_context; struct audit_context *context = current->audit_context;
if (likely(!context || context->dummy))
return 0;
if (!context->sockaddr) { if (!context->sockaddr) {
void *p = kmalloc(sizeof(struct sockaddr_storage), GFP_KERNEL); void *p = kmalloc(sizeof(struct sockaddr_storage), GFP_KERNEL);
if (!p) if (!p)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment