• Tony Jones's avatar
    audit: acquire creds selectively to reduce atomic op overhead · f5629883
    Tony Jones authored
    Commit c69e8d9c ("CRED: Use RCU to access another task's creds and to
    release a task's own creds") added calls to get_task_cred and put_cred in
    audit_filter_rules.  Profiling with a large number of audit rules active
    on the exit chain shows that we are spending upto 48% in this routine for
    syscall intensive tests, most of which is in the atomic ops.
    
    1. The code should be accessing tsk->cred rather than tsk->real_cred.
    2. Since tsk is current (or tsk is being created by copy_process) access to
    tsk->cred without rcu read lock is possible.  At the request of the audit
    maintainer, a new flag has been added to audit_filter_rules in order to make
    this explicit and guide future code.
    Signed-off-by: default avatarTony Jones <tonyj@suse.de>
    Acked-by: default avatarEric Paris <eparis@redhat.com>
    Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
    f5629883
auditsc.c 66.5 KB