Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp6911417rwr; Wed, 10 May 2023 00:46:47 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ75WqzAXYOzl0YArVFl/bK2MUOCL36L2MLkry2MsEaxNsDMuYI9QZxu01DTmgYJsTdVgxdn X-Received: by 2002:a17:90a:604b:b0:24d:e3dc:4b10 with SMTP id h11-20020a17090a604b00b0024de3dc4b10mr16651949pjm.23.1683704807731; Wed, 10 May 2023 00:46:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683704807; cv=none; d=google.com; s=arc-20160816; b=HDKvgz2bnGUXmwqx/L5IiHqOeNCt9A6zLPUB+6r3uwIDfquVy6PUKEvbMrdaphszx6 lHCZuPoC1rBTqRJil+eafWKC6bbzqdnDydxB7Vs8Yy4lBmr8JGdrw51H0D9ppC4Lqrhi rnlOC7LzDL7KKJIOlq80cIztpVgP4CgA5GuEv73mif252/rIHoUSGjr+S4Xtx7rEGFuL epag6DvnFESoDplUNZkDjXBmYmccUu7bY5aoYnXOVPQCelir4KLgvhCJrEGwiz5LyAfy MV0S60Rx2DhBdBMucJQY/+Xr6R2jRVghIV5apkOEvnM3Th39wnQFlza3FYCtd+I8/9y/ mf4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=TYmd4jZ4uKJYBWkoRF0QajqwynVbLsLUJz+V+LkFPUQ=; b=L7+/ZJK3EkSEPKPoYQJUcPtJlwdXxSvNRZ9Ky3grQFSEH02W0+h6tiMvdP3QMDUh20 qGLwBtuG3rpG1vdHWCC+ZF4+2rAsWcLMd+TvVvH2Eqbj5c3xiEo93qbcdfl8WjEAkpaV eO7i0Pp3y7uXTUo/jAaLFDqRzOEagCJFAdstO8MoXE82lrpusr8snlY0iJrmBfdrLc+Y FIdPD6lwF9xFOtuYpb+eg1NWpYF0Ir9jAjDpMbmevJ6QAYWdRjwagXq4Tb43QfRsDB/8 KGn7JR/bbLheqWK8p9l0BIwAFYn75gqWc0+b1Gi72sGY/CpTUbaRk+32TX3qRwRa9O5T P0OA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b="Th/zxDOb"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bk12-20020a17090b080c00b002475b063d35si16779504pjb.142.2023.05.10.00.46.36; Wed, 10 May 2023 00:46:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b="Th/zxDOb"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235606AbjEJH2h (ORCPT + 99 others); Wed, 10 May 2023 03:28:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52256 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235734AbjEJH2f (ORCPT ); Wed, 10 May 2023 03:28:35 -0400 Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3E9576AC; Wed, 10 May 2023 00:28:18 -0700 (PDT) Received: by mail-lj1-x233.google.com with SMTP id 38308e7fff4ca-2ac7462d9f1so75710701fa.2; Wed, 10 May 2023 00:28:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1683703697; x=1686295697; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=TYmd4jZ4uKJYBWkoRF0QajqwynVbLsLUJz+V+LkFPUQ=; b=Th/zxDObwpYwY9d+oBj/zxhDQlG7F4CuBi2drJgZzj1032Bzab1bAUgXzQHvetrN+H l5VVuw9Y2+OuBIxP2x0wuywFldZXvp9PeQb9kIzcEOe66tzF4XTyd8dDzDK5fL2mUE5v gFeXj5U6t/1wf6uHGEDfXFgHNBjh3HRpyuTnQbFw5BHTYt+CsmEmFDeH7CHNlJqNb5OE GHSaP9pjLcFn1VJHG0dxTZBxUFSP8ecmomta6ZOBJsph3OtZ1WpCUwjt8LDX45IGUZlm K8umv5ZoeE3AZyjCibBwiJ2K+HUwX2BCwRFdQNgGtdjM5DlyDH1pbsV5YOsp+//EprVz +oMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683703697; x=1686295697; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=TYmd4jZ4uKJYBWkoRF0QajqwynVbLsLUJz+V+LkFPUQ=; b=EoZQ1Kw1CGkW4hdPAMgO2HL39A8KPi05QSvsR2a0uqLpSGlSVjX6tZMvzBY3RBRTHN iRGnbQLM1/fn1ENsXTA3tOiWYZ4NDXKTrK5d3C8S6/wBoJ//O27nbB3dciYPS9EBc7MB rJ9CPWKXZKl5FBmwgyfRd2D+004qkBoGQeSJ8VOCMi7tn8RLWkBt/Z1/Sr/utJNWdGsQ pZNudgU4MjNi99svUMEAlTM927ULJR221WbZ8G5SlTNsmzQbWjbzBFvdXuanYB/r2+jp 6BY8a9BVemcQFTUkTMuPx8gh67srmNka8kbsTDMqsFmuczXH2N2zlkcgQD4T4HzlYSx1 nIgw== X-Gm-Message-State: AC+VfDwZHqwb87fDaw3+UDZ70KsPD2TWty88GeKMZA948aIbdzNn+MeN 89fBSZFI6uwtlCOJW67uC1/UqmoL1oNsuQ3W X-Received: by 2002:a2e:910d:0:b0:2ac:6858:45ba with SMTP id m13-20020a2e910d000000b002ac685845bamr1672370ljg.48.1683703696886; Wed, 10 May 2023 00:28:16 -0700 (PDT) Received: from [192.168.0.31] ([94.242.171.95]) by smtp.gmail.com with ESMTPSA id l29-20020ac2555d000000b004f25c1e2cf5sm464267lfk.173.2023.05.10.00.28.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 10 May 2023 00:28:16 -0700 (PDT) Message-ID: Date: Wed, 10 May 2023 10:28:15 +0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: [PATCH 1/4] audit: refactor queue full checks Content-Language: en-US, ru-RU To: Eiichi Tsukata Cc: Paul Moore , "eparis@redhat.com" , "linux-kernel@vger.kernel.org" , "audit@vger.kernel.org" References: <20230508075812.76077-1-eiichi.tsukata@nutanix.com> <20230508075812.76077-2-eiichi.tsukata@nutanix.com> <527bf278-48a3-1b43-a23f-dd4cbb92ef19@gmail.com> <53C78149-AE5B-4554-B08C-AEBBEBA1EA95@nutanix.com> From: Rinat Gadelshin In-Reply-To: <53C78149-AE5B-4554-B08C-AEBBEBA1EA95@nutanix.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10.05.2023 10:17, Eiichi Tsukata wrote: > >> On May 10, 2023, at 15:54, Rinat Gadelshin wrote: >> >> Hi Eiichi! >> >> Just one one for your patch. >> >> On 08.05.2023 10:58, Eiichi Tsukata wrote: >>> Currently audit queue full checks are done in multiple places. >>> Consolidate them into one audit_queue_full(). >>> >>> Signed-off-by: Eiichi Tsukata >>> --- >>> kernel/audit.c | 21 +++++++++++---------- >>> 1 file changed, 11 insertions(+), 10 deletions(-) >>> >>> diff --git a/kernel/audit.c b/kernel/audit.c >>> index 9bc0b0301198..c15694e1a76b 100644 >>> --- a/kernel/audit.c >>> +++ b/kernel/audit.c >>> @@ -341,6 +341,12 @@ static inline int audit_rate_check(void) >>> return retval; >>> } >>> +static inline int audit_queue_full(const struct sk_buff_head *queue) >>> +{ >>> + return audit_backlog_limit && >>> + (skb_queue_len(queue) > audit_backlog_limit); >> It seems that we should use `>=` here. > Hi Rinat > > Could you provide the detailed reason? > > Currently queue full checks are done with ‘>’, > on the other hand queue NOT full checks are done with ‘<‘. > > Looking into other similar checks in the kernel, unix_recvq_full() is using ‘>’. Was (OR statement): `if (!audit_backlog_limit || skb_queue_len(&audit_retry_queue) < audit_backlog_limit) For AND-statement it should be `if (audit_backlog_limit && (skb_queue_len(&audit_retry_queue) >= audit_backlog_limit)) Otherwise we get false for case `(skb_queue_len(&audit_retry_queue) == audit_backlog_limit)` which was true for the old implementation. > > Paul, how do you think about it? > > Eiichi > >