Paul Moore <[email protected]> wrote: > On Tue, Nov 15, 2016 at 8:16 AM, Florian Westphal <[email protected]> wrote: > > allows better debugging as freeing audit buffers now always honors slub > > debug hooks (e.g. object poisoning) and leak checker can detect the > > free operation. > > > > Removal also results in a small speedup (using > > single rule 'iptables -A INPUT -i lo -j AUDIT --type drop'): > > > > super_netperf 4 -H 127.0.0.1 -l 360 -t UDP_RR -- -R 1 -m 64 > > Before: > > 294953 > > After: > > 298013 > > > > (alloc/free no longer serializes on spinlock, allocator can use percpu > > pool). > > > > Signed-off-by: Florian Westphal <[email protected]> > > --- > > kernel/audit.c | 53 ++++++++--------------------------------------------- > > 1 file changed, 8 insertions(+), 45 deletions(-) > > Sorry for the delay, I was hoping to have some time to play around > with this and offer a more meaningful comment ... I've often wondered > about converting audit_buffer, and audit_context for that matter, over > to their own kmem_cache; have you considered that? Or was this > proposed due to simplicity?
Not sure I understand, you could still convert it on top of this. (Although audit_buffer is just 24 bytes after this patch so it will come from 32byte kmalloc slab). I don't think it makes sense to keep this DIY cache on top of slub cache.
