[ARCHIVE DEBUG 01/13] audit_debug: set reserve to same size as backlog

Richard Guy Briggs Thu, 22 Oct 2015 12:02:19 -0700

Debug the unlikely possibility that the audit_backlog_limit reserve is
being overflowed too.  Make the reserve proportional to the backlog
limit.


Signed-off-by: Richard Guy Briggs <r...@redhat.com>
---
 kernel/audit.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index 369cfcc..795d604 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1371,8 +1371,8 @@ struct audit_buffer *audit_log_start(struct audit_context 
*ctx, gfp_t gfp_mask,
        struct audit_buffer     *ab     = NULL;
        struct timespec         t;
        unsigned int            uninitialized_var(serial);
-       int reserve = 5; /* Allow atomic callers to go up to five
-                           entries over the normal backlog limit */
+       /* reserve: Allow atomic callers to go over the normal backlog limit */
+       int reserve = audit_backlog_limit/16;
        unsigned long timeout_start = jiffies;
 
        if (audit_initialized != AUDIT_INITIALIZED)
-- 
1.7.1

--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit

[ARCHIVE DEBUG 01/13] audit_debug: set reserve to same size as backlog

Reply via email to