[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH] (#6) filesystem auditing



On Friday 18 March 2005 03:54 pm, Serge Hallyn wrote:
<snip>
>
> It looks like we could pare it down to
>
> struct audit_data {
> 	struct audit_wentry *wentry;
> 	struct hlist_head *watchlist;
> 	rwlock_t watchlist_lock;
> };

How about, we make it:

struct audit_data {
	struct audit_wentry *wentry;
	struct hlist_head *watchlist;
}

struct audit_wentry {
	struct hlist_node		w_list;
	atomic_t			w_count;
        struct audit_watch      *w_watch;
        unsigned int		w_valid;
	spinlock_t			w_lock;			
};

I can protect the watchlist with RCU.  And then perhaps the w_lock will be 
used as a writer lock for any updates to w_valid (nothing else will ever be 
updated other the atomic count).

I have to go.  I'll talk more about this hopefully this weekend.  Perhaps come 
up with something as well.

> With spinlock debugging and preemption off, we're down to just three
> longs per inode, so I guess it's not so bad.
>
> Perhaps we could also use rcu to protect the watchlist, using the i_sem
> to guard against racing writers?
>
> -serge

-- 
-tim


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]